summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDerek Jones <derek.jones@ellislab.com>2011-05-20 17:25:13 +0200
committerDerek Jones <derek.jones@ellislab.com>2011-05-20 17:25:13 +0200
commit3b9f88df882ee1af6fbc8ca4f299b1b229307895 (patch)
tree1b2ca3e19855d024d952aab64c31652ae1c69e0e
parent63df37de043a3581a328e63207ea1c809c0e74c2 (diff)
modified the 'use_set_names' variable in the MySQL/i drivers to be a class property instead of static, in case multiple database servers are connected to in a single request. Also clarified description of the 'dbcollat' setting in the configuration files
-rw-r--r--application/config/database.php3
-rw-r--r--system/database/drivers/mysql/mysql_driver.php11
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php11
-rw-r--r--user_guide/database/configuration.html2
4 files changed, 15 insertions, 12 deletions
diff --git a/application/config/database.php b/application/config/database.php
index e77bf97df..4bb7a5707 100644
--- a/application/config/database.php
+++ b/application/config/database.php
@@ -27,7 +27,8 @@
| ['char_set'] The character set used in communicating with the database
| ['dbcollat'] The character collation used in communicating with the database
| NOTE: For MySQL and MySQLi databases, this setting is only used
-| as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7.
+| as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7
+| (and in table creation queries made with DB Forge).
| There is an incompatibility in PHP with mysql_real_escape_string() which
| can make your site vulnerable to SQL injection if you are using a
| multi-byte character set and are running versions lower than these.
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index dec15863f..73a8b68da 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -54,6 +54,9 @@ class CI_DB_mysql_driver extends CI_DB {
var $_count_string = 'SELECT COUNT(*) AS ';
var $_random_keyword = ' RAND()'; // database specific random keyword
+ // whether SET NAMES must be used to set the character set
+ var $use_set_names;
+
/**
* Non-persistent database connection
*
@@ -132,15 +135,13 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function db_set_charset($charset, $collation)
{
- static $use_set_names;
-
- if ( ! isset($use_set_names))
+ if ( ! isset($this->use_set_names))
{
// mysql_set_charset() requires PHP >= 5.2.3 and MySQL >= 5.0.7, use SET NAMES as fallback
- $use_set_names = (version_compare(PHP_VERSION, '5.2.3', '>=') && version_compare(mysql_get_server_info(), '5.0.7', '>=')) ? FALSE : TRUE;
+ $this->use_set_names = (version_compare(PHP_VERSION, '5.2.3', '>=') && version_compare(mysql_get_server_info(), '5.0.7', '>=')) ? FALSE : TRUE;
}
- if ($use_set_names)
+ if ($this->use_set_names === TRUE)
{
return @mysql_query("SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'", $this->conn_id);
}
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 74f55c421..457582498 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -54,6 +54,9 @@ class CI_DB_mysqli_driver extends CI_DB {
*/
var $delete_hack = TRUE;
+ // whether SET NAMES must be used to set the character set
+ var $use_set_names;
+
// --------------------------------------------------------------------
/**
@@ -132,15 +135,13 @@ class CI_DB_mysqli_driver extends CI_DB {
*/
function _db_set_charset($charset, $collation)
{
- static $use_set_names;
-
- if ( ! isset($use_set_names))
+ if ( ! isset($this->use_set_names))
{
// mysqli_set_charset() requires MySQL >= 5.0.7, use SET NAMES as fallback
- $use_set_names = (version_compare(mysqli_get_server_info($this->conn_id), '5.0.7', '>=')) ? FALSE : TRUE;
+ $this->use_set_names = (version_compare(mysqli_get_server_info($this->conn_id), '5.0.7', '>=')) ? FALSE : TRUE;
}
- if ($use_set_names)
+ if ($this->use_set_names === TRUE)
{
return @mysqli_query($this->conn_id, "SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'");
}
diff --git a/user_guide/database/configuration.html b/user_guide/database/configuration.html
index b34705410..439717748 100644
--- a/user_guide/database/configuration.html
+++ b/user_guide/database/configuration.html
@@ -132,7 +132,7 @@ for the primary connection, but it too can be renamed to something more relevant
<li><strong>cache_on</strong> - TRUE/FALSE (boolean) - Whether database query caching is enabled, see also <a href="caching.html">Database Caching Class</a>.</li>
<li><strong>cachedir</strong> - The absolute server path to your database query cache directory.</li>
<li><strong>char_set</strong> - The character set used in communicating with the database.</li>
-<li><strong>dbcollat</strong> - The character collation used in communicating with the database. <p class="important"><strong>Note:</strong> For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP &lt; 5.2.3 or MySQL &lt; 5.0.7. There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.</p></li>
+<li><strong>dbcollat</strong> - The character collation used in communicating with the database. <p class="important"><strong>Note:</strong> For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP &lt; 5.2.3 or MySQL &lt; 5.0.7 (and in table creation queries made with DB Forge). There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.</p></li>
<li><strong>swap_pre</strong> - A default table prefix that should be swapped with <var>dbprefix</var>. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user.</li>
<li><strong>autoinit</strong> - Whether or not to automatically connect to the database when the library loads. If set to false, the connection will take place prior to executing the first query.</li>
<li><strong>stricton</strong> - TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL while developing an application.</li>