summaryrefslogtreecommitdiffstats
path: root/system/database
diff options
context:
space:
mode:
Diffstat (limited to 'system/database')
-rw-r--r--system/database/DB_forge.php4
-rw-r--r--system/database/DB_query_builder.php30
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php49
-rw-r--r--system/database/drivers/oci8/oci8_driver.php43
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php31
5 files changed, 107 insertions, 50 deletions
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index d99fd0024..dde285598 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -143,7 +143,7 @@ abstract class CI_DB_forge {
protected $_unsigned = TRUE;
/**
- * NULL value representatin in CREATE/ALTER TABLE statements
+ * NULL value representation in CREATE/ALTER TABLE statements
*
* @var string
*/
@@ -239,7 +239,7 @@ abstract class CI_DB_forge {
*/
public function add_key($key, $primary = FALSE)
{
- if ($primary === TRUE && is_array($key))
+ if (is_array($key))
{
foreach ($key as $one)
{
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index a8b5b3579..0bb91bae9 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -657,10 +657,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
if ($v !== NULL)
{
- if ($escape === TRUE)
- {
- $v = ' '.$this->escape($v);
- }
+ $v = ' '.$this->escape($v);
if ( ! $this->_has_operator($k))
{
@@ -1279,8 +1276,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
foreach ($key as $k => $v)
{
- $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape)
- ? $this->escape($v) : $v;
+ $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = $this->escape($v);
}
return $this;
@@ -1294,7 +1290,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* Compiles a SELECT query string and returns the sql.
*
* @param string the table name to select from (optional)
- * @param bool TRUE: resets QB values; FALSE: leave QB vaules alone
+ * @param bool TRUE: resets QB values; FALSE: leave QB values alone
* @return string
*/
public function get_compiled_select($table = '', $reset = TRUE)
@@ -1519,15 +1515,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
ksort($row); // puts $row in the same order as our keys
- if ($escape !== FALSE)
+ foreach ($row as $k => $v)
{
- $clean = array();
- foreach ($row as $value)
- {
- $clean[] = $this->escape($value);
- }
-
- $row = $clean;
+ $row[$k] = $this->escape($v);
}
$this->qb_set[] = '('.implode(',', $row).')';
@@ -1736,7 +1726,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
return FALSE;
}
- $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set);
+ $sql = $this->_update($this->qb_from[0], $this->qb_set);
if ($reset === TRUE)
{
@@ -1784,7 +1774,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$this->limit($limit);
}
- $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set);
+ $sql = $this->_update($this->qb_from[0], $this->qb_set);
$this->_reset_write();
return $this->query($sql);
}
@@ -1801,7 +1791,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string the table to update data on
* @return bool
*/
- protected function _validate_update($table = '')
+ protected function _validate_update($table)
{
if (count($this->qb_set) === 0)
{
@@ -1810,7 +1800,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
if ($table !== '')
{
- $this->qb_from[0] = $table;
+ $this->qb_from = array($this->protect_identifiers($table, TRUE, NULL, FALSE));
}
elseif ( ! isset($this->qb_from[0]))
{
@@ -1948,7 +1938,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$index_set = TRUE;
}
- $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
+ $clean[$this->protect_identifiers($k2, FALSE, $escape)] = $this->escape($v2);
}
if ($index_set === FALSE)
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index e953db052..dd3cc77c6 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -102,7 +102,6 @@ class CI_DB_mysqli_driver extends CI_DB {
*
* @param bool $persistent
* @return object
- * @todo SSL support
*/
public function db_connect($persistent = FALSE)
{
@@ -132,8 +131,52 @@ class CI_DB_mysqli_driver extends CI_DB {
$mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"');
}
- return $mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)
- ? $mysqli : FALSE;
+ if (is_array($this->encrypt))
+ {
+ $ssl = array();
+ empty($this->encrypt['ssl_key']) OR $ssl['key'] = $this->encrypt['ssl_key'];
+ empty($this->encrypt['ssl_cert']) OR $ssl['cert'] = $this->encrypt['ssl_cert'];
+ empty($this->encrypt['ssl_ca']) OR $ssl['ca'] = $this->encrypt['ssl_ca'];
+ empty($this->encrypt['ssl_capath']) OR $ssl['capath'] = $this->encrypt['ssl_capath'];
+ empty($this->encrypt['ssl_cipher']) OR $ssl['cipher'] = $this->encrypt['ssl_cipher'];
+
+ if ( ! empty($ssl))
+ {
+ if ( ! empty($this->encrypt['ssl_verify']) && defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT'))
+ {
+ $mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE);
+ }
+
+ $client_flags |= MYSQLI_CLIENT_SSL;
+ $mysqli->ssl_set(
+ isset($ssl['key']) ? $ssl['key'] : NULL,
+ isset($ssl['cert']) ? $ssl['cert'] : NULL,
+ isset($ssl['ca']) ? $ssl['ca'] : NULL,
+ isset($ssl['capath']) ? $ssl['capath'] : NULL,
+ isset($ssl['cipher']) ? $ssl['cipher'] : NULL
+ );
+ }
+ }
+
+ if ($mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags))
+ {
+ // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails
+ if (
+ ($client_flags & MYSQLI_CLIENT_SSL)
+ && version_compare($mysqli->client_info, '5.7.3', '<=')
+ && empty($mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_object()->Value)
+ )
+ {
+ $mysqli->close();
+ $message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!';
+ log_message('error', $message);
+ return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE;
+ }
+
+ return $mysqli;
+ }
+
+ return FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index b5cf26536..3c5777751 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -102,6 +102,14 @@ class CI_DB_oci8_driver extends CI_DB {
// --------------------------------------------------------------------
/**
+ * Reset $stmt_id flag
+ *
+ * Used by stored_procedure() to prevent _execute() from
+ * re-setting the statement ID.
+ */
+ protected $_reset_stmt_id = TRUE;
+
+ /**
* List of reserved identifiers
*
* Identifiers that must NOT be escaped.
@@ -265,26 +273,13 @@ class CI_DB_oci8_driver extends CI_DB {
/* Oracle must parse the query before it is run. All of the actions with
* the query are based on the statement id returned by oci_parse().
*/
- $this->stmt_id = FALSE;
- $this->_set_stmt_id($sql);
- oci_set_prefetch($this->stmt_id, 1000);
- return oci_execute($this->stmt_id, $this->commit_mode);
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Generate a statement ID
- *
- * @param string $sql an SQL query
- * @return void
- */
- protected function _set_stmt_id($sql)
- {
- if ( ! is_resource($this->stmt_id))
+ if ($this->_reset_stmt_id === TRUE)
{
$this->stmt_id = oci_parse($this->conn_id, $sql);
}
+
+ oci_set_prefetch($this->stmt_id, 1000);
+ return oci_execute($this->stmt_id, $this->commit_mode);
}
// --------------------------------------------------------------------
@@ -318,15 +313,15 @@ class CI_DB_oci8_driver extends CI_DB {
* type yes the type of the parameter
* length yes the max size of the parameter
*/
- public function stored_procedure($package, $procedure, $params)
+ public function stored_procedure($package, $procedure, array $params)
{
- if ($package === '' OR $procedure === '' OR ! is_array($params))
+ if ($package === '' OR $procedure === '')
{
log_message('error', 'Invalid query: '.$package.'.'.$procedure);
return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE;
}
- // build the query string
+ // Build the query string
$sql = 'BEGIN '.$package.'.'.$procedure.'(';
$have_cursor = FALSE;
@@ -341,10 +336,12 @@ class CI_DB_oci8_driver extends CI_DB {
}
$sql = trim($sql, ',').'); END;';
- $this->stmt_id = FALSE;
- $this->_set_stmt_id($sql);
+ $this->_reset_stmt_id = FALSE;
+ $this->stmt_id = oci_parse($this->conn_id, $sql);
$this->_bind_params($params);
- return $this->query($sql, FALSE, $have_cursor);
+ $result = $this->query($sql, FALSE, $have_cursor);
+ $this->_reset_stmt_id = TRUE;
+ return $result;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
index 206d83595..e9d25cebc 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
@@ -119,7 +119,6 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver {
*
* @param bool $persistent
* @return object
- * @todo SSL support
*/
public function db_connect($persistent = FALSE)
{
@@ -151,7 +150,35 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver {
$this->options[PDO::MYSQL_ATTR_COMPRESS] = TRUE;
}
- return parent::db_connect($persistent);
+ // SSL support was added to PDO_MYSQL in PHP 5.3.7
+ if (is_array($this->encrypt) && is_php('5.3.7'))
+ {
+ $ssl = array();
+ empty($this->encrypt['ssl_key']) OR $ssl[PDO::MYSQL_ATTR_SSL_KEY] = $this->encrypt['ssl_key'];
+ empty($this->encrypt['ssl_cert']) OR $ssl[PDO::MYSQL_ATTR_SSL_CERT] = $this->encrypt['ssl_cert'];
+ empty($this->encrypt['ssl_ca']) OR $ssl[PDO::MYSQL_ATTR_SSL_CA] = $this->encrypt['ssl_ca'];
+ empty($this->encrypt['ssl_capath']) OR $ssl[PDO::MYSQL_ATTR_SSL_CAPATH] = $this->encrypt['ssl_capath'];
+ empty($this->encrypt['ssl_cipher']) OR $ssl[PDO::MYSQL_ATTR_SSL_CIPHER] = $this->encrypt['ssl_cipher'];
+
+ // DO NOT use array_merge() here!
+ // It re-indexes numeric keys and the PDO_MYSQL_ATTR_SSL_* constants are integers.
+ empty($ssl) OR $this->options += $ssl;
+ }
+
+ // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails
+ if (
+ ($pdo = parent::db_connect($persistent)) !== FALSE
+ && ! empty($ssl)
+ && version_compare($pdo->getAttribute(PDO::ATTR_CLIENT_VERSION), '5.7.3', '<=')
+ && empty($pdo->query("SHOW STATUS LIKE 'ssl_cipher'")->fetchObject()->Value)
+ )
+ {
+ $message = 'PDO_MYSQL was configured for an SSL connection, but got an unencrypted connection instead!';
+ log_message('error', $message);
+ return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE;
+ }
+
+ return $pdo;
}
// --------------------------------------------------------------------