diff options
Diffstat (limited to 'system/database')
| -rw-r--r-- | system/database/DB_driver.php | 80 | ||||
| -rw-r--r-- | system/database/DB_forge.php | 2 | ||||
| -rw-r--r-- | system/database/DB_query_builder.php | 155 | ||||
| -rw-r--r-- | system/database/drivers/cubrid/cubrid_driver.php | 17 | ||||
| -rw-r--r-- | system/database/drivers/interbase/interbase_driver.php | 17 | ||||
| -rw-r--r-- | system/database/drivers/mssql/mssql_driver.php | 34 | ||||
| -rw-r--r-- | system/database/drivers/mysql/mysql_driver.php | 29 | ||||
| -rw-r--r-- | system/database/drivers/mysql/mysql_forge.php | 2 | ||||
| -rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 20 | ||||
| -rw-r--r-- | system/database/drivers/oci8/oci8_driver.php | 13 | ||||
| -rw-r--r-- | system/database/drivers/odbc/odbc_driver.php | 17 | ||||
| -rw-r--r-- | system/database/drivers/pdo/pdo_driver.php | 13 | ||||
| -rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 32 | ||||
| -rw-r--r-- | system/database/drivers/sqlite/sqlite_driver.php | 17 | ||||
| -rw-r--r-- | system/database/drivers/sqlite3/sqlite3_driver.php | 17 | ||||
| -rw-r--r-- | system/database/drivers/sqlsrv/sqlsrv_driver.php | 16 |
16 files changed, 202 insertions, 279 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index d056bdb90..739b25187 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -295,7 +295,7 @@ abstract class CI_DB_driver { * @param array An array of binding data * @return mixed */ - public function query($sql, $binds = FALSE, $return_object = TRUE) + public function query($sql, $binds = FALSE, $return_object = NULL) { if ($sql === '') { @@ -303,6 +303,10 @@ abstract class CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } + elseif ( ! is_bool($return_object)) + { + $return_object = ! $this->is_write_type($sql); + } // Verify table prefix and replace if necessary if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre) @@ -319,7 +323,7 @@ abstract class CI_DB_driver { // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists - if ($this->cache_on === TRUE && stripos($sql, 'SELECT') !== FALSE && $this->_cache_init()) + if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) @@ -328,7 +332,7 @@ abstract class CI_DB_driver { } } - // Save the query for debugging + // Save the query for debugging if ($this->save_queries === TRUE) { $this->queries[] = $sql; @@ -352,7 +356,7 @@ abstract class CI_DB_driver { $error = $this->error(); // Log errors - log_message('error', 'Query error: '.$error['message']); + log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql); if ($this->db_debug) { @@ -381,12 +385,10 @@ abstract class CI_DB_driver { // Increment the query counter $this->query_count++; - // Was the query a "write" type? - // If so we'll simply return true - if ($this->is_write_type($sql) === TRUE) + // Will we have a result object instantiated? If not - we'll simply return TRUE + if ($return_object !== TRUE) { - // If caching is enabled we'll auto-cleanup any - // existing files related to this particular URI + // If caching is enabled we'll auto-cleanup any existing files related to this particular URI if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init()) { $this->CACHE->delete(); @@ -396,8 +398,6 @@ abstract class CI_DB_driver { } // Return TRUE if we don't need to create a result object - // Currently only the Oracle driver uses this when stored - // procedures are used if ($return_object !== TRUE) { return TRUE; @@ -1086,6 +1086,20 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Returns the SQL string operator + * + * @param string + * @return string + */ + protected function _get_operator($str) + { + return preg_match('/(=|!|<|>| IS NULL| IS NOT NULL| BETWEEN)/i', $str, $match) + ? $match[1] : FALSE; + } + + // -------------------------------------------------------------------- + + /** * Enables a native PHP function to be run, using a platform agnostic wrapper. * * @param string the function name @@ -1267,7 +1281,7 @@ abstract class CI_DB_driver { if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) { // Found it - use a relative path for safety - $message[] = 'Filename: '.str_replace(array(BASEPATH, APPPATH), '', $call['file']); + $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); $message[] = 'Line Number: '.$call['line']; break; } @@ -1336,39 +1350,21 @@ abstract class CI_DB_driver { // Convert tabs or multiple spaces into single spaces $item = preg_replace('/\s+/', ' ', $item); - static $preg_ec = array(); - - if (empty($preg_ec)) + // If the item has an alias declaration we remove it and set it aside. + // Note: strripos() is used in order to support spaces in table names + if ($offset = strripos($item, ' AS ')) { - if (is_array($this->_escape_char)) - { - $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); - } - else - { - $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); - } + $alias = ($protect_identifiers) + ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - - // If the item has an alias declaration we remove it and set it aside. - // Basically we remove everything to the right of the first space - preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', $item, $matches); - - if (isset($matches[4])) + elseif ($offset = strrpos($item, ' ')) { - $item = $matches[1]; - - // Escape the alias, if needed - if ($protect_identifiers === TRUE) - { - $alias = empty($matches[5]) - ? ' '.$this->escape_identifiers(ltrim($matches[4])) - : $matches[4].' '.$this->escape_identifiers(ltrim($matches[5])); - } - else - { - $alias = $matches[4].$matches[5]; - } + $alias = ($protect_identifiers) + ? ' '.$this->escape_identifiers(substr($item, $offset + 1)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } else { diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index 9b7639289..91f9d560c 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -231,7 +231,7 @@ abstract class CI_DB_forge { if (($result = $this->db->query($sql)) !== FALSE && ! empty($this->db->data_cache['table_names'])) { - $this->db->data_cache['table_names'][] = $$this->db->dbprefix.$table; + $this->db->data_cache['table_names'][] = $this->db->dbprefix.$table; } return $result; diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 488b294e4..3982885e8 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -324,10 +324,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @param string the join condition * @param string the type of join - * @param string wether not to try to escape identifiers + * @param string whether not to try to escape identifiers * @return object */ - public function join($table, $cond, $type = '', $escape = TRUE) + public function join($table, $cond, $type = '', $escape = NULL) { if ($type !== '') { @@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // in the protect_identifiers to know whether to add a table prefix $this->_track_aliases($table); + is_bool($escape) OR $escape = $this->_protect_identifiers; + // Split multiple conditions if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) { @@ -366,12 +368,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $newcond .= $m[0][$i][0]; } - $cond = $newcond; + $cond = ' ON '.$newcond; } // Split apart the condition and protect the identifiers elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match)) { - $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + } + elseif ( ! $this->_has_operator($cond)) + { + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + } + else + { + $cond = ' ON '.$cond; } // Do we want to escape the table name? @@ -381,7 +391,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // Assemble the JOIN statement - $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond; + $this->qb_join[] = $join = $type.'JOIN '.$table.$cond; if ($this->qb_caching === TRUE) { @@ -405,7 +415,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function where($key, $value = NULL, $escape = TRUE) + public function where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'AND ', $escape); } @@ -423,7 +433,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_where($key, $value = NULL, $escape = TRUE) + public function or_where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'OR ', $escape); } @@ -443,23 +453,26 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); } // If the escape value was not set will will base it on the global setting - $escape = $this->_protect_identifiers; + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); + } if (is_null($v) && ! $this->_has_operator($k)) { @@ -504,9 +517,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_in($key = NULL, $values = NULL) + public function where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values); + return $this->_where_in($key, $values, FALSE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -521,9 +534,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_in($key = NULL, $values = NULL) + public function or_where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, FALSE, 'OR '); + return $this->_where_in($key, $values, FALSE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -538,9 +551,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_not_in($key = NULL, $values = NULL) + public function where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE); + return $this->_where_in($key, $values, TRUE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -555,9 +568,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_not_in($key = NULL, $values = NULL) + public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE, 'OR '); + return $this->_where_in($key, $values, TRUE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -573,20 +586,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @return object */ - protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ') + protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL) { if ($key === NULL OR $values === NULL) { return $this; } - $type = $this->_group_get_type($type); - if ( ! is_array($values)) { $values = array($values); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $not = ($not) ? ' NOT' : ''; foreach ($values as $value) @@ -594,8 +607,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } - $prefix = (count($this->qb_where) === 0) ? '' : $type; - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + if ($escape === TRUE) + { + $key = $this->escape_identifiers(trim($key)); + } + + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); + $this->qb_where[] = $where_in = $prefix.$key.$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { @@ -690,8 +708,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _like($field, $match = '', $type = 'AND ', $side = 'both', $not = '') { - $type = $this->_group_get_type($type); - if ( ! is_array($field)) { $field = array($field => $match); @@ -700,7 +716,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($field as $k => $v) { $k = $this->protect_identifiers($k); - $prefix = (count($this->qb_like) === 0) ? '' : $type; + $prefix = (count($this->qb_like) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $v = $this->escape_like_str($v); if ($side === 'none') @@ -886,7 +902,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function having($key, $value = '', $escape = TRUE) + public function having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'AND ', $escape); } @@ -903,7 +919,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_having($key, $value = '', $escape = TRUE) + public function or_having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'OR ', $escape); } @@ -921,21 +937,22 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE) + protected function _having($key, $value = '', $type = 'AND ', $escape = NULL) { if ( ! is_array($key)) { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $prefix = (count($this->qb_having) === 0) ? '' : $type; - if ($escape === TRUE) - { - $k = $this->protect_identifiers($k); - } + $k = $this->_has_operator($k) + ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + : $this->protect_identifiers($k, FALSE, $escape); if ( ! $this->_has_operator($k)) { @@ -968,7 +985,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool enable field name escaping * @return object */ - public function order_by($orderby, $direction = '', $escape = TRUE) + public function order_by($orderby, $direction = '', $escape = NULL) { if (strtolower($direction) === 'random') { @@ -980,8 +997,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC'; } + is_bool($escape) OR $escape = $this->_protect_identifiers; - if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE) + if ($escape === TRUE && strpos($orderby, ',') !== FALSE) { $temp = array(); foreach (explode(',', $orderby) as $part) @@ -1028,12 +1046,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function limit($value, $offset = NULL) { - $this->qb_limit = (int) $value; - - if ( ! empty($offset)) - { - $this->qb_offset = (int) $offset; - } + is_null($value) OR $this->qb_limit = (int) $value; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } @@ -1048,21 +1062,40 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function offset($offset) { - $this->qb_offset = (int) $offset; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } // -------------------------------------------------------------------- /** - * The "set" function. Allows key/value pairs to be set for inserting or updating + * Limit string + * + * Generates a platform-specific LIMIT clause + * + * @param string the sql query string + * @param int the number of rows to limit the query to + * @param int the offset value + * @return string + */ + protected function _limit($sql, $limit, $offset) + { + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; + } + + // -------------------------------------------------------------------- + + /** + * The "set" function. + * + * Allows key/value pairs to be set for inserting or updating * * @param mixed * @param string * @param bool * @return object */ - public function set($key, $value = '', $escape = TRUE) + public function set($key, $value = '', $escape = NULL) { $key = $this->_object_to_array($key); @@ -1071,16 +1104,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { - if ($escape === FALSE) - { - $this->qb_set[$this->protect_identifiers($k)] = $v; - } - else - { - $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v); - } + $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape) + ? $this->escape($v) : $v; } return $this; @@ -1189,7 +1218,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the offset clause * @return object */ - public function get_where($table = '', $where = null, $limit = null, $offset = null) + public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL) { if ($table !== '') { @@ -1286,7 +1315,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_insert_batch($key, $value = '', $escape = TRUE) + public function set_insert_batch($key, $value = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1295,6 +1324,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $keys = array_keys($this->_object_to_array(current($key))); sort($keys); @@ -1326,7 +1357,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($keys as $k) { - $this->qb_keys[] = $this->protect_identifiers($k); + $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape); } return $this; @@ -1725,7 +1756,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_update_batch($key, $index = '', $escape = TRUE) + public function set_update_batch($key, $index = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1734,6 +1765,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // @todo error } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $index_set = FALSE; @@ -1745,7 +1778,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $index_set = TRUE; } - $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2); + $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2); } if ($index_set === FALSE) diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index 6b67b7546..7496ee42f 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -437,23 +437,6 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php index 5a03607ee..38d30962c 100644 --- a/system/database/drivers/interbase/interbase_driver.php +++ b/system/database/drivers/interbase/interbase_driver.php @@ -235,7 +235,7 @@ class CI_DB_interbase_driver extends CI_DB { * @param int $inc_by * @return int */ - public function insert_id($generator_name, $inc_by=0) + public function insert_id($generator_name, $inc_by = 0) { //If a generator hasn't been used before it will return 0 return ibase_gen_id('"'.$generator_name.'"', $inc_by); @@ -257,7 +257,8 @@ class CI_DB_interbase_driver extends CI_DB { if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -275,7 +276,7 @@ class CI_DB_interbase_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = \''.$this->escape_str($table)."'"; + return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -290,10 +291,7 @@ class CI_DB_interbase_driver extends CI_DB { */ protected function _field_data($table) { - // Need to find a more efficient way to do this - // but Interbase/Firebird seems to lack the - // limit clause - return 'SELECT * FROM '.$table; + return $this->_limit('SELECT * FROM '.$this->protect_identifiers($table), 1, NULL); } // -------------------------------------------------------------------- @@ -361,7 +359,6 @@ class CI_DB_interbase_driver extends CI_DB { .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : ''); } - // -------------------------------------------------------------------- /** @@ -421,12 +418,12 @@ class CI_DB_interbase_driver extends CI_DB { if (stripos($this->version(), 'firebird') !== FALSE) { $select = 'FIRST '. (int) $limit - .($offset > 0 ? ' SKIP '. (int) $offset : ''); + .($offset ? ' SKIP '. (int) $offset : ''); } else { $select = 'ROWS ' - .($offset > 0 ? (int) $offset.' TO '.($limit + $offset) : (int) $limit); + .($offset ? (int) $offset.' TO '.($limit + $offset) : (int) $limit); } return preg_replace('`SELECT`i', 'SELECT '.$select, $sql); diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 47dc55844..7634be2bb 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -124,7 +124,7 @@ class CI_DB_mssql_driver extends CI_DB { // Determine how identifiers are escaped $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); return $conn_id; @@ -288,7 +288,7 @@ class CI_DB_mssql_driver extends CI_DB { */ public function insert_id() { - $query = (self::_parse_major_version($this->version()) > 7) + $query = version_compare($this->version(), '8', '>=') ? 'SELECT SCOPE_IDENTITY() AS last_id' : 'SELECT @@IDENTITY AS last_id'; @@ -300,23 +300,6 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Parse major version - * - * Grabs the major version number from the - * database server version string passed in. - * - * @param string $version - * @return int major version number - */ - protected function _parse_major_version($version) - { - preg_match('/([0-9]+)\.([0-9]+)\.([0-9]+)/', $version, $ver_info); - return $ver_info[1]; // return the major version b/c that's all we're interested in. - } - - // -------------------------------------------------------------------- - - /** * Version number query string * * @return string @@ -338,16 +321,17 @@ class CI_DB_mssql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name"; + $sql = 'SELECT '.$this->escape_identifiers('name') + .' FROM '.$this->escape_identifiers('sysobjects') + .' WHERE '.$this->escape_identifiers('type')." = 'U'"; - // for future compatibility if ($prefix_limit !== FALSE AND $this->dbprefix !== '') { - //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); - return FALSE; // not currently supported + $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } - return $sql; + return $sql.' ORDER BY '.$this->escape_identifiers('name'); } // -------------------------------------------------------------------- @@ -377,7 +361,7 @@ class CI_DB_mssql_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT TOP 1 * FROM '.$table; + return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 8938d22b5..d11f015a6 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -64,6 +64,12 @@ class CI_DB_mysql_driver extends CI_DB { */ public $delete_hack = TRUE; + /** + * Constructor + * + * @param array + * @return void + */ public function __construct($params) { parent::__construct($params); @@ -74,6 +80,8 @@ class CI_DB_mysql_driver extends CI_DB { } } + // -------------------------------------------------------------------- + /** * Non-persistent database connection * @@ -335,7 +343,7 @@ class CI_DB_mysql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); if ($prefix_limit !== FALSE && $this->dbprefix !== '') { @@ -355,7 +363,7 @@ class CI_DB_mysql_driver extends CI_DB { * @param string the table name * @return string */ - public function _list_columns($table = '') + protected function _list_columns($table = '') { return 'SHOW COLUMNS FROM '.$this->protect_identifiers($table, TRUE, NULL, FALSE); } @@ -453,23 +461,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index d22454d84..2ac75bad2 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -62,7 +62,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { $sql .= "\n\t".$this->db->escape_identifiers($field); - empty($attributes['NAME']) OR ' '.$this->db->escape_identifiers($attributes['NAME']).' '; + empty($attributes['NAME']) OR $sql .= ' '.$this->db->escape_identifiers($attributes['NAME']).' '; if ( ! empty($attributes['TYPE'])) { diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index d3fb77a22..d1581bf1a 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -335,7 +335,7 @@ class CI_DB_mysqli_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); if ($prefix_limit !== FALSE && $this->dbprefix !== '') { @@ -455,24 +455,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.$limit - .($offset > 0 ? ' OFFSET '.$offset : ''); - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index e78091614..67bb0403b 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -66,6 +66,8 @@ class CI_DB_oci8_driver extends CI_DB { protected $_count_string = 'SELECT COUNT(1) AS '; protected $_random_keyword = ' ASC'; // not currently supported + protected $_reserved_identifiers = array('*', 'rownum'); + // Set "auto commit" by default public $commit_mode = OCI_COMMIT_ON_SUCCESS; @@ -464,11 +466,12 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SELECT TABLE_NAME FROM ALL_TABLES'; + $sql = 'SELECT "TABLE_NAME" FROM "ALL_TABLES"'; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql." WHERE TABLE_NAME LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' WHERE "TABLE_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -486,7 +489,7 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SELECT COLUMN_NAME FROM all_tab_columns WHERE table_name = \''.$table.'\''; + return 'SELECT "COLUMN_NAME" FROM "all_tab_columns" WHERE "TABLE_NAME" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -501,7 +504,7 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT * FROM '.$table.' WHERE rownum = 1'; + return 'SELECT * FROM '.$this->protect_identifiers($table).' WHERE rownum = 1'; } // -------------------------------------------------------------------- @@ -634,7 +637,7 @@ class CI_DB_oci8_driver extends CI_DB { { $this->limit_used = TRUE; return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($offset + $limit).')' - .($offset !== 0 ? ' WHERE rnum >= '.$offset : ''); + .($offset ? ' WHERE rnum >= '.$offset : ''); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 222c311c0..bd5759289 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -331,23 +331,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index e25013a52..a3ad46900 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -599,19 +599,12 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - if ($this->pdodriver === 'cubrid' OR $this->pdodriver === 'sqlite') + if ($this->pdodriver === 'pgsql') { - $offset = ($offset == 0) ? '' : $offset.', '; - - return $sql.'LIMIT '.$offset.$limit; + return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : ''); } - else - { - $sql .= 'LIMIT '.$limit; - $sql .= ($offset > 0) ? ' OFFSET '.$offset : ''; - return $sql; - } + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; } } diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index ad9ac9000..e73122bc7 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -399,11 +399,13 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = 'public'"; + $sql = 'SELECT "table_name" FROM "information_schema"."tables" WHERE "table_schema" = \'public\''; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' AND "table_name" LIKE \'' + .$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -421,7 +423,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _list_columns($table = '') { - return "SELECT column_name FROM information_schema.columns WHERE table_name = '".$table."'"; + return 'SELECT "column_name" FROM "information_schema"."columns" WHERE "table_name" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -580,7 +582,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - return $sql.' LIMIT '.$limit.($offset == 0 ? '' : ' OFFSET '.$offset); + return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : ''); } // -------------------------------------------------------------------- @@ -593,31 +595,31 @@ class CI_DB_postgre_driver extends CI_DB { * @param mixed * @param mixed * @param string + * @param mixed * @return object - * */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); } // If the escape value was not set will will base it on the global setting - if ( ! is_bool($escape)) - { - $escape = $this->_protect_identifiers; - } + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); + } if (is_null($v) && ! $this->_has_operator($k)) { diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index 3305f6030..87be7a54a 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -360,23 +360,6 @@ class CI_DB_sqlite_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index bed61891b..1c6533f22 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -353,23 +353,6 @@ class CI_DB_sqlite3_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset ? $offset.',' : '').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 825c02452..4fdc4aae0 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -91,7 +91,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { // Determine how identifiers are escaped $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); return $conn_id; @@ -284,7 +284,17 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - return "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name"; + $sql = 'SELECT '.$this->escape_identifiers('name') + .' FROM '.$this->escape_identifiers('sysobjects') + .' WHERE '.$this->escape_identifiers('type')." = 'U'"; + + if ($prefix_limit === TRUE && $this->dbprefix !== '') + { + $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_escape_like_str, $this->_escape_like_chr); + } + + return $sql.' ORDER BY '.$this->escape_identifiers('name'); } // -------------------------------------------------------------------- @@ -314,7 +324,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT TOP 1 * FROM '.$table; + return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table); } // -------------------------------------------------------------------- |