diff options
| author | Andrey Andreev <narf@devilix.net> | 2015-07-29 15:24:57 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2015-07-29 15:24:57 +0200 |
| commit | d738b6ba89d7b719114cbfaa5a62964f943ba926 (patch) | |
| tree | 6bb7ecf198ac5483e8e04acceaeba54d463961c3 /system/database | |
| parent | a479c389cd5e2238e15ef4285446954eab8eeaa3 (diff) | |
Fix a 'counter-#3989' bug
The issue described in #3989 is actually the opposite of what has beent
the intended behavior for the parameter in all Query Builder
methods. Unfortunately, there's been a huge misunderstanding about
that and half the methods worked properly, while the other half did
not ... fixing that here.
Also related: #4001
Diffstat (limited to 'system/database')
| -rw-r--r-- | system/database/DB_query_builder.php | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 6ea7841e3..293419e23 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -794,10 +794,17 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $not = ($not) ? ' NOT' : ''; - $where_in = array(); - foreach ($values as $value) + if ($escape === TRUE) + { + $where_in = array(); + foreach ($values as $value) + { + $where_in[] = $this->escape($value); + } + } + else { - $where_in[] = $this->escape($value); + $where_in = array_values($values); } $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); @@ -926,7 +933,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); - $v = $this->escape_like_str($v); + if ($escape === TRUE) + { + $v = $this->escape_like_str($v); + } if ($side === 'none') { @@ -946,7 +956,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // some platforms require an escape sequence definition for LIKE wildcards - if ($this->_like_escape_str !== '') + if ($escape === TRUE && $this->_like_escape_str !== '') { $like_statement .= sprintf($this->_like_escape_str, $this->_like_escape_chr); } |