Escapes a table name string.
Force all table names to be strictly alphanumeric-plus-underscore. For some database drivers, it may also wrap the table name in database-specific escape characters.
The sanitized table name string.
public function escapeTable($table) {
return preg_replace('/[^A-Za-z0-9_.]+/', '', $table);
}