diff options
Diffstat (limited to 'system/database/DB_driver.php')
-rw-r--r-- | system/database/DB_driver.php | 691 |
1 files changed, 562 insertions, 129 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 61b05d52b..2d5b91541 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * Database Driver Class @@ -40,43 +41,316 @@ */ abstract class CI_DB_driver { + /** + * Data Source Name / Connect string + * + * @var string + */ public $dsn; + + /** + * Username + * + * @var string + */ public $username; + + /** + * Password + * + * @var string + */ public $password; + + /** + * Hostname + * + * @var string + */ public $hostname; + + /** + * Database name + * + * @var string + */ public $database; - public $dbdriver = 'mysql'; + + /** + * Database driver + * + * @var string + */ + public $dbdriver = 'mysqli'; + + /** + * Sub-driver + * + * @used-by CI_DB_pdo_driver + * @var string + */ + public $subdriver; + + /** + * Table prefix + * + * @var string + */ public $dbprefix = ''; + + /** + * Character set + * + * @var string + */ public $char_set = 'utf8'; + + /** + * Collation + * + * @var string + */ public $dbcollat = 'utf8_general_ci'; - public $autoinit = TRUE; // Whether to automatically initialize the DB + + /** + * Auto-init flag + * + * Whether to automatically initialize the DB connection. + * + * @var bool + */ + public $autoinit = TRUE; + + /** + * Encryption flag/data + * + * @var mixed + */ + public $encrypt = FALSE; + + /** + * Swap Prefix + * + * @var string + */ public $swap_pre = ''; + + /** + * Database port + * + * @var int + */ public $port = ''; + + /** + * Persistent connection flag + * + * @var bool + */ public $pconnect = FALSE; + + /** + * Connection ID + * + * @var object|resource + */ public $conn_id = FALSE; + + /** + * Result ID + * + * @var object|resource + */ public $result_id = FALSE; + + /** + * Debug flag + * + * Whether to display error messages. + * + * @var bool + */ public $db_debug = FALSE; + + /** + * Benchmark time + * + * @var int + */ public $benchmark = 0; + + /** + * Executed queries count + * + * @var int + */ public $query_count = 0; + + /** + * Bind marker + * + * Character used to identify values in a prepared statement. + * + * @var string + */ public $bind_marker = '?'; + + /** + * Save queries flag + * + * Whether to keep an in-memory history of queries for debugging purposes. + * + * @var bool + */ public $save_queries = TRUE; + + /** + * Queries list + * + * @see CI_DB_driver::$save_queries + * @var string[] + */ public $queries = array(); + + /** + * Query times + * + * A list of times that queries took to execute. + * + * @var array + */ public $query_times = array(); + + /** + * Data cache + * + * An internal generic value cache. + * + * @var array + */ public $data_cache = array(); + /** + * Transaction enabled flag + * + * @var bool + */ public $trans_enabled = TRUE; + + /** + * Strict transaction mode flag + * + * @var bool + */ public $trans_strict = TRUE; + + /** + * Transaction depth level + * + * @var int + */ protected $_trans_depth = 0; - protected $_trans_status = TRUE; // Used with transactions to determine if a rollback should occur + /** + * Transaction status flag + * + * Used with transactions to determine if a rollback should occur. + * + * @var bool + */ + protected $_trans_status = TRUE; + + /** + * Cache On flag + * + * @var bool + */ public $cache_on = FALSE; + + /** + * Cache directory path + * + * @var bool + */ public $cachedir = ''; + + /** + * Cache auto-delete flag + * + * @var bool + */ public $cache_autodel = FALSE; - public $CACHE; // The cache class object + /** + * DB Cache object + * + * @see CI_DB_cache + * @var object + */ + public $CACHE; + + /** + * Protect identifiers flag + * + * @var bool + */ protected $_protect_identifiers = TRUE; - protected $_reserved_identifiers = array('*'); // Identifiers that should NOT be escaped + /** + * List of reserved identifiers + * + * Identifiers that must NOT be escaped. + * + * @var string[] + */ + protected $_reserved_identifiers = array('*'); + + /** + * Identifier escape character + * + * @var string + */ + protected $_escape_char = '"'; + + /** + * ESCAPE statement string + * + * @var string + */ + protected $_like_escape_str = " ESCAPE '%s' "; + + /** + * ESCAPE character + * + * @var string + */ + protected $_like_escape_chr = '!'; + + /** + * ORDER BY random keyword + * + * @var array + */ + protected $_random_keyword = array('RAND()', 'RAND(%d)'); + + /** + * COUNT string + * + * @used-by CI_DB_driver::count_all() + * @used-by CI_DB_query_builder::count_all_results() + * + * @var string + */ + protected $_count_string = 'SELECT COUNT(*) AS '; + + // -------------------------------------------------------------------- + + /** + * Class constructor + * + * @param array $params + * @return void + */ public function __construct($params) { if (is_array($params)) @@ -113,7 +387,7 @@ abstract class CI_DB_driver { // ---------------------------------------------------------------- // Connect to the database and set the connection ID - $this->conn_id = ($this->pconnect == FALSE) ? $this->db_connect() : $this->db_pconnect(); + $this->conn_id = ($this->pconnect === FALSE) ? $this->db_connect() : $this->db_pconnect(); // No connection resource? Check if there is a failover else throw an error if ( ! $this->conn_id) @@ -131,7 +405,7 @@ abstract class CI_DB_driver { } // Try to connect - $this->conn_id = ($this->pconnect == FALSE) ? $this->db_connect() : $this->db_pconnect(); + $this->conn_id = ($this->pconnect === FALSE) ? $this->db_connect() : $this->db_pconnect(); // If a connection is made break the foreach loop if ($this->conn_id) @@ -291,21 +565,26 @@ abstract class CI_DB_driver { * FALSE upon failure, and if the $db_debug variable is set to TRUE * will raise an error. * - * @param string An SQL query string - * @param array An array of binding data + * @param string $sql + * @param array $binds = FALSE An array of binding data + * @param bool $return_object = NULL * @return mixed */ - public function query($sql, $binds = FALSE, $return_object = TRUE) + public function query($sql, $binds = FALSE, $return_object = NULL) { - if ($sql == '') + if ($sql === '') { log_message('error', 'Invalid query: '.$sql); return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } + elseif ( ! is_bool($return_object)) + { + $return_object = ! $this->is_write_type($sql); + } // Verify table prefix and replace if necessary - if ($this->dbprefix != '' && $this->swap_pre != '' && $this->dbprefix != $this->swap_pre) + if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre) { $sql = preg_replace('/(\W)'.$this->swap_pre.'(\S+?)/', '\\1'.$this->dbprefix.'\\2', $sql); } @@ -319,7 +598,7 @@ abstract class CI_DB_driver { // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists - if ($this->cache_on == TRUE && stripos($sql, 'SELECT') !== FALSE && $this->_cache_init()) + if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) @@ -328,19 +607,19 @@ abstract class CI_DB_driver { } } - // Save the query for debugging - if ($this->save_queries == TRUE) + // Save the query for debugging + if ($this->save_queries === TRUE) { $this->queries[] = $sql; } // Start the Query Timer - $time_start = list($sm, $ss) = explode(' ', microtime()); + $time_start = microtime(TRUE); // Run the Query if (FALSE === ($this->result_id = $this->simple_query($sql))) { - if ($this->save_queries == TRUE) + if ($this->save_queries === TRUE) { $this->query_times[] = 0; } @@ -352,7 +631,7 @@ abstract class CI_DB_driver { $error = $this->error(); // Log errors - log_message('error', 'Query error: '.$error['message']); + log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql); if ($this->db_debug) { @@ -370,24 +649,22 @@ abstract class CI_DB_driver { } // Stop and aggregate the query time results - $time_end = list($em, $es) = explode(' ', microtime()); - $this->benchmark += ($em + $es) - ($sm + $ss); + $time_end = microtime(TRUE); + $this->benchmark += $time_end - $time_start; - if ($this->save_queries == TRUE) + if ($this->save_queries === TRUE) { - $this->query_times[] = ($em + $es) - ($sm + $ss); + $this->query_times[] = $time_end - $time_start; } // Increment the query counter $this->query_count++; - // Was the query a "write" type? - // If so we'll simply return true - if ($this->is_write_type($sql) === TRUE) + // Will we have a result object instantiated? If not - we'll simply return TRUE + if ($return_object !== TRUE) { - // If caching is enabled we'll auto-cleanup any - // existing files related to this particular URI - if ($this->cache_on == TRUE && $this->cache_autodel == TRUE && $this->_cache_init()) + // If caching is enabled we'll auto-cleanup any existing files related to this particular URI + if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init()) { $this->CACHE->delete(); } @@ -396,8 +673,6 @@ abstract class CI_DB_driver { } // Return TRUE if we don't need to create a result object - // Currently only the Oracle driver uses this when stored - // procedures are used if ($return_object !== TRUE) { return TRUE; @@ -409,7 +684,7 @@ abstract class CI_DB_driver { // Is query caching enabled? If so, we'll serialize the // result object and save it to a cache file. - if ($this->cache_on == TRUE && $this->_cache_init()) + if ($this->cache_on === TRUE && $this->_cache_init()) { // We'll create a new instance of the result object // only without the platform specific driver since @@ -417,7 +692,7 @@ abstract class CI_DB_driver { // resource ID won't be any good once we've cached the // result object, so we'll have to compile the data // and save it) - $CR = new CI_DB_result(); + $CR = new CI_DB_result($this); $CR->result_object = $RES->result_object(); $CR->result_array = $RES->result_array(); $CR->num_rows = $RES->num_rows(); @@ -495,6 +770,7 @@ abstract class CI_DB_driver { * If strict mode is disabled, each group is treated autonomously, meaning * a failure of one group will not affect any others * + * @param bool $mode = TRUE * @return void */ public function trans_strict($mode = TRUE) @@ -507,6 +783,7 @@ abstract class CI_DB_driver { /** * Start Transaction * + * @param bool $test_mode = FALSE * @return void */ public function trans_start($test_mode = FALSE) @@ -596,35 +873,53 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (strpos($sql, $this->bind_marker) === FALSE) + if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) { return $sql; } - - if ( ! is_array($binds)) + elseif ( ! is_array($binds)) { $binds = array($binds); + $bind_count = 1; + } + else + { + // Make sure we're using numeric keys + $binds = array_values($binds); + $bind_count = count($binds); } - // Get the sql segments around the bind markers - $segments = explode($this->bind_marker, $sql); + // We'll need the marker length later + $ml = strlen($this->bind_marker); - // The count of bind should be 1 less then the count of segments - // If there are more bind arguments trim it down - if (count($binds) >= count($segments)) + // Make sure not to replace a chunk inside a string that happens to match the bind marker + if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) { - $binds = array_slice($binds, 0, count($segments)-1); + $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', + str_replace($matches[0], + str_replace($this->bind_marker, str_repeat(' ', $ml), $matches[0]), + $sql, $c), + $matches, PREG_OFFSET_CAPTURE); + + // Bind values' count must match the count of markers in the query + if ($bind_count !== $c) + { + return $sql; + } + } + elseif (($c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', $sql, $matches, PREG_OFFSET_CAPTURE)) !== $bind_count) + { + return $sql; } - // Construct the binded query - $result = $segments[0]; - $i = 0; - foreach ($binds as $bind) + do { - $result .= $this->escape($bind).$segments[++$i]; + $c--; + $sql = substr_replace($sql, $this->escape($binds[$c]), $matches[0][$c][1], $ml); } + while ($c !== 0); - return $result; + return $sql; } // -------------------------------------------------------------------- @@ -637,7 +932,7 @@ abstract class CI_DB_driver { */ public function is_write_type($sql) { - return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD DATA|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s+/i', $sql); + return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s+/i', $sql); } // -------------------------------------------------------------------- @@ -690,7 +985,7 @@ abstract class CI_DB_driver { */ public function escape($str) { - if (is_string($str) OR method_exists($str, '__toString')) + if (is_string($str) OR (is_object($str) && method_exists($str, '__toString'))) { return "'".$this->escape_str($str)."'"; } @@ -742,8 +1037,38 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * "Count All" query + * + * Generates a platform-specific query string that counts all records in + * the specified database + * + * @param string + * @return int + */ + public function count_all($table = '') + { + if ($table === '') + { + return 0; + } + + $query = $this->query($this->_count_string.$this->escape_identifiers('numrows').' FROM '.$this->protect_identifiers($table, TRUE, NULL, FALSE)); + if ($query->num_rows() === 0) + { + return 0; + } + + $query = $query->row(); + $this->_reset_select(); + return (int) $query->numrows; + } + + // -------------------------------------------------------------------- + + /** * Returns an array of table names * + * @param string $constrain_by_prefix = FALSE * @return array */ public function list_tables($constrain_by_prefix = FALSE) @@ -798,6 +1123,7 @@ abstract class CI_DB_driver { /** * Determine if a particular table exists * + * @param string $table_name * @return bool */ public function table_exists($table_name) @@ -808,7 +1134,7 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Fetch MySQL Field Names + * Fetch Field Names * * @param string the table name * @return array @@ -821,7 +1147,7 @@ abstract class CI_DB_driver { return $this->data_cache['field_names'][$table]; } - if ($table == '') + if ($table === '') { return ($this->db_debug) ? $this->display_error('db_field_param_missing') : FALSE; } @@ -889,7 +1215,7 @@ abstract class CI_DB_driver { */ public function field_data($table = '') { - if ($table == '') + if ($table === '') { return ($this->db_debug) ? $this->display_error('db_field_param_missing') : FALSE; } @@ -905,34 +1231,57 @@ abstract class CI_DB_driver { * * This function escapes column and table names * - * @param string - * @return string + * @param mixed + * @return mixed */ public function escape_identifiers($item) { - if ($this->_escape_char == '') + if ($this->_escape_char === '' OR empty($item) OR in_array($item, $this->_reserved_identifiers)) { return $item; } - - foreach ($this->_reserved_identifiers as $id) + elseif (is_array($item)) { - if (strpos($item, '.'.$id) !== FALSE) + foreach ($item as $key => $value) { - $item = str_replace('.', $this->_escape_char.'.', $item); + $item[$key] = $this->escape_identifiers($value); + } + + return $item; + } + // Avoid breaking functions and literal values inside queries + elseif (ctype_digit($item) OR $item[0] === "'" OR ($this->_escape_char !== '"' && $item[0] === '"') OR strpos($item, '(') !== FALSE) + { + return $item; + } - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); + static $preg_ec = array(); + + if (empty($preg_ec)) + { + if (is_array($this->_escape_char)) + { + $preg_ec = array( + preg_quote($this->_escape_char[0], '/'), preg_quote($this->_escape_char[1], '/'), + $this->_escape_char[0], $this->_escape_char[1] + ); + } + else + { + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char, '/'); + $preg_ec[2] = $preg_ec[3] = $this->_escape_char; } } - if (strpos($item, '.') !== FALSE) + foreach ($this->_reserved_identifiers as $id) { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + if (strpos($item, '.'.$id) !== FALSE) + { + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); + } } - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); } // -------------------------------------------------------------------- @@ -960,6 +1309,23 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Insert statement + * + * Generates a platform-specific insert string from the supplied data + * + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + protected function _insert($table, $keys, $values) + { + return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; + } + + // -------------------------------------------------------------------- + + /** * Generate an update string * * @param string the table upon which the query will be performed @@ -969,44 +1335,44 @@ abstract class CI_DB_driver { */ public function update_string($table, $data, $where) { - if ($where == '') + if (empty($where)) { return FALSE; } + $this->where($where); + $fields = array(); foreach ($data as $key => $val) { $fields[$this->protect_identifiers($key)] = $this->escape($val); } - if ( ! is_array($where)) - { - $dest = array($where); - } - else - { - $dest = array(); - foreach ($where as $key => $val) - { - $prefix = (count($dest) == 0) ? '' : ' AND '; - $key = $this->protect_identifiers($key); - - if ($val !== '') - { - if ( ! $this->_has_operator($key)) - { - $key .= ' ='; - } + return $this->_update($this->protect_identifiers($table, TRUE, NULL, FALSE), $fields); + } - $val = ' '.$this->escape($val); - } + // -------------------------------------------------------------------- - $dest[] = $prefix.$key.$val; - } + /** + * Update statement + * + * Generates a platform-specific update string from the supplied data + * + * @param string the table name + * @param array the update data + * @return string + */ + protected function _update($table, $values) + { + foreach ($values as $key => $val) + { + $valstr[] = $key.' = '.$val; } - return $this->_update($this->protect_identifiers($table, TRUE, NULL, FALSE), $fields, $dest); + return 'UPDATE '.$table.' SET '.implode(', ', $valstr) + .$this->_compile_wh('qb_where') + .$this->_compile_order_by() + .($this->qb_limit ? ' LIMIT '.$this->qb_limit : ''); } // -------------------------------------------------------------------- @@ -1019,7 +1385,43 @@ abstract class CI_DB_driver { */ protected function _has_operator($str) { - return (bool) preg_match('/(\s|<|>|!|=|IS NULL|IS NOT NULL)/i', trim($str)); + return (bool) preg_match('/(<|>|!|=|\sIS NULL|\sIS NOT NULL|\sBETWEEN|\sLIKE|\sIN\s*\(|\s)/i', trim($str)); + } + + // -------------------------------------------------------------------- + + /** + * Returns the SQL string operator + * + * @param string + * @return string + */ + protected function _get_operator($str) + { + static $_operators; + + if (empty($_operators)) + { + $_les = ($this->_like_escape_str !== '') + ? '\s+'.preg_quote(trim(sprintf($this->_like_escape_str, $this->_like_escape_chr)), '/') + : ''; + $_operators = array( + '\s*(?:<|>|!)?=\s*', // =, <=, >=, != + '\s*<>?\s*', // <, <> + '\s*>\s*', // > + '\s+IS NULL', // IS NULL + '\s+IS NOT NULL', // IS NOT NULL + '\s+BETWEEN\s+\S+\s+AND\s+\S+', // BETWEEN value AND value + '\s+IN\s*\([^\)]+\)', // IN(list) + '\s+NOT IN\s*\([^\)]+\)', // NOT IN (list) + '\s+LIKE\s+\S+'.$_les, // LIKE 'expr'[ ESCAPE '%s'] + '\s+NOT LIKE\s+\S+'.$_les // NOT LIKE 'expr'[ ESCAPE '%s'] + ); + + } + + return preg_match('/'.implode('|', $_operators).'/i', $str, $match) + ? $match[0] : FALSE; } // -------------------------------------------------------------------- @@ -1027,13 +1429,12 @@ abstract class CI_DB_driver { /** * Enables a native PHP function to be run, using a platform agnostic wrapper. * - * @param string the function name - * @param mixed any parameters needed by the function + * @param string $function Function name * @return mixed */ public function call_function($function) { - $driver = ($this->dbdriver == 'postgre') ? 'pg_' : $this->dbdriver.'_'; + $driver = ($this->dbdriver === 'postgre') ? 'pg_' : $this->dbdriver.'_'; if (FALSE === strpos($driver, $function)) { @@ -1087,12 +1488,13 @@ abstract class CI_DB_driver { return $this->cache_on = FALSE; } - // -------------------------------------------------------------------- /** * Delete the cache files associated with a particular URI * + * @param string $segment_one = '' + * @param string $segment_two = '' * @return bool */ public function cache_delete($segment_one = '', $segment_two = '') @@ -1152,7 +1554,7 @@ abstract class CI_DB_driver { { if ($this->conn_id) { - $this->_close($this->conn_id); + $this->_close(); $this->conn_id = FALSE; } } @@ -1160,6 +1562,20 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Close DB Connection + * + * This method would be overriden by most of the drivers. + * + * @return void + */ + protected function _close() + { + $this->conn_id = FALSE; + } + + // -------------------------------------------------------------------- + + /** * Display an error message * * @param string the error message @@ -1174,13 +1590,13 @@ abstract class CI_DB_driver { $heading = $LANG->line('db_error_heading'); - if ($native == TRUE) + if ($native === TRUE) { $message = (array) $error; } else { - $message = ( ! is_array($error)) ? array(str_replace('%s', $swap, $LANG->line($error))) : $error; + $message = is_array($error) ? $error : array(str_replace('%s', $swap, $LANG->line($error))); } // Find the most likely culprit of the error by going through @@ -1189,12 +1605,21 @@ abstract class CI_DB_driver { $trace = debug_backtrace(); foreach ($trace as $call) { - if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) + if (isset($call['file'], $call['class'])) { - // Found it - use a relative path for safety - $message[] = 'Filename: '.str_replace(array(BASEPATH, APPPATH), '', $call['file']); - $message[] = 'Line Number: '.$call['line']; - break; + // We'll need this on Windows, as APPPATH and BASEPATH will always use forward slashes + if (DIRECTORY_SEPARATOR !== '/') + { + $call['file'] = str_replace('\\', '/', $call['file']); + } + + if (strpos($call['file'], BASEPATH.'database') === FALSE && strpos($call['class'], 'Loader') === FALSE) + { + // Found it - use a relative path for safety + $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); + $message[] = 'Line Number: '.$call['line']; + break; + } } } @@ -1208,7 +1633,7 @@ abstract class CI_DB_driver { /** * Protect Identifiers * - * This function is used extensively by the Active Record class, and by + * This function is used extensively by the Query Builder class, and by * a couple functions in this class. * It takes a column or table name (optionally with an alias) and inserts * the table prefix onto it. Some logic is necessary in order to deal with @@ -1243,34 +1668,43 @@ abstract class CI_DB_driver { $escaped_array = array(); foreach ($item as $k => $v) { - $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v); + $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v, $prefix_single, $protect_identifiers, $field_exists); } return $escaped_array; } + // This is basically a bug fix for queries that use MAX, MIN, etc. + // If a parenthesis is found we know that we do not need to + // escape the data or add a prefix. There's probably a more graceful + // way to deal with this, but I'm not thinking of it -- Rick + if (strpos($item, '(') !== FALSE) + { + return $item; + } + // Convert tabs or multiple spaces into single spaces - $item = preg_replace('/[\t ]+/', ' ', $item); + $item = preg_replace('/\s+/', ' ', $item); // If the item has an alias declaration we remove it and set it aside. - // Basically we remove everything to the right of the first space - if (strpos($item, ' ') !== FALSE) + // Note: strripos() is used in order to support spaces in table names + if ($offset = strripos($item, ' AS ')) { - $alias = strstr($item, ' '); - $item = substr($item, 0, - strlen($alias)); + $alias = ($protect_identifiers) + ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - else + elseif ($offset = strrpos($item, ' ')) { - $alias = ''; + $alias = ($protect_identifiers) + ? ' '.$this->escape_identifiers(substr($item, $offset + 1)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - - // This is basically a bug fix for queries that use MAX, MIN, etc. - // If a parenthesis is found we know that we do not need to - // escape the data or add a prefix. There's probably a more graceful - // way to deal with this, but I'm not thinking of it -- Rick - if (strpos($item, '(') !== FALSE) + else { - return $item.$alias; + $alias = ''; } // Break the string apart if it contains periods, then insert the table prefix @@ -1283,7 +1717,7 @@ abstract class CI_DB_driver { // Does the first segment of the exploded item match // one of the aliases previously identified? If so, // we have nothing more to do other than escape the item - if (in_array($parts[0], $this->ar_aliased_tables)) + if (in_array($parts[0], $this->qb_aliased_tables)) { if ($protect_identifiers === TRUE) { @@ -1302,7 +1736,7 @@ abstract class CI_DB_driver { } // Is there a table prefix defined in the config file? If not, no need to do anything - if ($this->dbprefix != '') + if ($this->dbprefix !== '') { // We now add the table prefix based on some logic. // Do we have 4 segments (hostname.database.table.column)? @@ -1326,13 +1760,13 @@ abstract class CI_DB_driver { // This flag is set when the supplied $item does not contain a field name. // This can happen when this function is being called from a JOIN. - if ($field_exists == FALSE) + if ($field_exists === FALSE) { $i++; } // Verify table prefix and replace if necessary - if ($this->swap_pre != '' && strpos($parts[$i], $this->swap_pre) === 0) + if ($this->swap_pre !== '' && strpos($parts[$i], $this->swap_pre) === 0) { $parts[$i] = preg_replace('/^'.$this->swap_pre.'(\S+?)/', $this->dbprefix.'\\1', $parts[$i]); } @@ -1355,15 +1789,15 @@ abstract class CI_DB_driver { } // Is there a table prefix? If not, no need to insert it - if ($this->dbprefix != '') + if ($this->dbprefix !== '') { // Verify table prefix and replace if necessary - if ($this->swap_pre != '' && strpos($item, $this->swap_pre) === 0) + if ($this->swap_pre !== '' && strpos($item, $this->swap_pre) === 0) { $item = preg_replace('/^'.$this->swap_pre.'(\S+?)/', $this->dbprefix.'\\1', $item); } // Do we prefix an item with no segments? - elseif ($prefix_single == TRUE && strpos($item, $this->dbprefix) !== 0) + elseif ($prefix_single === TRUE && strpos($item, $this->dbprefix) !== 0) { $item = $this->dbprefix.$item; } @@ -1380,9 +1814,8 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Dummy method that allows Active Record class to be disabled - * - * This function is used extensively by every db driver. + * Dummy method that allows Query Builder class to be disabled + * and keep count_all() working. * * @return void */ |