diff options
author | Taufan Aditya <toopay@taufanaditya.com> | 2012-04-06 21:08:05 +0200 |
---|---|---|
committer | Taufan Aditya <toopay@taufanaditya.com> | 2012-04-06 21:08:05 +0200 |
commit | abb6fbcafd837400d4aea3840c74495a4b1d2028 (patch) | |
tree | 5e5992075df8f0cd14869381e4ba4f821850a5fa /system/database/DB_driver.php | |
parent | 80c0e3df5998a2a4b2376a6361f4690b783446df (diff) | |
parent | ea09a8a5552f2aacdeab0c88a605fe44047ebd0a (diff) |
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into db-tests
Diffstat (limited to 'system/database/DB_driver.php')
-rw-r--r-- | system/database/DB_driver.php | 45 |
1 files changed, 41 insertions, 4 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index dea705054..8b030af77 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -901,6 +901,43 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Escape the SQL Identifiers + * + * This function escapes column and table names + * + * @param string + * @return string + */ + public function escape_identifiers($item) + { + if ($this->_escape_char == '') + { + return $item; + } + + foreach ($this->_reserved_identifiers as $id) + { + if (strpos($item, '.'.$id) !== FALSE) + { + $item = str_replace('.', $this->_escape_char.'.', $item); + + // remove duplicates if the user already included the escape + return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); + } + } + + if (strpos($item, '.') !== FALSE) + { + $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + } + + // remove duplicates if the user already included the escape + return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); + } + + // -------------------------------------------------------------------- + + /** * Generate an insert string * * @param string the table upon which the query will be performed @@ -913,7 +950,7 @@ abstract class CI_DB_driver { foreach ($data as $key => $val) { - $fields[] = $this->_escape_identifiers($key); + $fields[] = $this->escape_identifiers($key); $values[] = $this->escape($val); } @@ -1254,7 +1291,7 @@ abstract class CI_DB_driver { { if ( ! in_array($val, $this->_reserved_identifiers)) { - $parts[$key] = $this->_escape_identifiers($val); + $parts[$key] = $this->escape_identifiers($val); } } @@ -1311,7 +1348,7 @@ abstract class CI_DB_driver { if ($protect_identifiers === TRUE) { - $item = $this->_escape_identifiers($item); + $item = $this->escape_identifiers($item); } return $item.$alias; @@ -1334,7 +1371,7 @@ abstract class CI_DB_driver { if ($protect_identifiers === TRUE && ! in_array($item, $this->_reserved_identifiers)) { - $item = $this->_escape_identifiers($item); + $item = $this->escape_identifiers($item); } return $item.$alias; |