diff options
author | Taufan Aditya <toopay@taufanaditya.com> | 2012-05-25 02:03:04 +0200 |
---|---|---|
committer | Taufan Aditya <toopay@taufanaditya.com> | 2012-05-25 02:03:04 +0200 |
commit | 64ccbd75b6725abc4770e0911a2af0f8d5bf7e6d (patch) | |
tree | aab3d8c90b9d8ec858ad457d54c96e3b59e3a69b | |
parent | 502942bd94fef292970df331b15652ef6e1385e7 (diff) | |
parent | f33e2ff30b0a9c54d6e8adbe88662838b9bd525e (diff) |
Explicitely testing escape_like_str API
-rw-r--r-- | system/database/DB_utility.php | 4 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_driver.php | 6 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 6 | ||||
-rw-r--r-- | system/database/drivers/pdo/pdo_driver.php | 6 | ||||
-rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 41 | ||||
-rw-r--r-- | tests/codeigniter/database/DB_driver_test.php | 4 | ||||
-rw-r--r-- | tests/codeigniter/database/DB_test.php | 4 | ||||
-rw-r--r-- | tests/codeigniter/database/query_builder/escape_test.php | 5 | ||||
-rw-r--r-- | user_guide_src/source/changelog.rst | 4 |
9 files changed, 62 insertions, 18 deletions
diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php index 587dfdc01..cb97ff448 100644 --- a/system/database/DB_utility.php +++ b/system/database/DB_utility.php @@ -212,7 +212,7 @@ abstract class CI_DB_utility extends CI_DB_forge { $out = rtrim($out).$newline; // Next blast through the result array and build out the rows - foreach ($query->result_array() as $row) + while ($row = $query->unbuffered_row('array')) { foreach ($row as $item) { @@ -258,7 +258,7 @@ abstract class CI_DB_utility extends CI_DB_forge { // Generate the result $xml = '<'.$root.'>'.$newline; - foreach ($query->result_array() as $row) + while ($row = $query->unbuffered_row()) { $xml .= $tab.'<'.$element.'>'.$newline; foreach ($row as $key => $val) diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 161f99541..d801a9aaf 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -47,7 +47,7 @@ class CI_DB_mysql_driver extends CI_DB { // clause and character used for LIKE escape sequences - not used in MySQL protected $_like_escape_str = ''; - protected $_like_escape_chr = ''; + protected $_like_escape_chr = '\\'; /** * The syntax to count rows is slightly different across different @@ -291,7 +291,9 @@ class CI_DB_mysql_driver extends CI_DB { // escape LIKE condition wildcards if ($like === TRUE) { - return str_replace(array('%', '_'), array('\\%', '\\_'), $str); + return str_replace(array($this->_like_escape_chr, '%', '_'), + array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'), + $str); } return $str; diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 9261883f5..61761e0c6 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -47,7 +47,7 @@ class CI_DB_mysqli_driver extends CI_DB { // clause and character used for LIKE escape sequences - not used in MySQL protected $_like_escape_str = ''; - protected $_like_escape_chr = ''; + protected $_like_escape_chr = '\\'; /** * The syntax to count rows is slightly different across different @@ -291,7 +291,9 @@ class CI_DB_mysqli_driver extends CI_DB { // escape LIKE condition wildcards if ($like === TRUE) { - return str_replace(array('%', '_'), array('\\%', '\\_'), $str); + return str_replace(array($this->_like_escape_chr, '%', '_'), + array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'), + $str); } return $str; diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index e38c1145c..4784fc65b 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -79,13 +79,13 @@ class CI_DB_pdo_driver extends CI_DB { // clause and character used for LIKE escape sequences // this one depends on the driver being used - if ($this->pdodriver == 'mysql') + if ($this->pdodriver === 'mysql') { $this->_escape_char = '`'; $this->_like_escape_str = ''; - $this->_like_escape_chr = ''; + $this->_like_escape_chr = '\\'; } - elseif ($this->pdodriver == 'odbc') + elseif ($this->pdodriver === 'odbc') { $this->_like_escape_str = " {escape '%s'} "; } diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 0ddfd0abe..30689cc70 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -539,6 +539,47 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** + * Update_Batch statement + * + * Generates a platform-specific batch update string from the supplied data + * + * @param string the table name + * @param array the update data + * @param array the where clause + * @return string + */ + protected function _update_batch($table, $values, $index, $where = NULL) + { + $ids = array(); + foreach ($values as $key => $val) + { + $ids[] = $val[$index]; + + foreach (array_keys($val) as $field) + { + if ($field != $index) + { + $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field]; + } + } + } + + $cases = ''; + foreach ($final as $k => $v) + { + $cases .= $k.' = (CASE '.$k."\n" + .implode("\n", $v)."\n" + .'ELSE '.$k.' END), '; + } + + return 'UPDATE '.$table.' SET '.substr($cases, 0, -2) + .' WHERE '.(($where != '' && count($where) > 0) ? implode(' ', $where).' AND ' : '') + .$index.' IN('.implode(',', $ids).')'; + } + + // -------------------------------------------------------------------- + + /** * Delete statement * * Generates a platform-specific delete string from the supplied data diff --git a/tests/codeigniter/database/DB_driver_test.php b/tests/codeigniter/database/DB_driver_test.php index fb40f0608..9e16e29b4 100644 --- a/tests/codeigniter/database/DB_driver_test.php +++ b/tests/codeigniter/database/DB_driver_test.php @@ -2,8 +2,6 @@ class DB_driver_test extends CI_TestCase { - // ------------------------------------------------------------------------ - public function test_initialize() { $config = Mock_Database_DB::config(DB_DRIVER); @@ -32,5 +30,5 @@ class DB_driver_test extends CI_TestCase { { return new Mock_Database_Drivers_Postgre($config); } - + }
\ No newline at end of file diff --git a/tests/codeigniter/database/DB_test.php b/tests/codeigniter/database/DB_test.php index 9b93e223d..d5c0dea08 100644 --- a/tests/codeigniter/database/DB_test.php +++ b/tests/codeigniter/database/DB_test.php @@ -2,8 +2,6 @@ class DB_test extends CI_TestCase { - // ------------------------------------------------------------------------ - public function test_db_invalid() { $connection = new Mock_Database_DB(array( @@ -45,5 +43,5 @@ class DB_test extends CI_TestCase { $this->assertTrue($db instanceof CI_DB); $this->assertTrue($db instanceof CI_DB_Driver); } - + }
\ No newline at end of file diff --git a/tests/codeigniter/database/query_builder/escape_test.php b/tests/codeigniter/database/query_builder/escape_test.php index ac1c8f659..fe225436a 100644 --- a/tests/codeigniter/database/query_builder/escape_test.php +++ b/tests/codeigniter/database/query_builder/escape_test.php @@ -32,7 +32,7 @@ class Escape_test extends CI_TestCase { $res = $this->db->query($sql)->result_array(); // Check the result - $this->assertEquals(1, count($res)); + $this->assertEquals(1, count($res->result_array())); } // ------------------------------------------------------------------------ @@ -49,6 +49,7 @@ class Escape_test extends CI_TestCase { $res = $this->db->query($sql)->result_array(); // Check the result - $this->assertEquals(2, count($res)); + $this->assertEquals(2, count($res->result_array())); } + }
\ No newline at end of file diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f21f1266d..4b8a0f2d3 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -75,6 +75,7 @@ Release Date: Not Released - Added db_set_charset() support. - Added _optimize_table() support for the :doc:`Database Utility Class <database/utilities>` (rebuilds table indexes). - Added boolean data type support in escape(). + - Added update_batch() support. - Added a constructor to the DB_result class and moved all driver-specific properties and logic out of the base DB_driver class to allow better abstraction. - Removed limit() and order_by() support for UPDATE and DELETE queries in PostgreSQL driver. Postgres does not support those features. - Removed protect_identifiers() and renamed internal method _protect_identifiers() to it instead - it was just an alias. @@ -194,7 +195,7 @@ Bug fixes for 3.0 - Fixed a bug in the :doc:`Session Library <libraries/sessions>` where a PHP E_NOTICE error was triggered by _unserialize() due to results from databases such as MSSQL and Oracle being space-padded on the right. - Fixed a bug (#501) - set_rules() to check if the request method is not 'POST' before aborting, instead of depending on count($_POST) in the :doc:`Form Validation Library <libraries/form_validation>`. - Fixed a bug (#940) - csrf_verify() used to set the CSRF cookie while processing a POST request with no actual POST data, which resulted in validating a request that should be considered invalid. -- Fixed a bug in PostgreSQL's escape_str() where it didn't properly escape LIKE wild characters. +- Fixed a bug (#136) - PostgreSQL, MySQL and MySQLi's escape_str() method didn't properly escape LIKE wild characters. - Fixed a bug in the library loader where some PHP versions wouldn't execute the class constructor. - Fixed a bug (#88) - An unexisting property was used for configuration of the Memcache cache driver. - Fixed a bug (#14) - create_database() method in the :doc:`Database Forge Library <database/forge>` didn't utilize the configured database character set. @@ -218,6 +219,7 @@ Bug fixes for 3.0 - Fixed a bug (#44, #110) - :doc:`Upload library <libraries/file_uploading>`'s clean_file_name() method didn't clear '!' and '#' characters. - Fixed a bug (#121) - ``CI_DB_result::row()`` returned an array when there's no actual result to be returned. - Fixed a bug (#319) - SQLSRV's affected_rows() method failed due to a scrollable cursor being created for write-type queries. +- Fixed a bug (#356) - PostgreSQL driver didn't have an _update_batch() method, which resulted in fatal error being triggered when update_batch() is used with it. Version 2.1.1 ============= |