summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-06-10 06:05:05 +0200
committerAndrey Andreev <narf@bofh.bg>2012-06-10 06:05:05 +0200
commitbf94058d537efc78ed2df7009db8b3261ff44619 (patch)
treea98926fa75298cd35ea5f1f9c4fe444125ea746a
parent5a257187c4ca09ea61c19999bf061cec3f224cc2 (diff)
Fix issue #1452
-rw-r--r--system/database/DB_driver.php51
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php2
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_forge.php2
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_result.php2
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_utility.php2
-rw-r--r--user_guide_src/source/changelog.rst2
6 files changed, 44 insertions, 17 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index f5a7e2ac0..e34021e50 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1300,38 +1300,63 @@ abstract class CI_DB_driver {
$escaped_array = array();
foreach ($item as $k => $v)
{
- $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v);
+ $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v, $prefix_single, $protect_identifiers, $field_exists);
}
return $escaped_array;
}
+ // This is basically a bug fix for queries that use MAX, MIN, etc.
+ // If a parenthesis is found we know that we do not need to
+ // escape the data or add a prefix. There's probably a more graceful
+ // way to deal with this, but I'm not thinking of it -- Rick
+ if (strpos($item, '(') !== FALSE)
+ {
+ return $item.$alias;
+ }
+
// Convert tabs or multiple spaces into single spaces
$item = preg_replace('/\s+/', ' ', $item);
+ static $preg_ec = array();
+
+ if (empty($preg_ec))
+ {
+ if (is_array($this->_escape_char))
+ {
+ $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1]));
+ }
+ else
+ {
+ $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char);
+ }
+ }
+
// If the item has an alias declaration we remove it and set it aside.
// Basically we remove everything to the right of the first space
- if (preg_match('/^([^\s]+) (AS )*(.+)$/i', $item, $matches))
+ preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', 'Test table]', $matches);
+
+ if (isset($matches[4]))
{
$item = $matches[1];
- // Escape the alias
- $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]);
+ // Escape the alias, if needed
+ if ($protect_identifiers === TRUE)
+ {
+ $alias = empty($matches[5])
+ ? ' '.$this->escape_identifiers(ltrim($matches[4]))
+ : $matches[4].' '.$this->escape_identifiers(ltrim($matches[5]));
+ }
+ else
+ {
+ $alias = $matches[4].$matches[5];
+ }
}
else
{
$alias = '';
}
- // This is basically a bug fix for queries that use MAX, MIN, etc.
- // If a parenthesis is found we know that we do not need to
- // escape the data or add a prefix. There's probably a more graceful
- // way to deal with this, but I'm not thinking of it -- Rick
- if (strpos($item, '(') !== FALSE)
- {
- return $item.$alias;
- }
-
// Break the string apart if it contains periods, then insert the table prefix
// in the correct location, assuming the period doesn't indicate that we're dealing
// with an alias. While we're at it, we will escape the components
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 655a9e90b..eebd6bff8 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -21,7 +21,7 @@
* @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
- * @since Version 1.0
+ * @since Version 2.0.3
* @filesource
*/
diff --git a/system/database/drivers/sqlsrv/sqlsrv_forge.php b/system/database/drivers/sqlsrv/sqlsrv_forge.php
index e6f7e1ac1..ccdb36929 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_forge.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_forge.php
@@ -21,7 +21,7 @@
* @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
- * @since Version 1.0
+ * @since Version 2.0.3
* @filesource
*/
diff --git a/system/database/drivers/sqlsrv/sqlsrv_result.php b/system/database/drivers/sqlsrv/sqlsrv_result.php
index f802383d2..f9d5a0d29 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_result.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_result.php
@@ -21,7 +21,7 @@
* @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
- * @since Version 1.0
+ * @since Version 2.0.3
* @filesource
*/
diff --git a/system/database/drivers/sqlsrv/sqlsrv_utility.php b/system/database/drivers/sqlsrv/sqlsrv_utility.php
index 5a71b1628..d518cc15a 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_utility.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_utility.php
@@ -21,7 +21,7 @@
* @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
- * @since Version 1.0
+ * @since Version 2.0.3
* @filesource
*/
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 70d622b4b..5b2f59e7e 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -244,6 +244,8 @@ Bug fixes for 3.0
- Fixed a bug (#666) - :doc:`Output library <libraries/output>`'s set_content_type() method didn't set the document charset.
- Fixed a bug (#784, #861) - :doc:`Database Forge <database/forge>` method ``create_table()`` used to accept constraints for MSSQL/SQLSRV integer-type columns.
- Fixed a bug (#706) - SQLSRV/MSSSQL didn't escape field names.
+- Fixed a bug (#1452) - protect_identifiers() didn't properly detect identifiers with spaces in their names.
+- Fixed a bug where protect_identifiers() ignored it's extra arguments when the value passed to it is an array.
Version 2.1.1
=============