summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-03-01 13:39:26 +0100
committerAndrey Andreev <narf@bofh.bg>2012-03-01 13:39:26 +0100
commitc2905f5884a7d9cd9ae1f70cdc615a5d214652dd (patch)
treeccf62e6c7ded7c1b3c90ee405cac9f701618adea
parent59c5b537cb5880930f9a8d518659c75cd66f41b0 (diff)
Fix an Oracle escape_str() bug (#68, #414)
-rw-r--r--system/database/drivers/oci8/oci8_driver.php14
-rw-r--r--user_guide_src/source/changelog.rst1
2 files changed, 7 insertions, 8 deletions
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index c6621901b..057095c23 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -398,10 +398,9 @@ class CI_DB_oci8_driver extends CI_DB {
/**
* Escape String
*
- * @access public
- * @param string
+ * @param string
* @param bool whether or not the string will be used in a LIKE condition
- * @return string
+ * @return string
*/
public function escape_str($str, $like = FALSE)
{
@@ -415,15 +414,14 @@ class CI_DB_oci8_driver extends CI_DB {
return $str;
}
- $str = remove_invisible_characters($str);
- $str = str_replace("'", "''", $str);
+ $str = str_replace("'", "''", remove_invisible_characters($str));
// escape LIKE condition wildcards
if ($like === TRUE)
{
- $str = str_replace( array('%', '_', $this->_like_escape_chr),
- array($this->_like_escape_chr.'%', $this->_like_escape_chr.'_', $this->_like_escape_chr.$this->_like_escape_chr),
- $str);
+ return str_replace(array($this->_like_escape_chr, '%', '_'),
+ array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
+ $str);
}
return $str;
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index d6a9f0d2a..e8bbf7d14 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -112,6 +112,7 @@ Bug fixes for 3.0
- Fixed a bug (#1039) - MySQL's _backup() method failed due to a table name not being escaped.
- Fixed a bug (#1070) - CI_DB_driver::initialize() didn't set a character set if a database is not selected.
- Fixed a bug (#177) - CI_Form_validation::set_value() didn't set the default value if POST data is NULL.
+- Fixed a bug (#68, #414) - Oracle's escape_str() didn't properly escape LIKE wild characters.
Version 2.1.1