diff options
Diffstat (limited to 'system/database/DB_query_builder.php')
-rw-r--r-- | system/database/DB_query_builder.php | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7a008eeb8..5a86ce50f 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -679,7 +679,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // value appears not to have been set, assign the test to IS NULL $k .= ' IS NULL'; } - elseif (preg_match('/\s*(!?=|<>|IS(?:\s+NOT)?)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) + elseif (preg_match('/\s*(!?=|<>|\sIS(?:\s+NOT)?\s)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) { $k = substr($k, 0, $match[0][1]).($match[1][0] === '=' ? ' IS NULL' : ' IS NOT NULL'); } @@ -1915,7 +1915,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $affected_rows = 0; for ($i = 0, $total = count($this->qb_set); $i < $total; $i += $batch_size) { - if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $this->protect_identifiers($index)))) + if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $index))) { $affected_rows += $this->affected_rows(); } @@ -1941,6 +1941,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _update_batch($table, $values, $index) { + $index_escaped = $this->protect_identifiers($index); + $ids = array(); foreach ($values as $key => $val) { @@ -1950,7 +1952,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { if ($field !== $index) { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; + $final[$field][] = 'WHEN '.$index_escaped.' = '.$val[$index].' THEN '.$val[$field]; } } } @@ -1963,7 +1965,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .'ELSE '.$k.' END, '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($index_escaped.' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } |