summaryrefslogtreecommitdiffstats
path: root/system/database/DB_query_builder.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-06-16 02:47:33 +0200
committerAndrey Andreev <narf@bofh.bg>2012-06-16 02:47:33 +0200
commitfe642dadd6ba62d597ccf1c7cb91e28059caeebf (patch)
tree1e641a75d4484e8469574a92f612d16c7525be9d /system/database/DB_query_builder.php
parent498c1e027e67dfd8108e0e255ff18fb914742b63 (diff)
All Query Builder methods to respect _protect_identifiers by default
Diffstat (limited to 'system/database/DB_query_builder.php')
-rw-r--r--system/database/DB_query_builder.php42
1 files changed, 24 insertions, 18 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 85dd77da9..1ac9af901 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -327,7 +327,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string wether not to try to escape identifiers
* @return object
*/
- public function join($table, $cond, $type = '', $escape = TRUE)
+ public function join($table, $cond, $type = '', $escape = NULL)
{
if ($type !== '')
{
@@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// in the protect_identifiers to know whether to add a table prefix
$this->_track_aliases($table);
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
// Split multiple conditions
if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE))
{
@@ -888,7 +890,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function having($key, $value = '', $escape = TRUE)
+ public function having($key, $value = '', $escape = NULL)
{
return $this->_having($key, $value, 'AND ', $escape);
}
@@ -905,7 +907,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function or_having($key, $value = '', $escape = TRUE)
+ public function or_having($key, $value = '', $escape = NULL)
{
return $this->_having($key, $value, 'OR ', $escape);
}
@@ -923,13 +925,15 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE)
+ protected function _having($key, $value = '', $type = 'AND ', $escape = NULL)
{
if ( ! is_array($key))
{
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
$prefix = (count($this->qb_having) === 0) ? '' : $type;
@@ -1057,14 +1061,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// --------------------------------------------------------------------
/**
- * The "set" function. Allows key/value pairs to be set for inserting or updating
+ * The "set" function.
+ *
+ * Allows key/value pairs to be set for inserting or updating
*
* @param mixed
* @param string
* @param bool
* @return object
*/
- public function set($key, $value = '', $escape = TRUE)
+ public function set($key, $value = '', $escape = NULL)
{
$key = $this->_object_to_array($key);
@@ -1073,16 +1079,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
- if ($escape === FALSE)
- {
- $this->qb_set[$this->protect_identifiers($k)] = $v;
- }
- else
- {
- $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v);
- }
+ $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape)
+ ? $this->escape($v) : $v;
}
return $this;
@@ -1288,7 +1290,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function set_insert_batch($key, $value = '', $escape = TRUE)
+ public function set_insert_batch($key, $value = '', $escape = NULL)
{
$key = $this->_object_to_array_batch($key);
@@ -1297,6 +1299,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
$keys = array_keys($this->_object_to_array(current($key)));
sort($keys);
@@ -1328,7 +1332,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
foreach ($keys as $k)
{
- $this->qb_keys[] = $this->protect_identifiers($k);
+ $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape);
}
return $this;
@@ -1727,7 +1731,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function set_update_batch($key, $index = '', $escape = TRUE)
+ public function set_update_batch($key, $index = '', $escape = NULL)
{
$key = $this->_object_to_array_batch($key);
@@ -1736,6 +1740,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// @todo error
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
$index_set = FALSE;
@@ -1747,7 +1753,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$index_set = TRUE;
}
- $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
+ $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
}
if ($index_set === FALSE)