summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/database/DB_driver.php45
-rw-r--r--system/database/drivers/cubrid/cubrid_driver.php39
-rw-r--r--system/database/drivers/cubrid/cubrid_forge.php6
-rw-r--r--system/database/drivers/interbase/interbase_driver.php32
-rw-r--r--system/database/drivers/mssql/mssql_driver.php41
-rw-r--r--system/database/drivers/mssql/mssql_forge.php4
-rw-r--r--system/database/drivers/mysql/mysql_driver.php37
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php37
-rw-r--r--system/database/drivers/mysqli/mysqli_forge.php4
-rw-r--r--system/database/drivers/mysqli/mysqli_utility.php4
-rw-r--r--system/database/drivers/oci8/oci8_driver.php37
-rw-r--r--system/database/drivers/oci8/oci8_forge.php2
-rw-r--r--system/database/drivers/odbc/odbc_driver.php41
-rw-r--r--system/database/drivers/odbc/odbc_forge.php2
-rw-r--r--system/database/drivers/pdo/pdo_driver.php99
-rw-r--r--system/database/drivers/pdo/pdo_forge.php4
-rw-r--r--system/database/drivers/postgre/postgre_driver.php41
-rw-r--r--system/database/drivers/postgre/postgre_forge.php6
-rw-r--r--system/database/drivers/sqlite/sqlite_driver.php41
-rw-r--r--system/database/drivers/sqlite/sqlite_forge.php4
-rw-r--r--system/database/drivers/sqlite3/sqlite3_driver.php37
-rw-r--r--system/database/drivers/sqlite3/sqlite3_forge.php4
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php15
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_forge.php7
-rw-r--r--user_guide_src/source/changelog.rst3
25 files changed, 80 insertions, 512 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index dea705054..8b030af77 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -901,6 +901,43 @@ abstract class CI_DB_driver {
// --------------------------------------------------------------------
/**
+ * Escape the SQL Identifiers
+ *
+ * This function escapes column and table names
+ *
+ * @param string
+ * @return string
+ */
+ public function escape_identifiers($item)
+ {
+ if ($this->_escape_char == '')
+ {
+ return $item;
+ }
+
+ foreach ($this->_reserved_identifiers as $id)
+ {
+ if (strpos($item, '.'.$id) !== FALSE)
+ {
+ $item = str_replace('.', $this->_escape_char.'.', $item);
+
+ // remove duplicates if the user already included the escape
+ return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
+ }
+ }
+
+ if (strpos($item, '.') !== FALSE)
+ {
+ $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
+ }
+
+ // remove duplicates if the user already included the escape
+ return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Generate an insert string
*
* @param string the table upon which the query will be performed
@@ -913,7 +950,7 @@ abstract class CI_DB_driver {
foreach ($data as $key => $val)
{
- $fields[] = $this->_escape_identifiers($key);
+ $fields[] = $this->escape_identifiers($key);
$values[] = $this->escape($val);
}
@@ -1254,7 +1291,7 @@ abstract class CI_DB_driver {
{
if ( ! in_array($val, $this->_reserved_identifiers))
{
- $parts[$key] = $this->_escape_identifiers($val);
+ $parts[$key] = $this->escape_identifiers($val);
}
}
@@ -1311,7 +1348,7 @@ abstract class CI_DB_driver {
if ($protect_identifiers === TRUE)
{
- $item = $this->_escape_identifiers($item);
+ $item = $this->escape_identifiers($item);
}
return $item.$alias;
@@ -1334,7 +1371,7 @@ abstract class CI_DB_driver {
if ($protect_identifiers === TRUE && ! in_array($item, $this->_reserved_identifiers))
{
- $item = $this->_escape_identifiers($item);
+ $item = $this->escape_identifiers($item);
}
return $item.$alias;
diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php
index b2ccec2d4..74d1a850a 100644
--- a/system/database/drivers/cubrid/cubrid_driver.php
+++ b/system/database/drivers/cubrid/cubrid_driver.php
@@ -435,45 +435,6 @@ class CI_DB_cubrid_driver extends CI_DB {
return array('code' => cubrid_errno($this->conn_id), 'message' => cubrid_error($this->conn_id));
}
- /**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char;
- }
- else
- {
- $str = $this->_escape_char.$item.$this->_escape_char;
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
-
// --------------------------------------------------------------------
/**
diff --git a/system/database/drivers/cubrid/cubrid_forge.php b/system/database/drivers/cubrid/cubrid_forge.php
index bbda484c4..f83dc97f4 100644
--- a/system/database/drivers/cubrid/cubrid_forge.php
+++ b/system/database/drivers/cubrid/cubrid_forge.php
@@ -184,9 +184,7 @@ class CI_DB_cubrid_forge extends CI_DB_forge {
// As of version 8.4.0 CUBRID does not support this SQL syntax.
}
- $sql .= $this->db->_escape_identifiers($table)." (";
-
- $sql .= $this->_process_fields($fields);
+ $sql .= $this->db->escape_identifiers($table).' ('.$this->_process_fields($fields);
// If there is a PK defined
if (count($primary_keys) > 0)
@@ -230,7 +228,7 @@ class CI_DB_cubrid_forge extends CI_DB_forge {
*/
public function _drop_table($table)
{
- return "DROP TABLE IF EXISTS ".$this->db->_escape_identifiers($table);
+ return 'DROP TABLE IF EXISTS '.$this->db->escape_identifiers($table);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php
index fd164cd07..88638a21a 100644
--- a/system/database/drivers/interbase/interbase_driver.php
+++ b/system/database/drivers/interbase/interbase_driver.php
@@ -343,38 +343,6 @@ class CI_DB_interbase_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This public function escapes column and table names
- *
- * @param string
- * @return string
- */
- protected function _escape_identifiers($item)
- {
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This public function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php
index 055c9decb..ae3b843ee 100644
--- a/system/database/drivers/mssql/mssql_driver.php
+++ b/system/database/drivers/mssql/mssql_driver.php
@@ -404,47 +404,6 @@ class CI_DB_mssql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char;
- }
- else
- {
- $str = $this->_escape_char.$item.$this->_escape_char;
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/mssql/mssql_forge.php b/system/database/drivers/mssql/mssql_forge.php
index 2e3e314ed..d787b3764 100644
--- a/system/database/drivers/mssql/mssql_forge.php
+++ b/system/database/drivers/mssql/mssql_forge.php
@@ -68,7 +68,7 @@ class CI_DB_mssql_forge extends CI_DB_forge {
*/
public function _drop_table($table)
{
- return "DROP TABLE ".$this->db->_escape_identifiers($table);
+ return 'DROP TABLE '.$this->db->escape_identifiers($table);
}
// --------------------------------------------------------------------
@@ -92,7 +92,7 @@ class CI_DB_mssql_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table)." (";
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
foreach ($fields as $field => $attributes)
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index 7afa5acd4..28020d3e6 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -439,43 +439,6 @@ class CI_DB_mysql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 00bc726c5..50e213641 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -439,43 +439,6 @@ class CI_DB_mysqli_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/mysqli/mysqli_forge.php b/system/database/drivers/mysqli/mysqli_forge.php
index a1caf5cfb..4b6939e2a 100644
--- a/system/database/drivers/mysqli/mysqli_forge.php
+++ b/system/database/drivers/mysqli/mysqli_forge.php
@@ -148,7 +148,7 @@ class CI_DB_mysqli_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table).' ('.$this->_process_fields($fields);
+ $sql .= $this->db->escape_identifiers($table).' ('.$this->_process_fields($fields);
if (count($primary_keys) > 0)
{
@@ -187,7 +187,7 @@ class CI_DB_mysqli_forge extends CI_DB_forge {
*/
public function _drop_table($table)
{
- return 'DROP TABLE IF EXISTS '.$this->db->_escape_identifiers($table);
+ return 'DROP TABLE IF EXISTS '.$this->db->escape_identifiers($table);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysqli/mysqli_utility.php b/system/database/drivers/mysqli/mysqli_utility.php
index 4d7002e78..cb3f86b8b 100644
--- a/system/database/drivers/mysqli/mysqli_utility.php
+++ b/system/database/drivers/mysqli/mysqli_utility.php
@@ -56,7 +56,7 @@ class CI_DB_mysqli_utility extends CI_DB_utility {
*/
public function _optimize_table($table)
{
- return 'OPTIMIZE TABLE '.$this->db->_escape_identifiers($table);
+ return 'OPTIMIZE TABLE '.$this->db->escape_identifiers($table);
}
// --------------------------------------------------------------------
@@ -71,7 +71,7 @@ class CI_DB_mysqli_utility extends CI_DB_utility {
*/
public function _repair_table($table)
{
- return 'REPAIR TABLE '.$this->db->_escape_identifiers($table);
+ return 'REPAIR TABLE '.$this->db->escape_identifiers($table);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index 756d93a16..6e225ee1f 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -567,43 +567,6 @@ class CI_DB_oci8_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php
index 4b2eccae5..033e618e7 100644
--- a/system/database/drivers/oci8/oci8_forge.php
+++ b/system/database/drivers/oci8/oci8_forge.php
@@ -81,7 +81,7 @@ class CI_DB_oci8_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table).' (';
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
foreach ($fields as $field => $attributes)
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index de5af7bd2..d1a5f774b 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -343,47 +343,6 @@ class CI_DB_odbc_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char;
- }
- else
- {
- $str = $this->_escape_char.$item.$this->_escape_char;
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/odbc/odbc_forge.php b/system/database/drivers/odbc/odbc_forge.php
index 486a8dd7f..afdd6dec2 100644
--- a/system/database/drivers/odbc/odbc_forge.php
+++ b/system/database/drivers/odbc/odbc_forge.php
@@ -91,7 +91,7 @@ class CI_DB_odbc_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table)." (";
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
foreach ($fields as $field => $attributes)
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index aec39c819..919bb9c00 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -46,8 +46,8 @@ class CI_DB_pdo_driver extends CI_DB {
protected $_escape_char = '';
// clause and character used for LIKE escape sequences
- protected $_like_escape_str;
- protected $_like_escape_chr;
+ protected $_like_escape_str = " ESCAPE '%s' ";
+ protected $_like_escape_chr = '!';
/**
* The syntax to count rows is slightly different across different
@@ -81,18 +81,17 @@ class CI_DB_pdo_driver extends CI_DB {
// this one depends on the driver being used
if ($this->pdodriver == 'mysql')
{
+ $this->_escape_char = '`';
$this->_like_escape_str = '';
$this->_like_escape_chr = '';
}
elseif ($this->pdodriver == 'odbc')
{
$this->_like_escape_str = " {escape '%s'} ";
- $this->_like_escape_chr = '!';
}
- else
+ elseif ( ! in_array($this->pdodriver, array('sqlsrv', 'mssql', 'dblib', 'sybase')))
{
- $this->_like_escape_str = " ESCAPE '%s' ";
- $this->_like_escape_chr = '!';
+ $this->_escape_char = '"';
}
$this->trans_enabled = FALSE;
@@ -268,8 +267,6 @@ class CI_DB_pdo_driver extends CI_DB {
*/
protected function _execute($sql)
{
- $sql = $this->_prep_query($sql);
-
$result_id = $this->conn_id->query($sql);
if (is_object($result_id))
@@ -287,32 +284,6 @@ class CI_DB_pdo_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Prep the query
- *
- * If needed, each database adapter can prep the query string
- *
- * @param string an SQL query
- * @return string
- */
- protected function _prep_query($sql)
- {
- if ($this->pdodriver === 'pgsql')
- {
- // Change the backtick(s) for Postgre
- $sql = str_replace('`', '"', $sql);
- }
- elseif ($this->pdodriver === 'sqlite')
- {
- // Change the backtick(s) for SQLite
- $sql = str_replace('`', '', $sql);
- }
-
- return $sql;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Begin Transaction
*
* @return bool
@@ -516,7 +487,7 @@ class CI_DB_pdo_driver extends CI_DB {
}
else
{
- $sql = "SHOW TABLES FROM `".$this->database."`";
+ $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database);
}
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
@@ -539,7 +510,7 @@ class CI_DB_pdo_driver extends CI_DB {
*/
protected function _list_columns($table = '')
{
- return 'SHOW COLUMNS FROM '.$this->_from_tables($table);
+ return 'SHOW COLUMNS FROM '.$this->escape_identifiers($table);
}
// --------------------------------------------------------------------
@@ -557,20 +528,20 @@ class CI_DB_pdo_driver extends CI_DB {
if ($this->pdodriver == 'mysql' or $this->pdodriver == 'pgsql')
{
// Analog function for mysql and postgre
- return 'SELECT * FROM '.$this->_from_tables($table).' LIMIT 1';
+ return 'SELECT * FROM '.$this->escape_identifiers($table).' LIMIT 1';
}
elseif ($this->pdodriver == 'oci')
{
// Analog function for oci
- return 'SELECT * FROM '.$this->_from_tables($table).' WHERE ROWNUM <= 1';
+ return 'SELECT * FROM '.$this->escape_identifiers($table).' WHERE ROWNUM <= 1';
}
elseif ($this->pdodriver == 'sqlite')
{
// Analog function for sqlite
- return 'PRAGMA table_info('.$this->_from_tables($table).')';
+ return 'PRAGMA table_info('.$this->escape_identifiers($table).')';
}
- return 'SELECT TOP 1 FROM '.$this->_from_tables($table);
+ return 'SELECT TOP 1 FROM '.$this->escape_identifiers($table);
}
// --------------------------------------------------------------------
@@ -605,48 +576,6 @@ class CI_DB_pdo_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
- $str .= $this->_escape_char;
- }
- else
- {
- $str = $this->_escape_char.$item.$this->_escape_char;
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
@@ -662,7 +591,7 @@ class CI_DB_pdo_driver extends CI_DB {
$tables = array($tables);
}
- return (count($tables) == 1) ? '`'.$tables[0].'`' : '('.implode(', ', $tables).')';
+ return (count($tables) === 1) ? $tables[0] : '('.implode(', ', $tables).')';
}
// --------------------------------------------------------------------
@@ -695,7 +624,7 @@ class CI_DB_pdo_driver extends CI_DB {
}
}
- $sql = 'UPDATE '.$this->_from_tables($table).' SET ';
+ $sql = 'UPDATE '.$table.' SET ';
$cases = '';
foreach ($final as $k => $v)
@@ -765,7 +694,7 @@ class CI_DB_pdo_driver extends CI_DB {
$limit = ( ! $limit) ? '' : ' LIMIT '.$limit;
- return 'DELETE FROM '.$this->_from_tables($table).$conditions.$limit;
+ return 'DELETE FROM '.$table.$conditions.$limit;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php
index 6bff3542f..9635e4c9a 100644
--- a/system/database/drivers/pdo/pdo_forge.php
+++ b/system/database/drivers/pdo/pdo_forge.php
@@ -91,10 +91,10 @@ class CI_DB_pdo_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= '`'.$this->db->_escape_identifiers($table).'` (';
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
- foreach ($fields as $field=>$attributes)
+ foreach ($fields as $field => $attributes)
{
// Numeric field names aren't allowed in databases, so if the key is
// numeric, we know it was assigned by PHP and the developer manually
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index f95ff560f..1e96452b4 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -457,47 +457,6 @@ class CI_DB_postgre_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char;
- }
- else
- {
- $str = $this->_escape_char.$item.$this->_escape_char;
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php
index a72449820..f7d59284a 100644
--- a/system/database/drivers/postgre/postgre_forge.php
+++ b/system/database/drivers/postgre/postgre_forge.php
@@ -193,8 +193,7 @@ class CI_DB_postgre_forge extends CI_DB_forge {
}
}
- $sql .= $this->db->_escape_identifiers($table)." (";
- $sql .= $this->_process_fields($fields, $primary_keys);
+ $sql .= $this->db->escape_identifiers($table).' ('.$this->_process_fields($fields, $primary_keys);
if (count($primary_keys) > 0)
{
@@ -237,11 +236,12 @@ class CI_DB_postgre_forge extends CI_DB_forge {
/**
* Drop Table
*
+ * @param string table name
* @return string
*/
public function _drop_table($table)
{
- return "DROP TABLE IF EXISTS ".$this->db->_escape_identifiers($table)." CASCADE";
+ return 'DROP TABLE IF EXISTS '.$this->db->escape_identifiers($table).' CASCADE';
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php
index 9c611f2fd..3a986d0a8 100644
--- a/system/database/drivers/sqlite/sqlite_driver.php
+++ b/system/database/drivers/sqlite/sqlite_driver.php
@@ -366,47 +366,6 @@ class CI_DB_sqlite_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char;
- }
- else
- {
- $str = $this->_escape_char.$item.$this->_escape_char;
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/sqlite/sqlite_forge.php b/system/database/drivers/sqlite/sqlite_forge.php
index 068a556ed..a62e8d9ae 100644
--- a/system/database/drivers/sqlite/sqlite_forge.php
+++ b/system/database/drivers/sqlite/sqlite_forge.php
@@ -90,10 +90,10 @@ class CI_DB_sqlite_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table)."(";
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
- foreach ($fields as $field=>$attributes)
+ foreach ($fields as $field => $attributes)
{
// Numeric field names aren't allowed in databases, so if the key is
// numeric, we know it was assigned by PHP and the developer manually
diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php
index c78f0c4fe..12354e1bc 100644
--- a/system/database/drivers/sqlite3/sqlite3_driver.php
+++ b/system/database/drivers/sqlite3/sqlite3_driver.php
@@ -342,43 +342,6 @@ class CI_DB_sqlite3_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- if ($this->_escape_char == '')
- {
- return $item;
- }
-
- foreach ($this->_reserved_identifiers as $id)
- {
- if (strpos($item, '.'.$id) !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.', $item);
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item);
- }
- }
-
- if (strpos($item, '.') !== FALSE)
- {
- $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
- }
-
- // remove duplicates if the user already included the escape
- return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char);
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/sqlite3/sqlite3_forge.php b/system/database/drivers/sqlite3/sqlite3_forge.php
index 254db21d8..3a2060c3b 100644
--- a/system/database/drivers/sqlite3/sqlite3_forge.php
+++ b/system/database/drivers/sqlite3/sqlite3_forge.php
@@ -95,10 +95,10 @@ class CI_DB_sqlite3_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table).'(';
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
- foreach ($fields as $field=>$attributes)
+ foreach ($fields as $field => $attributes)
{
// Numeric field names aren't allowed in databases, so if the key is
// numeric, we know it was assigned by PHP and the developer manually
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index f75024799..f4eab8f28 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -393,21 +393,6 @@ class CI_DB_sqlsrv_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Escape the SQL Identifiers
- *
- * This function escapes column and table names
- *
- * @param string
- * @return string
- */
- public function _escape_identifiers($item)
- {
- return $item;
- }
-
- // --------------------------------------------------------------------
-
- /**
* From Tables
*
* This function implicitly groups FROM tables so there is no confusion
diff --git a/system/database/drivers/sqlsrv/sqlsrv_forge.php b/system/database/drivers/sqlsrv/sqlsrv_forge.php
index 0dc7b5242..377dcf154 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_forge.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_forge.php
@@ -63,11 +63,12 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge {
/**
* Drop Table
*
- * @return bool
+ * @param string table name
+ * @return string
*/
public function _drop_table($table)
{
- return "DROP TABLE ".$this->db->_escape_identifiers($table);
+ return 'DROP TABLE '.$this->db->escape_identifiers($table);
}
// --------------------------------------------------------------------
@@ -91,7 +92,7 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table)." (";
+ $sql .= $this->db->escape_identifiers($table).' (';
$current_field_count = 0;
foreach ($fields as $field => $attributes)
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 81644ecac..3ad930ed1 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -75,7 +75,7 @@ Release Date: Not Released
- Added _optimize_table() support for the :doc:`Database Utility Class <database/utilities>` (rebuilds table indexes).
- Added a constructor to the DB_result class and moved all driver-specific properties and logic out of the base DB_driver class to allow better abstraction.
- Removed limit() and order_by() support for UPDATE and DELETE queries in PostgreSQL driver. Postgres does not support those features.
- - Removed protect_identifiers() and renamed _protect_identifiers() to it instead - it was just an alias.
+ - Removed protect_identifiers() and renamed internal method _protect_identifiers() to it instead - it was just an alias.
- MySQL and MySQLi drivers now require at least MySQL version 5.1.
- db_set_charset() now only requires one parameter (collation was only needed due to legacy support for MySQL versions prior to 5.1).
- Added DSN string support for CUBRID.
@@ -91,6 +91,7 @@ Release Date: Not Released
- *Row* result methods now really only fetch only the needed number of rows, instead of depending entirely on result().
- num_rows() is now only called explicitly by the developer and no longer re-executes statements.
- Added replace() support for SQLite.
+ - Renamed internal method _escape_identifiers() to escape_identifiers().
- Libraries