summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2011-02-08 20:43:36 +0100
committerPhil Sturgeon <email@philsturgeon.co.uk>2011-02-08 20:43:36 +0100
commite3a6e9b085f95fe97deb21e103dc0fd381b8122f (patch)
treef19acc148c779d91c35f2e1c6df7990433e6e82d
parent9758d84b69185f80fd8197f28046af7ef3b2a2d3 (diff)
MySQL Driver will now wrap field names for insert(), update() and replace() with backticks (`) so fields like "default" and "order" will not cause SQL errors.
-rw-r--r--system/database/drivers/mysql/mysql_driver.php16
-rw-r--r--user_guide/changelog.html1
2 files changed, 9 insertions, 8 deletions
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index df18c912e..c9fc1ecab 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -287,12 +287,12 @@ class CI_DB_mysql_driver extends CI_DB {
if (is_array($str))
{
foreach($str as $key => $val)
- {
+ {
$str[$key] = $this->escape_str($val, $like);
- }
+ }
- return $str;
- }
+ return $str;
+ }
if (function_exists('mysql_real_escape_string') AND is_resource($this->conn_id))
{
@@ -532,7 +532,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function _insert($table, $keys, $values)
{
- return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")";
+ return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")";
}
// --------------------------------------------------------------------
@@ -551,7 +551,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function _replace($table, $keys, $values)
{
- return "REPLACE INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")";
+ return "REPLACE INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")";
}
// --------------------------------------------------------------------
@@ -569,7 +569,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function _insert_batch($table, $keys, $values)
{
- return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values);
+ return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES ".implode(', ', $values);
}
// --------------------------------------------------------------------
@@ -592,7 +592,7 @@ class CI_DB_mysql_driver extends CI_DB {
{
foreach($values as $key => $val)
{
- $valstr[] = $key." = ".$val;
+ $valstr[] = sprintf('`%s` = %s', $key, $val);
}
$limit = ( ! $limit) ? '' : ' LIMIT '.$limit;
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index cd728226b..1201df8b2 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -74,6 +74,7 @@ Hg Tag: n/a</p>
<h3>Bug fixes for 2.0.1</h3>
<ul>
<li class="reactor">CLI requests can now be run from any folder, not just when CD'ed next to index.php.</li>
+ <li class="reactor">MySQL Driver will now wrap field names for <kbd>insert()</kbd>, <kbd>update()</kbd> and <kbd>replace()</kbd> with backticks (`) so fields like "default" and "order" will not cause SQL errors.</li>
</ul>
<h2>Version 2.0.0</h2>