summaryrefslogtreecommitdiffstats
path: root/system/database
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2013-01-10 15:23:48 +0100
committerAndrey Andreev <narf@bofh.bg>2013-01-10 15:23:48 +0100
commit7545ffd90647cd65aeaff2a21032a13140700c63 (patch)
tree3d1038a6d51d3ecf5ff5380e47fa991c6e3e67c7 /system/database
parent55899a0ed6a2f5be1c9d800c39051c8c0ce8fcab (diff)
Fix SQLSRV escape_str()
Diffstat (limited to 'system/database')
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php24
1 files changed, 23 insertions, 1 deletions
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 0e04c5c67..a6f2d5537 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -230,8 +230,30 @@ class CI_DB_sqlsrv_driver extends CI_DB {
*/
public function escape_str($str, $like = FALSE)
{
+ if (is_array($str))
+ {
+ foreach ($str as $key => $val)
+ {
+ $str[$key] = $this->escape_str($val, $like);
+ }
+
+ return $str;
+ }
+
// Escape single quotes
- return str_replace("'", "''", $str);
+ $str = str_replace("'", "''", remove_invisible_characters($str));
+
+ // escape LIKE condition wildcards
+ if ($like === TRUE)
+ {
+ return str_replace(
+ array($this->_like_escape_chr, '%', '_'),
+ array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
+ $str
+ );
+ }
+
+ return $str;
}
// --------------------------------------------------------------------