diff options
author | Andrey Andreev <narf@devilix.net> | 2013-09-13 15:03:07 +0200 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2013-09-13 15:03:07 +0200 |
commit | a9346aa754f5488f7535f580dd744477f52d5063 (patch) | |
tree | e315c6a8424a1272bdaee43b7eb812acff059d7e /system/database | |
parent | 79d9e38f4c240098199c12a64d18457e7c1daef7 (diff) |
Fix a PostgreSQL string escaping bug and use pg_escape_literal() when possible
Diffstat (limited to 'system/database')
-rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index dbf7c6b95..b72fb873a 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -331,7 +331,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _escape_str($str) { - return pg_escape_string($str); + return pg_escape_string($this->conn_id, $str); } // -------------------------------------------------------------------- @@ -346,7 +346,11 @@ class CI_DB_postgre_driver extends CI_DB { */ public function escape($str) { - if (is_bool($str)) + if (is_php('5.4.4') && (is_string($str) OR (is_object($str) && method_exists($str, '__toString')))) + { + return pg_escape_literal($this->conn_id, $str); + } + elseif (is_bool($str)) { return ($str) ? 'TRUE' : 'FALSE'; } |