diff options
author | Derek Jones <derek.jones@ellislab.com> | 2008-09-24 20:22:03 +0200 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2008-09-24 20:22:03 +0200 |
commit | d16bab12339fe2746e1ead72ba96351c3423c27c (patch) | |
tree | 636ce46d0cb6e2e8a0d777b23ea79da3defea183 /system | |
parent | c184b3beda28be9c5815fdfc1be7aa79c8b84b16 (diff) |
added removal of non-printing characters to escape_str() of drivers that do not have native PHP escaping mechanisms
Diffstat (limited to 'system')
-rw-r--r-- | system/database/drivers/mssql/mssql_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/oci8/oci8_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/odbc/odbc_driver.php | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 98c03c56e..5ac90b451 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -214,7 +214,7 @@ class CI_DB_mssql_driver extends CI_DB { function escape_str($str)
{
// Escape single quotes
- return str_replace("'", "''", $str);
+ return str_replace("'", "''", $this->input->_remove_invisible_characters($str));
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index d6bc512be..765c3f6c9 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -366,7 +366,7 @@ class CI_DB_oci8_driver extends CI_DB { */
function escape_str($str)
{
- return $str;
+ return $this->input->_remove_invisible_characters($str);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 647171696..f89000d83 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -235,7 +235,7 @@ class CI_DB_odbc_driver extends CI_DB { function escape_str($str)
{
// ODBC doesn't require escaping
- return $str;
+ return $this->input->_remove_invisible_characters($str);
}
// --------------------------------------------------------------------
|