diff options
Diffstat (limited to 'system/database')
-rw-r--r-- | system/database/DB_query_builder.php | 16 | ||||
-rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 9 |
2 files changed, 18 insertions, 7 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index dad1df116..439530714 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -467,9 +467,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ? $this->_group_get_type('') : $this->_group_get_type($type); - $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) + : $this->escape_identifiers($k); + } if (is_null($v) && ! $this->_has_operator($k)) { @@ -604,8 +607,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } + if ($escape === TRUE) + { + $key = $this->escape_identifiers($key); + } + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + $this->qb_where[] = $where_in = $prefix.$key.$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index fd253033b..21968a8dd 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -614,9 +614,12 @@ class CI_DB_postgre_driver extends CI_DB { ? $this->_group_get_type('') : $this->_group_get_type($type); - $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) + : $this->escape_identifiers($k); + } if (is_null($v) && ! $this->_has_operator($k)) { |