1 files changed, 48 insertions, 1 deletions

diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 8c98a876e..1e5e8c6f7 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1004,12 +1004,46 @@ abstract class CI_DB_driver {
 	// --------------------------------------------------------------------
 
 	/**
+	 * Escape String
+	 *
+	 * @param	string	$str
+	 * @param	bool	$like	Whether or not the string will be used in a LIKE condition
+	 * @return	string
+	 */
+	public function escape_str($str, $like = FALSE)
+	{
+		if (is_array($str))
+		{
+			foreach ($str as $key => $val)
+			{
+				$str[$key] = $this->escape_str($val, $like);
+			}
+
+			return $str;
+		}
+
+		$str = $this->_escape_str($str);
+
+		// escape LIKE condition wildcards
+		if ($like === TRUE)
+		{
+			return str_replace(array($this->_like_escape_chr, '%', '_'),
+						array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
+						$str);
+		}
+
+		return $str;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
 	 * Escape LIKE String
 	 *
 	 * Calls the individual driver for platform
 	 * specific escaping for LIKE conditions
 	 *
-	 * @param	string
+	 * @param	string|string[]
 	 * @return	mixed
 	 */
 	public function escape_like_str($str)
@@ -1020,6 +1054,19 @@ abstract class CI_DB_driver {
 	// --------------------------------------------------------------------
 
 	/**
+	 * Platform-dependant string escape
+	 *
+	 * @param	string
+	 * @return	string
+	 */
+	protected function _escape_str($str)
+	{
+		return str_replace("'", "''", remove_invisible_characters($str));
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
 	 * Primary
 	 *
 	 * Retrieves the primary key. It assumes that the row in the first