diff options
author | Andrey Andreev <narf@bofh.bg> | 2013-01-10 15:23:48 +0100 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2013-01-10 15:23:48 +0100 |
commit | 7545ffd90647cd65aeaff2a21032a13140700c63 (patch) | |
tree | 3d1038a6d51d3ecf5ff5380e47fa991c6e3e67c7 /system/database | |
parent | 55899a0ed6a2f5be1c9d800c39051c8c0ce8fcab (diff) |
Fix SQLSRV escape_str()
Diffstat (limited to 'system/database')
-rw-r--r-- | system/database/drivers/sqlsrv/sqlsrv_driver.php | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 0e04c5c67..a6f2d5537 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -230,8 +230,30 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ public function escape_str($str, $like = FALSE) { + if (is_array($str)) + { + foreach ($str as $key => $val) + { + $str[$key] = $this->escape_str($val, $like); + } + + return $str; + } + // Escape single quotes - return str_replace("'", "''", $str); + $str = str_replace("'", "''", remove_invisible_characters($str)); + + // escape LIKE condition wildcards + if ($like === TRUE) + { + return str_replace( + array($this->_like_escape_chr, '%', '_'), + array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'), + $str + ); + } + + return $str; } // -------------------------------------------------------------------- |