summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-10-31 08:35:29 +0100
committerAndrey Andreev <narf@devilix.net>2016-10-31 08:36:18 +0100
commit31d28fda8bd01ff0c7a2f196bf072bf9d84a83fe (patch)
tree8038ad1464fc3a8e335329d36065be95127a0fd5
parent499c6080cd41927df088206155e4055d4da3e58e (diff)
Merge pull request #4886 from tianhe1986/develop_dbdriver_quote
Detect double-quoted strings in DB::compile_binds()
-rw-r--r--system/database/DB_driver.php2
-rw-r--r--system/database/drivers/odbc/odbc_driver.php2
2 files changed, 2 insertions, 2 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 7ae52a307..fcc15eee5 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1000,7 +1000,7 @@ abstract class CI_DB_driver {
$ml = strlen($this->bind_marker);
// Make sure not to replace a chunk inside a string that happens to match the bind marker
- if ($c = preg_match_all("/'[^']*'/i", $sql, $matches))
+ if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches))
{
$c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i',
str_replace($matches[0],
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index dbce1cf79..b5512fd76 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -172,7 +172,7 @@ class CI_DB_odbc_driver extends CI_DB_driver {
$ml = strlen($this->bind_marker);
// Make sure not to replace a chunk inside a string that happens to match the bind marker
- if ($c = preg_match_all("/'[^']*'/i", $sql, $matches))
+ if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches))
{
$c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i',
str_replace($matches[0],