summaryrefslogtreecommitdiffstats
path: root/system/database/DB_forge.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/database/DB_forge.php')
-rw-r--r--system/database/DB_forge.php44
1 files changed, 28 insertions, 16 deletions
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index 826aa1ebf..83b646d6e 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
- * Copyright (c) 2014 - 2016, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2017, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
- * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -184,7 +184,7 @@ abstract class CI_DB_forge {
{
return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
}
- elseif ( ! $this->db->query(sprintf($this->_create_database, $db_name, $this->db->char_set, $this->db->dbcollat)))
+ elseif ( ! $this->db->query(sprintf($this->_create_database, $this->db->escape_identifiers($db_name), $this->db->char_set, $this->db->dbcollat)))
{
return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE;
}
@@ -211,7 +211,7 @@ abstract class CI_DB_forge {
{
return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
}
- elseif ( ! $this->db->query(sprintf($this->_drop_database, $db_name)))
+ elseif ( ! $this->db->query(sprintf($this->_drop_database, $this->db->escape_identifiers($db_name))))
{
return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE;
}
@@ -894,21 +894,33 @@ abstract class CI_DB_forge {
return;
}
- if (array_key_exists('DEFAULT', $attributes))
+ if ( ! array_key_exists('DEFAULT', $attributes))
{
- if ($attributes['DEFAULT'] === NULL)
- {
- $field['default'] = empty($this->_null) ? '' : $this->_default.$this->_null;
+ return;
+ }
- // Override the NULL attribute if that's our default
- $attributes['NULL'] = TRUE;
- $field['null'] = empty($this->_null) ? '' : ' '.$this->_null;
- }
- else
- {
- $field['default'] = $this->_default.$this->db->escape($attributes['DEFAULT']);
- }
+ if ($attributes['DEFAULT'] === NULL)
+ {
+ $field['default'] = empty($this->_null) ? '' : $this->_default.$this->_null;
+
+ // Override the NULL attribute if that's our default
+ $attributes['NULL'] = TRUE;
+ $field['null'] = empty($this->_null) ? '' : ' '.$this->_null;
+ return;
}
+
+ // White-list CURRENT_TIMESTAMP & similar (e.g. Oracle has stuff like SYSTIMESTAMP) defaults for date/time fields
+ if (
+ isset($attributes['TYPE'])
+ && (stripos($attributes['TYPE'], 'time') !== FALSE OR stripos($attributes['TYPE'], 'date') !== FALSE)
+ && (stripos($attributes['DEFAULT'], 'time') !== FALSE OR stripos($attributes['DEFAULT'], 'date') !== FALSE)
+ )
+ {
+ $field['default'] = $this->_default.$attributes['DEFAULT'];
+ return;
+ }
+
+ $field['default'] = $this->_default.$this->db->escape($attributes['DEFAULT']);
}
// --------------------------------------------------------------------
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-09-06 22:01:15 +0200