summaryrefslogtreecommitdiffstats
path: root/system/database
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-06-16 02:21:20 +0200
committerAndrey Andreev <narf@bofh.bg>2012-06-16 02:21:20 +0200
commitd24160cc4348c32c0c1ec7350e2e2dada2c9291a (patch)
tree7dacad909a11f01ffeb9342ece8cdc6f85ccdc17 /system/database
parent0140ddd510edffb901b98de6b80676ece183760c (diff)
Changed order_by() default escaping to _protect_identifiers
Diffstat (limited to 'system/database')
-rw-r--r--system/database/DB_query_builder.php5
1 files changed, 3 insertions, 2 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 486fda963..5eb6bbb4e 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -967,7 +967,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool enable field name escaping
* @return object
*/
- public function order_by($orderby, $direction = '', $escape = TRUE)
+ public function order_by($orderby, $direction = '', $escape = NULL)
{
if (strtolower($direction) === 'random')
{
@@ -979,8 +979,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC';
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
- if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE)
+ if ($escape === TRUE && strpos($orderby, ',') !== FALSE)
{
$temp = array();
foreach (explode(',', $orderby) as $part)