summaryrefslogtreecommitdiffstats
path: root/system/database/DB_query_builder.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/database/DB_query_builder.php')
-rw-r--r--system/database/DB_query_builder.php10
1 files changed, 6 insertions, 4 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 7a008eeb8..5a86ce50f 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -679,7 +679,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// value appears not to have been set, assign the test to IS NULL
$k .= ' IS NULL';
}
- elseif (preg_match('/\s*(!?=|<>|IS(?:\s+NOT)?)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE))
+ elseif (preg_match('/\s*(!?=|<>|\sIS(?:\s+NOT)?\s)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE))
{
$k = substr($k, 0, $match[0][1]).($match[1][0] === '=' ? ' IS NULL' : ' IS NOT NULL');
}
@@ -1915,7 +1915,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$affected_rows = 0;
for ($i = 0, $total = count($this->qb_set); $i < $total; $i += $batch_size)
{
- if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $this->protect_identifiers($index))))
+ if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $index)))
{
$affected_rows += $this->affected_rows();
}
@@ -1941,6 +1941,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
protected function _update_batch($table, $values, $index)
{
+ $index_escaped = $this->protect_identifiers($index);
+
$ids = array();
foreach ($values as $key => $val)
{
@@ -1950,7 +1952,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
{
if ($field !== $index)
{
- $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field];
+ $final[$field][] = 'WHEN '.$index_escaped.' = '.$val[$index].' THEN '.$val[$field];
}
}
}
@@ -1963,7 +1965,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
.'ELSE '.$k.' END, ';
}
- $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE);
+ $this->where($index_escaped.' IN('.implode(',', $ids).')', NULL, FALSE);
return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where');
}
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-07-08 01:01:54 +0200