Escapes a database name string.
Force all database names to be strictly alphanumeric-plus-underscore. For some database drivers, it may also wrap the database name in database-specific escape characters.
string The sanitized database name string.
public function escapeDatabase($database) {
return preg_replace('/[^A-Za-z0-9_.]+/', '', $database);
}