summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-06-16 02:34:10 +0200
committerAndrey Andreev <narf@bofh.bg>2012-06-16 02:34:10 +0200
commit498c1e027e67dfd8108e0e255ff18fb914742b63 (patch)
treeb0f33cb1f614cf26960947fa9e0db1039a027eb1
parentd24160cc4348c32c0c1ec7350e2e2dada2c9291a (diff)
Added an escape parameter to where_in(), or_where_in(), where_not_in(), or_where_not_in() and made where(), or_where() to default the escape setting to the value of _protect_identifiers
-rw-r--r--system/database/DB_query_builder.php26
-rw-r--r--system/database/drivers/postgre/postgre_driver.php5
-rw-r--r--user_guide_src/source/changelog.rst3
3 files changed, 16 insertions, 18 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 5eb6bbb4e..85dd77da9 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -405,7 +405,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function where($key, $value = NULL, $escape = TRUE)
+ public function where($key, $value = NULL, $escape = NULL)
{
return $this->_where($key, $value, 'AND ', $escape);
}
@@ -423,7 +423,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function or_where($key, $value = NULL, $escape = TRUE)
+ public function or_where($key, $value = NULL, $escape = NULL)
{
return $this->_where($key, $value, 'OR ', $escape);
}
@@ -504,9 +504,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function where_in($key = NULL, $values = NULL)
+ public function where_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values);
+ return $this->_where_in($key, $values, FALSE, 'AND ', $escape);
}
// --------------------------------------------------------------------
@@ -521,9 +521,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function or_where_in($key = NULL, $values = NULL)
+ public function or_where_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, FALSE, 'OR ');
+ return $this->_where_in($key, $values, FALSE, 'OR ', $escape);
}
// --------------------------------------------------------------------
@@ -538,9 +538,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function where_not_in($key = NULL, $values = NULL)
+ public function where_not_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, TRUE);
+ return $this->_where_in($key, $values, TRUE, 'AND ', $escape);
}
// --------------------------------------------------------------------
@@ -555,9 +555,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function or_where_not_in($key = NULL, $values = NULL)
+ public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, TRUE, 'OR ');
+ return $this->_where_in($key, $values, TRUE, 'OR ', $escape);
}
// --------------------------------------------------------------------
@@ -573,7 +573,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string
* @return object
*/
- protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ')
+ protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL)
{
if ($key === NULL OR $values === NULL)
{
@@ -587,6 +587,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$values = array($values);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
$not = ($not) ? ' NOT' : '';
foreach ($values as $value)
@@ -595,7 +597,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
}
$prefix = (count($this->qb_where) === 0) ? '' : $type;
- $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') ';
+ $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') ';
if ($this->qb_caching === TRUE)
{
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index ad9ac9000..3d25b25ee 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -606,10 +606,7 @@ class CI_DB_postgre_driver extends CI_DB {
}
// If the escape value was not set will will base it on the global setting
- if ( ! is_bool($escape))
- {
- $escape = $this->_protect_identifiers;
- }
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
foreach ($key as $k => $v)
{
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 8e0ac10f0..b3c2e7086 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -74,8 +74,7 @@ Release Date: Not Released
- Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern.
- Added the ability to insert objects with insert_batch().
- Added new methods that return the SQL string of queries without executing them: get_compiled_select(), get_compiled_insert(), get_compiled_update(), get_compiled_delete().
- - Added an optional order_by() parameter that allows to disable escaping (useful for custom fields).
- - Added an optional join() parameter that allows to disable escaping.
+ - Added an optional parameter that allows to disable escaping (useful for custom fields) for methods join(), order_by(), where_in(), or_where_in(), where_not_in(), or_where_not_in().
- Added support for join() with multiple conditions.
- Improved support for the MySQLi driver, including:
- OOP style of the PHP extension is now used, instead of the procedural aliases.