diff options
author | Andrey Andreev <narf@devilix.net> | 2017-06-22 14:39:05 +0200 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2017-06-22 14:39:05 +0200 |
commit | 9414d492612e08f7fa8ae46131d882547afb49ff (patch) | |
tree | 6b212d3eab35d34e78ec219e51fcd8516d5eaf51 /system/database/DB_driver.php | |
parent | 0c06ba0c587b5ef97718bc3b19c6dba163b7acb0 (diff) |
Close #4134: Allow dots in alias names detected by QB
Diffstat (limited to 'system/database/DB_driver.php')
-rw-r--r-- | system/database/DB_driver.php | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index de599a675..1dc23d72e 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1320,10 +1320,11 @@ abstract class CI_DB_driver { * * This function escapes column and table names * - * @param mixed + * @param mixed $item Identifier to escape + * @param bool $split Whether to split identifiers when a dot is encountered * @return mixed */ - public function escape_identifiers($item) + public function escape_identifiers($item, $split = TRUE) { if ($this->_escape_char === '' OR empty($item) OR in_array($item, $this->_reserved_identifiers)) { @@ -1344,22 +1345,22 @@ abstract class CI_DB_driver { return $item; } - static $preg_ec = array(); + static $preg_ec; if (empty($preg_ec)) { if (is_array($this->_escape_char)) { $preg_ec = array( - preg_quote($this->_escape_char[0], '/'), - preg_quote($this->_escape_char[1], '/'), + preg_quote($this->_escape_char[0]), + preg_quote($this->_escape_char[1]), $this->_escape_char[0], $this->_escape_char[1] ); } else { - $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char, '/'); + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); $preg_ec[2] = $preg_ec[3] = $this->_escape_char; } } @@ -1368,11 +1369,13 @@ abstract class CI_DB_driver { { if (strpos($item, '.'.$id) !== FALSE) { - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); + return preg_replace('#'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\.#i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); } } - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); + $dot = ($split !== FALSE) ? '\.' : ''; + + return preg_replace('#'.$preg_ec[0].'?([^'.$preg_ec[1].$dot.']+)'.$preg_ec[1].'?(\.)?#i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); } // -------------------------------------------------------------------- @@ -1786,14 +1789,14 @@ abstract class CI_DB_driver { if ($offset = strripos($item, ' AS ')) { $alias = ($protect_identifiers) - ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4)) + ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4), FALSE) : substr($item, $offset); $item = substr($item, 0, $offset); } elseif ($offset = strrpos($item, ' ')) { $alias = ($protect_identifiers) - ? ' '.$this->escape_identifiers(substr($item, $offset + 1)) + ? ' '.$this->escape_identifiers(substr($item, $offset + 1), FALSE) : substr($item, $offset); $item = substr($item, 0, $offset); } |