diff options
author | Andrey Andreev <narf@bofh.bg> | 2011-09-24 15:25:23 +0200 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2011-09-24 15:25:23 +0200 |
commit | dc46d99fe8ab2058df15c6a7608e5ae41ffffb2b (patch) | |
tree | df684d043b4303b1cabdd18b56e49aa2907207de /system | |
parent | d26133be24eef68b1bead61e7e808f4424a71a0a (diff) |
Escape WHERE clause field names in the DB update_string() method
Diffstat (limited to 'system')
-rw-r--r-- | system/database/DB_driver.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 300ca2977..12c0530c5 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -950,6 +950,7 @@ class CI_DB_driver { foreach ($where as $key => $val) { $prefix = (count($dest) == 0) ? '' : ' AND '; + $key = $this->_protect_identifiers($key); if ($val !== '') { @@ -1390,4 +1391,4 @@ class CI_DB_driver { /* End of file DB_driver.php */ -/* Location: ./system/database/DB_driver.php */
\ No newline at end of file +/* Location: ./system/database/DB_driver.php */ |