diff options
author | Andrey Andreev <narf@bofh.bg> | 2013-01-10 15:53:44 +0100 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2013-01-10 15:53:44 +0100 |
commit | 0b6a492ce1092172b9e3445e674ff9a344d33650 (patch) | |
tree | 280c17c507df5e9a82264bb437c0cd6088198ca8 /system/database/drivers/pdo | |
parent | 7545ffd90647cd65aeaff2a21032a13140700c63 (diff) |
Unify escape_str() array input and LIKE logic
Added protected method _escape_str() to deal with quote escaping.
Diffstat (limited to 'system/database/drivers/pdo')
-rw-r--r-- | system/database/drivers/pdo/pdo_driver.php | 34 |
1 files changed, 6 insertions, 28 deletions
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 37090cb5d..34adf0f86 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -257,42 +257,20 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape String + * Platform-dependant string escape * - * @param string $str - * @param bool $like Whether or not the string will be used in a LIKE condition + * @param string * @return string */ - public function escape_str($str, $like = FALSE) + protected function _escape_str($str) { - if (is_array($str)) - { - foreach ($str as $key => $val) - { - $str[$key] = $this->escape_str($val, $like); - } - - return $str; - } - // Escape the string $str = $this->conn_id->quote($str); // If there are duplicated quotes, trim them away - if ($str[0] === "'") - { - $str = substr($str, 1, -1); - } - - // escape LIKE condition wildcards - if ($like === TRUE) - { - return str_replace(array($this->_like_escape_chr, '%', '_'), - array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'), - $str); - } - - return $str; + return ($str[0] === "'") + ? substr($str, 1, -1) + : $str; } // -------------------------------------------------------------------- |