diff options
Diffstat (limited to 'system/database/drivers/mysqli')
-rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 21 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_forge.php | 45 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_utility.php | 119 |
3 files changed, 146 insertions, 39 deletions
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 02f893755..d3fb77a22 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -412,27 +412,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param string - * @return string - */ - protected function _from_tables($tables) - { - if ( ! is_array($tables)) - { - $tables = array($tables); - } - - return '('.implode(', ', $tables).')'; - } - - // -------------------------------------------------------------------- - - /** * Update_Batch statement * * Generates a platform-specific batch update string from the supplied data diff --git a/system/database/drivers/mysqli/mysqli_forge.php b/system/database/drivers/mysqli/mysqli_forge.php index b00bfde49..b74c775b2 100644 --- a/system/database/drivers/mysqli/mysqli_forge.php +++ b/system/database/drivers/mysqli/mysqli_forge.php @@ -60,13 +60,13 @@ class CI_DB_mysqli_forge extends CI_DB_forge { { $attributes = array_change_key_case($attributes, CASE_UPPER); - $sql .= "\n\t".$this->db->protect_identifiers($field) - .( ! empty($attributes['NAME']) ? ' '.$this->db->protect_identifiers($attributes['NAME']).' ' : '') - ; + $sql .= "\n\t".$this->db->escape_identifiers($field); + + empty($attributes['NAME']) OR $sql .= ' '.$this->db->escape_identifiers($attributes['NAME']).' '; if ( ! empty($attributes['TYPE'])) { - $sql .= ' '.$attributes['TYPE']; + $sql .= ' '.$attributes['TYPE']; if ( ! empty($attributes['CONSTRAINT'])) { @@ -87,10 +87,23 @@ class CI_DB_mysqli_forge extends CI_DB_forge { } } - $sql .= (( ! empty($attributes['UNSIGNED']) && $attributes['UNSIGNED'] === TRUE) ? ' UNSIGNED' : '') - .(isset($attributes['DEFAULT']) ? " DEFAULT '".$attributes['DEFAULT']."'" : '') - .(( ! empty($attributes['NULL']) && $attributes['NULL'] === TRUE) ? ' NULL' : ' NOT NULL') - .(( ! empty($attributes['AUTO_INCREMENT']) && $attributes['AUTO_INCREMENT'] === TRUE) ? ' AUTO_INCREMENT' : ''); + if ( ! empty($attributes['UNSIGNED']) && $attributes['UNSIGNED'] === TRUE) + { + $sql .= ' UNSIGNED'; + } + + if (isset($attributes['DEFAULT'])) + { + $sql .= " DEFAULT '".$attributes['DEFAULT']."'"; + } + + $sql .= ( ! empty($attributes['NULL']) && $attributes['NULL'] === TRUE) + ? ' NULL' : ' NOT NULL'; + + if ( ! empty($attributes['AUTO_INCREMENT']) && $attributes['AUTO_INCREMENT'] === TRUE) + { + $sql .= ' AUTO_INCREMENT'; + } } // don't add a comma on the end of the last field @@ -128,8 +141,8 @@ class CI_DB_mysqli_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $key_name = $this->db->protect_identifiers(implode('_', $primary_keys)); - $sql .= ",\n\tPRIMARY KEY ".$key_name.' ('.implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $key_name = $this->db->escape_identifiers(implode('_', $primary_keys)); + $sql .= ",\n\tPRIMARY KEY ".$key_name.' ('.implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -138,12 +151,12 @@ class CI_DB_mysqli_forge extends CI_DB_forge { { if (is_array($key)) { - $key_name = $this->db->protect_identifiers(implode('_', $key)); - $key = $this->db->protect_identifiers($key); + $key_name = $this->db->escape_identifiers(implode('_', $key)); + $key = $this->db->escape_identifiers($key); } else { - $key_name = $this->db->protect_identifiers($key); + $key_name = $this->db->escape_identifiers($key); $key = array($key_name); } @@ -170,16 +183,16 @@ class CI_DB_mysqli_forge extends CI_DB_forge { */ protected function _alter_table($alter_type, $table, $fields, $after_field = '') { - $sql = 'ALTER TABLE '.$this->db->protect_identifiers($table).' '.$alter_type.' '; + $sql = 'ALTER TABLE '.$this->db->escape_identifiers($table).' '.$alter_type.' '; // DROP has everything it needs now. if ($alter_type === 'DROP') { - return $sql.$this->db->protect_identifiers($fields); + return $sql.$this->db->escape_identifiers($fields); } return $sql.$this->_process_fields($fields) - .($after_field !== '' ? ' AFTER '.$this->db->protect_identifiers($after_field) : ''); + .($after_field !== '' ? ' AFTER '.$this->db->escape_identifiers($after_field) : ''); } } diff --git a/system/database/drivers/mysqli/mysqli_utility.php b/system/database/drivers/mysqli/mysqli_utility.php index 27d4ef817..5d2bdbce0 100644 --- a/system/database/drivers/mysqli/mysqli_utility.php +++ b/system/database/drivers/mysqli/mysqli_utility.php @@ -46,9 +46,124 @@ class CI_DB_mysqli_utility extends CI_DB_utility { */ protected function _backup($params = array()) { - // Currently unsupported - return $this->db->display_error('db_unsuported_feature'); + if (count($params) === 0) + { + return FALSE; + } + + // Extract the prefs for simplicity + extract($params); + + // Build the output + $output = ''; + foreach ( (array) $tables as $table) + { + // Is the table in the "ignore" list? + if (in_array($table, (array) $ignore, TRUE)) + { + continue; + } + + // Get the table schema + $query = $this->db->query('SHOW CREATE TABLE '.$this->db->escape_identifiers($this->db->database.'.'.$table)); + + // No result means the table name was invalid + if ($query === FALSE) + { + continue; + } + + // Write out the table schema + $output .= '#'.$newline.'# TABLE STRUCTURE FOR: '.$table.$newline.'#'.$newline.$newline; + + if ($add_drop === TRUE) + { + $output .= 'DROP TABLE IF EXISTS '.$this->db->protect_identifiers($table).';'.$newline.$newline; + } + + $i = 0; + $result = $query->result_array(); + foreach ($result[0] as $val) + { + if ($i++ % 2) + { + $output .= $val.';'.$newline.$newline; + } + } + + // If inserts are not needed we're done... + if ($add_insert === FALSE) + { + continue; + } + + // Grab all the data from the current table + $query = $this->db->query('SELECT * FROM '.$this->db->protect_identifiers($table)); + + if ($query->num_rows() === 0) + { + continue; + } + + // Fetch the field names and determine if the field is an + // integer type. We use this info to decide whether to + // surround the data with quotes or not + + $i = 0; + $field_str = ''; + $is_int = array(); + while ($field = $query->result_id->fetch_field()) + { + // Most versions of MySQL store timestamp as a string + $is_int[$i] = in_array(strtolower($field->type), + array('tinyint', 'smallint', 'mediumint', 'int', 'bigint'), //, 'timestamp'), + TRUE); + + // Create a string of field names + $field_str .= $this->db->escape_identifiers($field->name).', '; + $i++; + } + + // Trim off the end comma + $field_str = preg_replace('/, $/' , '', $field_str); + + // Build the insert string + foreach ($query->result_array() as $row) + { + $val_str = ''; + + $i = 0; + foreach ($row as $v) + { + // Is the value NULL? + if ($v === NULL) + { + $val_str .= 'NULL'; + } + else + { + // Escape the data if it's not an integer + $val_str .= ($is_int[$i] === FALSE) ? $this->db->escape($v) : $v; + } + + // Append a comma + $val_str .= ', '; + $i++; + } + + // Remove the comma at the end of the string + $val_str = preg_replace('/, $/' , '', $val_str); + + // Build the INSERT string + $output .= 'INSERT INTO '.$this->db->protect_identifiers($table).' ('.$field_str.') VALUES ('.$val_str.');'.$newline; + } + + $output .= $newline.$newline; + } + + return $output; } + } /* End of file mysqli_utility.php */ |