summaryrefslogtreecommitdiffstats
path: root/system/database/drivers/mysqli
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2013-01-10 15:53:44 +0100
committerAndrey Andreev <narf@bofh.bg>2013-01-10 15:53:44 +0100
commit0b6a492ce1092172b9e3445e674ff9a344d33650 (patch)
tree280c17c507df5e9a82264bb437c0cd6088198ca8 /system/database/drivers/mysqli
parent7545ffd90647cd65aeaff2a21032a13140700c63 (diff)
Unify escape_str() array input and LIKE logic
Added protected method _escape_str() to deal with quote escaping.
Diffstat (limited to 'system/database/drivers/mysqli')
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php31
1 files changed, 6 insertions, 25 deletions
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index be9176e16..b64a7a2e8 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -289,35 +289,16 @@ class CI_DB_mysqli_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape String
+ * Platform-dependant string escape
*
- * @param string $str
- * @param bool $like Whether or not the string will be used in a LIKE condition
+ * @param string
* @return string
*/
- public function escape_str($str, $like = FALSE)
+ protected function _escape_str($str)
{
- if (is_array($str))
- {
- foreach ($str as $key => $val)
- {
- $str[$key] = $this->escape_str($val, $like);
- }
-
- return $str;
- }
-
- $str = is_object($this->conn_id) ? $this->conn_id->real_escape_string($str) : addslashes($str);
-
- // escape LIKE condition wildcards
- if ($like === TRUE)
- {
- return str_replace(array($this->_like_escape_chr, '%', '_'),
- array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
- $str);
- }
-
- return $str;
+ return is_object($this->conn_id)
+ ? $this->conn_id->real_escape_string($str)
+ : addslashes($str);
}
// --------------------------------------------------------------------