diff options
author | Andrey Andreev <narf@bofh.bg> | 2012-06-16 02:34:10 +0200 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2012-06-16 02:34:10 +0200 |
commit | 498c1e027e67dfd8108e0e255ff18fb914742b63 (patch) | |
tree | b0f33cb1f614cf26960947fa9e0db1039a027eb1 | |
parent | d24160cc4348c32c0c1ec7350e2e2dada2c9291a (diff) |
Added an escape parameter to where_in(), or_where_in(), where_not_in(), or_where_not_in() and made where(), or_where() to default the escape setting to the value of _protect_identifiers
-rw-r--r-- | system/database/DB_query_builder.php | 26 | ||||
-rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 5 | ||||
-rw-r--r-- | user_guide_src/source/changelog.rst | 3 |
3 files changed, 16 insertions, 18 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 5eb6bbb4e..85dd77da9 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -405,7 +405,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function where($key, $value = NULL, $escape = TRUE) + public function where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'AND ', $escape); } @@ -423,7 +423,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_where($key, $value = NULL, $escape = TRUE) + public function or_where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'OR ', $escape); } @@ -504,9 +504,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_in($key = NULL, $values = NULL) + public function where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values); + return $this->_where_in($key, $values, FALSE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -521,9 +521,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_in($key = NULL, $values = NULL) + public function or_where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, FALSE, 'OR '); + return $this->_where_in($key, $values, FALSE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -538,9 +538,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_not_in($key = NULL, $values = NULL) + public function where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE); + return $this->_where_in($key, $values, TRUE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -555,9 +555,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_not_in($key = NULL, $values = NULL) + public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE, 'OR '); + return $this->_where_in($key, $values, TRUE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -573,7 +573,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @return object */ - protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ') + protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL) { if ($key === NULL OR $values === NULL) { @@ -587,6 +587,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $values = array($values); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $not = ($not) ? ' NOT' : ''; foreach ($values as $value) @@ -595,7 +597,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } $prefix = (count($this->qb_where) === 0) ? '' : $type; - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index ad9ac9000..3d25b25ee 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -606,10 +606,7 @@ class CI_DB_postgre_driver extends CI_DB { } // If the escape value was not set will will base it on the global setting - if ( ! is_bool($escape)) - { - $escape = $this->_protect_identifiers; - } + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 8e0ac10f0..b3c2e7086 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -74,8 +74,7 @@ Release Date: Not Released - Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern. - Added the ability to insert objects with insert_batch(). - Added new methods that return the SQL string of queries without executing them: get_compiled_select(), get_compiled_insert(), get_compiled_update(), get_compiled_delete(). - - Added an optional order_by() parameter that allows to disable escaping (useful for custom fields). - - Added an optional join() parameter that allows to disable escaping. + - Added an optional parameter that allows to disable escaping (useful for custom fields) for methods join(), order_by(), where_in(), or_where_in(), where_not_in(), or_where_not_in(). - Added support for join() with multiple conditions. - Improved support for the MySQLi driver, including: - OOP style of the PHP extension is now used, instead of the procedural aliases. |