summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/database/DB_query_builder.php29
-rw-r--r--system/database/drivers/pdo/pdo_driver.php46
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php41
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php8
-rw-r--r--system/database/drivers/postgre/postgre_driver.php8
-rw-r--r--user_guide_src/source/changelog.rst1
6 files changed, 28 insertions, 105 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 5a86ce50f..b88ec956a 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -150,6 +150,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
protected $qb_set = array();
/**
+ * QB data set for update_batch()
+ *
+ * @var array
+ */
+ protected $qb_set_ub = array();
+
+ /**
* QB aliased tables list
*
* @var array
@@ -1886,7 +1893,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
if ($set === NULL)
{
- if (empty($this->qb_set))
+ if (empty($this->qb_set_ub))
{
return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE;
}
@@ -1913,9 +1920,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// Batch this baby
$affected_rows = 0;
- for ($i = 0, $total = count($this->qb_set); $i < $total; $i += $batch_size)
+ for ($i = 0, $total = count($this->qb_set_ub); $i < $total; $i += $batch_size)
{
- if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $index)))
+ if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set_ub, $i, $batch_size), $index)))
{
$affected_rows += $this->affected_rows();
}
@@ -1941,18 +1948,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
protected function _update_batch($table, $values, $index)
{
- $index_escaped = $this->protect_identifiers($index);
-
$ids = array();
foreach ($values as $key => $val)
{
- $ids[] = $val[$index];
+ $ids[] = $val[$index]['value'];
foreach (array_keys($val) as $field)
{
if ($field !== $index)
{
- $final[$field][] = 'WHEN '.$index_escaped.' = '.$val[$index].' THEN '.$val[$field];
+ $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['field'].' = '.$val[$index]['value'].' THEN '.$val[$field]['value'];
}
}
}
@@ -1965,7 +1970,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
.'ELSE '.$k.' END, ';
}
- $this->where($index_escaped.' IN('.implode(',', $ids).')', NULL, FALSE);
+ $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE);
return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where');
}
@@ -2002,7 +2007,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$index_set = TRUE;
}
- $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
+ $clean[$k2] = array(
+ 'field' => $this->protect_identifiers($k2, FALSE, $escape),
+ 'value' => ($escape === FALSE ? $v2 : $this->escape($v2))
+ );
}
if ($index_set === FALSE)
@@ -2010,7 +2018,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
return $this->display_error('db_batch_missing_index');
}
- $this->qb_set[] = $clean;
+ $this->qb_set_ub[] = $clean;
}
return $this;
@@ -2777,6 +2785,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
{
$this->_reset_run(array(
'qb_set' => array(),
+ 'qb_set_ub' => array(),
'qb_from' => array(),
'qb_join' => array(),
'qb_where' => array(),
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index c27607e55..2da9cf38f 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -311,52 +311,6 @@ class CI_DB_pdo_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Update_Batch statement
- *
- * Generates a platform-specific batch update string from the supplied data
- *
- * @param string $table Table name
- * @param array $values Update data
- * @param string $index WHERE key
- * @return string
- */
- protected function _update_batch($table, $values, $index)
- {
- $ids = array();
- foreach ($values as $key => $val)
- {
- $ids[] = $val[$index];
-
- foreach (array_keys($val) as $field)
- {
- if ($field !== $index)
- {
- $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field];
- }
- }
- }
-
- $cases = '';
- foreach ($final as $k => $v)
- {
- $cases .= $k.' = CASE '."\n";
-
- foreach ($v as $row)
- {
- $cases .= $row."\n";
- }
-
- $cases .= 'ELSE '.$k.' END, ';
- }
-
- $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE);
-
- return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where');
- }
-
- // --------------------------------------------------------------------
-
- /**
* Truncate statement
*
* Generates a platform-specific truncate string from the supplied data
diff --git a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php
index 837779804..4eb7f0ba6 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php
@@ -171,47 +171,6 @@ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver {
// --------------------------------------------------------------------
/**
- * Update_Batch statement
- *
- * Generates a platform-specific batch update string from the supplied data
- *
- * @param string $table Table name
- * @param array $values Update data
- * @param string $index WHERE key
- * @return string
- */
- protected function _update_batch($table, $values, $index)
- {
- $ids = array();
- foreach ($values as $key => $val)
- {
- $ids[] = $val[$index];
-
- foreach (array_keys($val) as $field)
- {
- if ($field !== $index)
- {
- $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field];
- }
- }
- }
-
- $cases = '';
- foreach ($final as $k => $v)
- {
- $cases .= $k." = CASE \n"
- .implode("\n", $v)."\n"
- .'ELSE '.$k.' END), ';
- }
-
- $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE);
-
- return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where');
- }
-
- // --------------------------------------------------------------------
-
- /**
* Truncate statement
*
* Generates a platform-specific truncate string from the supplied data
diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php
index 9483d2457..05b8350d1 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php
@@ -326,13 +326,13 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver {
$ids = array();
foreach ($values as $key => $val)
{
- $ids[] = $val[$index];
+ $ids[] = $val[$index]['value'];
foreach (array_keys($val) as $field)
{
if ($field !== $index)
{
- $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field];
+ $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['value'].' THEN '.$val[$field]['value'];
}
}
}
@@ -340,12 +340,12 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver {
$cases = '';
foreach ($final as $k => $v)
{
- $cases .= $k.' = (CASE '.$index."\n"
+ $cases .= $k.' = (CASE '.$val[$index]['field']."\n"
.implode("\n", $v)."\n"
.'ELSE '.$k.' END), ';
}
- $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE);
+ $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE);
return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where');
}
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index dfd87f95a..51916fcc1 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -550,13 +550,13 @@ class CI_DB_postgre_driver extends CI_DB {
$ids = array();
foreach ($values as $key => $val)
{
- $ids[] = $val[$index];
+ $ids[] = $val[$index]['value'];
foreach (array_keys($val) as $field)
{
if ($field !== $index)
{
- $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field];
+ $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['value'].' THEN '.$val[$field]['value'];
}
}
}
@@ -564,12 +564,12 @@ class CI_DB_postgre_driver extends CI_DB {
$cases = '';
foreach ($final as $k => $v)
{
- $cases .= $k.' = (CASE '.$index."\n"
+ $cases .= $k.' = (CASE '.$val[$index]['field']."\n"
.implode("\n", $v)."\n"
.'ELSE '.$k.' END), ';
}
- $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE);
+ $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE);
return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where');
}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index b6d74c2d8..93aabebda 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -28,6 +28,7 @@ Bug fixes for 3.1.3
- Fixed a bug (#4928) - the bootstrap file didn't check if *config/constants.php* exists before trying to load it.
- Fixed a bug (#4937) - :doc:`Image Manipulation Library <libraries/image_lib>` method ``initialize()`` didn't translate *new_image* inputs to absolute paths.
- Fixed a bug (#4941) - :doc:`Query Builder <database/query_builder>` method ``order_by()`` didn't work with 'RANDOM' under the 'pdo/sqlite' driver.
+- Fixed a regression (#4892) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping.
Version 3.1.2
=============