diff options
author | Derek Jones <derek.jones@ellislab.com> | 2009-02-20 23:36:27 +0100 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2009-02-20 23:36:27 +0100 |
commit | 3c11b6f5dee83ebe11dfdcec3022313c45a4a4e2 (patch) | |
tree | 5e891cdc9ea20f17363ee2b23e47937dde61cf44 | |
parent | bdc7fb907f04469f526868058103e35460f4e52d (diff) |
updated _list_tables() in db drivers to escape the db prefix for LIKE wildcards
-rw-r--r-- | system/database/drivers/mssql/mssql_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/oci8/oci8_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/odbc/odbc_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/sqlite/sqlite_driver.php | 2 |
7 files changed, 7 insertions, 7 deletions
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index c89e2549e..ddc036da9 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -373,7 +373,7 @@ class CI_DB_mssql_driver extends CI_DB { // for future compatibility if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - //$sql .= " LIKE '".$this->dbprefix."%'"; + //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char); return FALSE; // not currently supported } diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 5b2ba62b8..2b05c3f15 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -370,7 +370,7 @@ class CI_DB_mysql_driver extends CI_DB { if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - $sql .= " LIKE '".$this->dbprefix."%'"; + $sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%'"; } return $sql; diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 92d871111..6558112cd 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -371,7 +371,7 @@ class CI_DB_mysqli_driver extends CI_DB { if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - $sql .= " LIKE '".$this->dbprefix."%'"; + $sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%'"; } return $sql; diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 1fdb1bc45..4dfec2e3f 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -477,7 +477,7 @@ class CI_DB_oci8_driver extends CI_DB { if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - $sql .= " WHERE TABLE_NAME LIKE '".$this->dbprefix."%'"; + $sql .= " WHERE TABLE_NAME LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char); } return $sql; diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index a14aaa1f3..f7db4ca4b 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -346,7 +346,7 @@ class CI_DB_odbc_driver extends CI_DB { if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - //$sql .= " LIKE '".$this->dbprefix."%'"; + //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char); return FALSE; // not currently supported } diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 8d0d8901c..4bc5b7d94 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -386,7 +386,7 @@ class CI_DB_postgre_driver extends CI_DB { if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - $sql .= " AND table_name LIKE '".$this->dbprefix."%'"; + $sql .= " AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char); } return $sql; diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index 104a3bc36..bb1e6d02e 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -358,7 +358,7 @@ class CI_DB_sqlite_driver extends CI_DB { if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - $sql .= " AND 'name' LIKE '".$this->dbprefix."%'"; + $sql .= " AND 'name' LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char); } return $sql; } |