summaryrefslogtreecommitdiffstats
path: root/system/database/DB_query_builder.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/database/DB_query_builder.php')
-rw-r--r--system/database/DB_query_builder.php86
1 files changed, 47 insertions, 39 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 488b294e4..531ca9eb7 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -324,10 +324,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string
* @param string the join condition
* @param string the type of join
- * @param string wether not to try to escape identifiers
+ * @param string whether not to try to escape identifiers
* @return object
*/
- public function join($table, $cond, $type = '', $escape = TRUE)
+ public function join($table, $cond, $type = '', $escape = NULL)
{
if ($type !== '')
{
@@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// in the protect_identifiers to know whether to add a table prefix
$this->_track_aliases($table);
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
// Split multiple conditions
if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE))
{
@@ -381,7 +383,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
}
// Assemble the JOIN statement
- $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond;
+ $this->qb_join[] = $join = $type.'JOIN '.$table.' ON '.$cond;
if ($this->qb_caching === TRUE)
{
@@ -405,7 +407,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function where($key, $value = NULL, $escape = TRUE)
+ public function where($key, $value = NULL, $escape = NULL)
{
return $this->_where($key, $value, 'AND ', $escape);
}
@@ -423,7 +425,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function or_where($key, $value = NULL, $escape = TRUE)
+ public function or_where($key, $value = NULL, $escape = NULL)
{
return $this->_where($key, $value, 'OR ', $escape);
}
@@ -451,7 +453,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
}
// If the escape value was not set will will base it on the global setting
- $escape = $this->_protect_identifiers;
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
foreach ($key as $k => $v)
{
@@ -504,9 +506,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function where_in($key = NULL, $values = NULL)
+ public function where_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values);
+ return $this->_where_in($key, $values, FALSE, 'AND ', $escape);
}
// --------------------------------------------------------------------
@@ -521,9 +523,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function or_where_in($key = NULL, $values = NULL)
+ public function or_where_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, FALSE, 'OR ');
+ return $this->_where_in($key, $values, FALSE, 'OR ', $escape);
}
// --------------------------------------------------------------------
@@ -538,9 +540,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function where_not_in($key = NULL, $values = NULL)
+ public function where_not_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, TRUE);
+ return $this->_where_in($key, $values, TRUE, 'AND ', $escape);
}
// --------------------------------------------------------------------
@@ -555,9 +557,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function or_where_not_in($key = NULL, $values = NULL)
+ public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, TRUE, 'OR ');
+ return $this->_where_in($key, $values, TRUE, 'OR ', $escape);
}
// --------------------------------------------------------------------
@@ -573,7 +575,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string
* @return object
*/
- protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ')
+ protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL)
{
if ($key === NULL OR $values === NULL)
{
@@ -587,6 +589,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$values = array($values);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
$not = ($not) ? ' NOT' : '';
foreach ($values as $value)
@@ -595,7 +599,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
}
$prefix = (count($this->qb_where) === 0) ? '' : $type;
- $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') ';
+ $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') ';
if ($this->qb_caching === TRUE)
{
@@ -886,7 +890,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function having($key, $value = '', $escape = TRUE)
+ public function having($key, $value = '', $escape = NULL)
{
return $this->_having($key, $value, 'AND ', $escape);
}
@@ -903,7 +907,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function or_having($key, $value = '', $escape = TRUE)
+ public function or_having($key, $value = '', $escape = NULL)
{
return $this->_having($key, $value, 'OR ', $escape);
}
@@ -921,21 +925,22 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE)
+ protected function _having($key, $value = '', $type = 'AND ', $escape = NULL)
{
if ( ! is_array($key))
{
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
$prefix = (count($this->qb_having) === 0) ? '' : $type;
- if ($escape === TRUE)
- {
- $k = $this->protect_identifiers($k);
- }
+ $k = $this->_has_operator($k)
+ ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ')
+ : $this->protect_identifiers($k, FALSE, $escape);
if ( ! $this->_has_operator($k))
{
@@ -968,7 +973,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool enable field name escaping
* @return object
*/
- public function order_by($orderby, $direction = '', $escape = TRUE)
+ public function order_by($orderby, $direction = '', $escape = NULL)
{
if (strtolower($direction) === 'random')
{
@@ -980,8 +985,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC';
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
- if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE)
+ if ($escape === TRUE && strpos($orderby, ',') !== FALSE)
{
$temp = array();
foreach (explode(',', $orderby) as $part)
@@ -1055,14 +1061,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// --------------------------------------------------------------------
/**
- * The "set" function. Allows key/value pairs to be set for inserting or updating
+ * The "set" function.
+ *
+ * Allows key/value pairs to be set for inserting or updating
*
* @param mixed
* @param string
* @param bool
* @return object
*/
- public function set($key, $value = '', $escape = TRUE)
+ public function set($key, $value = '', $escape = NULL)
{
$key = $this->_object_to_array($key);
@@ -1071,16 +1079,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
- if ($escape === FALSE)
- {
- $this->qb_set[$this->protect_identifiers($k)] = $v;
- }
- else
- {
- $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v);
- }
+ $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape)
+ ? $this->escape($v) : $v;
}
return $this;
@@ -1286,7 +1290,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function set_insert_batch($key, $value = '', $escape = TRUE)
+ public function set_insert_batch($key, $value = '', $escape = NULL)
{
$key = $this->_object_to_array_batch($key);
@@ -1295,6 +1299,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
$keys = array_keys($this->_object_to_array(current($key)));
sort($keys);
@@ -1326,7 +1332,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
foreach ($keys as $k)
{
- $this->qb_keys[] = $this->protect_identifiers($k);
+ $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape);
}
return $this;
@@ -1725,7 +1731,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function set_update_batch($key, $index = '', $escape = TRUE)
+ public function set_update_batch($key, $index = '', $escape = NULL)
{
$key = $this->_object_to_array_batch($key);
@@ -1734,6 +1740,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// @todo error
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
$index_set = FALSE;
@@ -1745,7 +1753,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$index_set = TRUE;
}
- $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
+ $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
}
if ($index_set === FALSE)
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-08-26 20:15:00 +0200