Added MSSQL/SQLSRV field escaping support with QUOTE_IDENTIFIER detection (issue #706)

1 files changed, 15 insertions, 10 deletions

diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 39c19cdf7..f559863a5 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -944,24 +944,29 @@ abstract class CI_DB_driver {
 			return $item;
 		}
 
-		foreach ($this->_reserved_identifiers as $id)
+		static $preg_ec = array();
+
+		if (empty($preg_ec))
 		{
-			if (strpos($item, '.'.$id) !== FALSE)
+			if (is_array($this->_escape_char))
 			{
-				$item = str_replace('.', $this->_escape_char.'.', $item);
-
-				// remove duplicates if the user already included the escape
-				return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
+				$preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1]));
+			}
+			else
+			{
+				$preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char);
 			}
 		}
 
-		if (strpos($item, '.') !== FALSE)
+		foreach ($this->_reserved_identifiers as $id)
 		{
-			$item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
+			if (strpos($item, '.'.$id) !== FALSE)
+			{
+				return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1], $item);
+			}
 		}
 
-		// remove duplicates if the user already included the escape
-		return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
+		return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[0].'$1'.$preg_ec[1].'$2', $item);
 	}
 
 	// --------------------------------------------------------------------