diff options
Diffstat (limited to 'system/database/DB_driver.php')
| -rw-r--r-- | system/database/DB_driver.php | 117 |
1 files changed, 98 insertions, 19 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index a99444167..b64b977cb 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -45,11 +45,13 @@ abstract class CI_DB_driver { public $password; public $hostname; public $database; - public $dbdriver = 'mysql'; + public $dbdriver = 'mysqli'; + public $subdriver; public $dbprefix = ''; public $char_set = 'utf8'; public $dbcollat = 'utf8_general_ci'; public $autoinit = TRUE; // Whether to automatically initialize the DB + public $compress = TRUE; public $swap_pre = ''; public $port = ''; public $pconnect = FALSE; @@ -77,6 +79,23 @@ abstract class CI_DB_driver { protected $_protect_identifiers = TRUE; protected $_reserved_identifiers = array('*'); // Identifiers that should NOT be escaped + // clause and character used for LIKE escape sequences + protected $_like_escape_str = " ESCAPE '%s' "; + protected $_like_escape_chr = '!'; + + /** + * The syntax to count rows is slightly different across different + * database engines, so this string appears in each driver and is + * used for the count_all() and count_all_results() functions. + */ + protected $_count_string = 'SELECT COUNT(*) AS '; + + /** + * Constructor + * + * @param array + * @return void + */ public function __construct($params) { if (is_array($params)) @@ -295,7 +314,7 @@ abstract class CI_DB_driver { * @param array An array of binding data * @return mixed */ - public function query($sql, $binds = FALSE, $return_object = TRUE) + public function query($sql, $binds = FALSE, $return_object = NULL) { if ($sql === '') { @@ -303,6 +322,10 @@ abstract class CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } + elseif ( ! is_bool($return_object)) + { + $return_object = ! $this->is_write_type($sql); + } // Verify table prefix and replace if necessary if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre) @@ -319,7 +342,7 @@ abstract class CI_DB_driver { // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists - if ($this->cache_on === TRUE && stripos($sql, 'SELECT') !== FALSE && $this->_cache_init()) + if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) @@ -328,7 +351,7 @@ abstract class CI_DB_driver { } } - // Save the query for debugging + // Save the query for debugging if ($this->save_queries === TRUE) { $this->queries[] = $sql; @@ -352,7 +375,7 @@ abstract class CI_DB_driver { $error = $this->error(); // Log errors - log_message('error', 'Query error: '.$error['message'] . ' - Invalid query: ' . $sql); + log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql); if ($this->db_debug) { @@ -381,12 +404,10 @@ abstract class CI_DB_driver { // Increment the query counter $this->query_count++; - // Was the query a "write" type? - // If so we'll simply return true - if ($this->is_write_type($sql) === TRUE) + // Will we have a result object instantiated? If not - we'll simply return TRUE + if ($return_object !== TRUE) { - // If caching is enabled we'll auto-cleanup any - // existing files related to this particular URI + // If caching is enabled we'll auto-cleanup any existing files related to this particular URI if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init()) { $this->CACHE->delete(); @@ -396,8 +417,6 @@ abstract class CI_DB_driver { } // Return TRUE if we don't need to create a result object - // Currently only the Oracle driver uses this when stored - // procedures are used if ($return_object !== TRUE) { return TRUE; @@ -855,7 +874,7 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Fetch MySQL Field Names + * Fetch Field Names * * @param string the table name * @return array @@ -957,7 +976,7 @@ abstract class CI_DB_driver { */ public function escape_identifiers($item) { - if ($this->_escape_char === '') + if ($this->_escape_char === '' OR empty($item)) { return $item; } @@ -970,6 +989,11 @@ abstract class CI_DB_driver { return $item; } + // Avoid breaking functions and literal values inside queries + elseif (ctype_digit($item) OR $item[0] === "'" OR ($this->_escape_char !== '"' && $item[0] === '"') OR strpos($item, '(') !== FALSE) + { + return $item; + } static $preg_ec = array(); @@ -977,11 +1001,15 @@ abstract class CI_DB_driver { { if (is_array($this->_escape_char)) { - $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); + $preg_ec = array( + preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1]), + $this->_escape_char[0], $this->_escape_char[1] + ); } else { $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); + $preg_ec[2] = $preg_ec[3] = $this->_escape_char; } } @@ -989,11 +1017,11 @@ abstract class CI_DB_driver { { if (strpos($item, '.'.$id) !== FALSE) { - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1].'.', $item); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); } } - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[0].'$1'.$preg_ec[1].'$2', $item); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); } // -------------------------------------------------------------------- @@ -1021,6 +1049,23 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Insert statement + * + * Generates a platform-specific insert string from the supplied data + * + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + protected function _insert($table, $keys, $values) + { + return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; + } + + // -------------------------------------------------------------------- + + /** * Generate an update string * * @param string the table upon which the query will be performed @@ -1073,6 +1118,41 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Update statement + * + * Generates a platform-specific update string from the supplied data + * + * @param string the table name + * @param array the update data + * @param array the where clause + * @param array the orderby clause + * @param array the limit clause + * @param array the like clause + * @return string + */ + protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE, $like = array()) + { + foreach ($values as $key => $val) + { + $valstr[] = $key.' = '.$val; + } + + $where = empty($where) ? '' : ' WHERE '.implode(' ', $where); + + if ( ! empty($like)) + { + $where .= ($where === '' ? ' WHERE ' : ' AND ').implode(' ', $like); + } + + return 'UPDATE '.$table.' SET '.implode(', ', $valstr) + .$where + .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '') + .($limit ? ' LIMIT '.$limit : ''); + } + + // -------------------------------------------------------------------- + + /** * Tests whether the string has an SQL operator * * @param string @@ -1162,7 +1242,6 @@ abstract class CI_DB_driver { return $this->cache_on = FALSE; } - // -------------------------------------------------------------------- /** @@ -1278,7 +1357,7 @@ abstract class CI_DB_driver { $trace = debug_backtrace(); foreach ($trace as $call) { - if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) + if (isset($call['file'], $call['class']) && strpos($call['file'], BASEPATH.'database') === FALSE && strpos($call['class'], 'Loader') !== FALSE) { // Found it - use a relative path for safety $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); |