summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDerek Jones <derek.jones@ellislab.com>2009-02-20 23:36:27 +0100
committerDerek Jones <derek.jones@ellislab.com>2009-02-20 23:36:27 +0100
commit3c11b6f5dee83ebe11dfdcec3022313c45a4a4e2 (patch)
tree5e891cdc9ea20f17363ee2b23e47937dde61cf44
parentbdc7fb907f04469f526868058103e35460f4e52d (diff)
updated _list_tables() in db drivers to escape the db prefix for LIKE wildcards
-rw-r--r--system/database/drivers/mssql/mssql_driver.php2
-rw-r--r--system/database/drivers/mysql/mysql_driver.php2
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php2
-rw-r--r--system/database/drivers/oci8/oci8_driver.php2
-rw-r--r--system/database/drivers/odbc/odbc_driver.php2
-rw-r--r--system/database/drivers/postgre/postgre_driver.php2
-rw-r--r--system/database/drivers/sqlite/sqlite_driver.php2
7 files changed, 7 insertions, 7 deletions
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php
index c89e2549e..ddc036da9 100644
--- a/system/database/drivers/mssql/mssql_driver.php
+++ b/system/database/drivers/mssql/mssql_driver.php
@@ -373,7 +373,7 @@ class CI_DB_mssql_driver extends CI_DB {
// for future compatibility
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- //$sql .= " LIKE '".$this->dbprefix."%'";
+ //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char);
return FALSE; // not currently supported
}
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index 5b2ba62b8..2b05c3f15 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -370,7 +370,7 @@ class CI_DB_mysql_driver extends CI_DB {
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- $sql .= " LIKE '".$this->dbprefix."%'";
+ $sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%'";
}
return $sql;
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 92d871111..6558112cd 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -371,7 +371,7 @@ class CI_DB_mysqli_driver extends CI_DB {
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- $sql .= " LIKE '".$this->dbprefix."%'";
+ $sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%'";
}
return $sql;
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index 1fdb1bc45..4dfec2e3f 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -477,7 +477,7 @@ class CI_DB_oci8_driver extends CI_DB {
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- $sql .= " WHERE TABLE_NAME LIKE '".$this->dbprefix."%'";
+ $sql .= " WHERE TABLE_NAME LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char);
}
return $sql;
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index a14aaa1f3..f7db4ca4b 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -346,7 +346,7 @@ class CI_DB_odbc_driver extends CI_DB {
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- //$sql .= " LIKE '".$this->dbprefix."%'";
+ //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char);
return FALSE; // not currently supported
}
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index 8d0d8901c..4bc5b7d94 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -386,7 +386,7 @@ class CI_DB_postgre_driver extends CI_DB {
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- $sql .= " AND table_name LIKE '".$this->dbprefix."%'";
+ $sql .= " AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char);
}
return $sql;
diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php
index 104a3bc36..bb1e6d02e 100644
--- a/system/database/drivers/sqlite/sqlite_driver.php
+++ b/system/database/drivers/sqlite/sqlite_driver.php
@@ -358,7 +358,7 @@ class CI_DB_sqlite_driver extends CI_DB {
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- $sql .= " AND 'name' LIKE '".$this->dbprefix."%'";
+ $sql .= " AND 'name' LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_char);
}
return $sql;
}