diff options
Diffstat (limited to 'system')
18 files changed, 116 insertions, 54 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 39c19cdf7..65f1f18d0 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -934,8 +934,8 @@ abstract class CI_DB_driver { * * This function escapes column and table names * - * @param string - * @return string + * @param mixed + * @return mixed */ public function escape_identifiers($item) { @@ -943,25 +943,39 @@ abstract class CI_DB_driver { { return $item; } - - foreach ($this->_reserved_identifiers as $id) + elseif (is_array($item)) { - if (strpos($item, '.'.$id) !== FALSE) + foreach ($item as $key => $value) { - $item = str_replace('.', $this->_escape_char.'.', $item); + $item[$key] = $this->escape_identifiers($value); + } + + return $item; + } - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); + static $preg_ec = array(); + + if (empty($preg_ec)) + { + if (is_array($this->_escape_char)) + { + $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); + } + else + { + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); } } - if (strpos($item, '.') !== FALSE) + foreach ($this->_reserved_identifiers as $id) { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + if (strpos($item, '.'.$id) !== FALSE) + { + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1].'.', $item); + } } - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[0].'$1'.$preg_ec[1].'$2', $item); } // -------------------------------------------------------------------- diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 3ed556212..5d0a2ae2c 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -547,7 +547,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { if ($key === NULL OR $values === NULL) { - return; + return $this; } $type = $this->_group_get_type($type); diff --git a/system/database/drivers/cubrid/cubrid_forge.php b/system/database/drivers/cubrid/cubrid_forge.php index 8434cd2e2..d328aa241 100644 --- a/system/database/drivers/cubrid/cubrid_forge.php +++ b/system/database/drivers/cubrid/cubrid_forge.php @@ -158,7 +158,7 @@ class CI_DB_cubrid_forge extends CI_DB_forge { if (count($primary_keys) > 0) { $key_name = $this->db->escape_identifiers('pk_'.$table.'_'.implode('_', $primary_keys)); - $sql .= ",\n\tCONSTRAINT ".$key_name.' PRIMARY KEY('.implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tCONSTRAINT ".$key_name.' PRIMARY KEY('.implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -168,7 +168,7 @@ class CI_DB_cubrid_forge extends CI_DB_forge { if (is_array($key)) { $key_name = $this->db->escape_identifiers('idx_'.$table.implode('_', $key)); - $key = $this->db->protect_identifiers($key); + $key = $this->db->escape_identifiers($key); } else { diff --git a/system/database/drivers/interbase/interbase_forge.php b/system/database/drivers/interbase/interbase_forge.php index 4e6a60c72..3f9967f1f 100644 --- a/system/database/drivers/interbase/interbase_forge.php +++ b/system/database/drivers/interbase/interbase_forge.php @@ -87,7 +87,7 @@ class CI_DB_interbase_forge extends CI_DB_forge { { $sql = 'CREATE TABLE '; - $sql .= $this->db->protect_identifiers($table).'('; + $sql .= $this->db->escape_identifiers($table).'('; $current_field_count = 0; foreach ($fields as $field => $attributes) @@ -135,7 +135,7 @@ class CI_DB_interbase_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $primary_keys = $this->db->protect_identifiers($primary_keys); + $primary_keys = $this->db->escape_identifiers($primary_keys); $sql .= ",\n\tPRIMARY KEY (".implode(', ', $primary_keys).')'; } @@ -144,7 +144,7 @@ class CI_DB_interbase_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tUNIQUE (".implode(', ', $key).')'; diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 3eaea2e8e..87094e76e 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -43,7 +43,7 @@ class CI_DB_mssql_driver extends CI_DB { public $dbdriver = 'mssql'; // The character used for escaping - protected $_escape_char = ''; + protected $_escape_char = '"'; // clause and character used for LIKE escape sequences protected $_like_escape_str = " ESCAPE '%s' "; @@ -57,6 +57,17 @@ class CI_DB_mssql_driver extends CI_DB { protected $_count_string = 'SELECT COUNT(*) AS '; protected $_random_keyword = ' NEWID()'; + // MSSQL-specific properties + protected $_quoted_identifier = TRUE; + + /* + * Constructor + * + * Appends the port number to the hostname, if needed. + * + * @param array + * @return void + */ public function __construct($params) { parent::__construct($params); @@ -67,6 +78,8 @@ class CI_DB_mssql_driver extends CI_DB { } } + // -------------------------------------------------------------------- + /** * Non-persistent database connection * @@ -74,7 +87,7 @@ class CI_DB_mssql_driver extends CI_DB { */ public function db_connect() { - return @mssql_connect($this->hostname, $this->username, $this->password); + return $this->_mssql_connect(); } // -------------------------------------------------------------------- @@ -86,7 +99,35 @@ class CI_DB_mssql_driver extends CI_DB { */ public function db_pconnect() { - return @mssql_pconnect($this->hostname, $this->username, $this->password); + return $this->_mssql_connect(TRUE); + } + + // -------------------------------------------------------------------- + + /* + * MSSQL Connect + * + * @param bool + * @return resource + */ + protected function _mssql_connect($persistent = FALSE) + { + $conn_id = ($persistent) + ? @mssql_pconnect($this->hostname, $this->username, $this->password) + : @mssql_connect($this->hostname, $this->username, $this->password); + + if ( ! $conn_id) + { + return FALSE; + } + + // Determine how identifiers are escaped + $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); + $query = $query->row_array(); + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); + + return $conn_id; } // -------------------------------------------------------------------- @@ -106,7 +147,7 @@ class CI_DB_mssql_driver extends CI_DB { // Note: The brackets are required in the event that the DB name // contains reserved characters - if (@mssql_select_db('['.$database.']', $this->conn_id)) + if (@mssql_select_db($this->escape_identifiers($database), $this->conn_id)) { $this->database = $database; return TRUE; diff --git a/system/database/drivers/mssql/mssql_forge.php b/system/database/drivers/mssql/mssql_forge.php index 4d98221e9..3a3528f7b 100644 --- a/system/database/drivers/mssql/mssql_forge.php +++ b/system/database/drivers/mssql/mssql_forge.php @@ -103,7 +103,7 @@ class CI_DB_mssql_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -111,7 +111,7 @@ class CI_DB_mssql_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tFOREIGN KEY (".implode(', ', $key).')'; diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index 7656c289c..d22454d84 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -142,7 +142,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { if (count($primary_keys) > 0) { $key_name = $this->db->escape_identifiers(implode('_', $primary_keys)); - $sql .= ",\n\tPRIMARY KEY ".$key_name.' ('.implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY ".$key_name.' ('.implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -152,7 +152,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { if (is_array($key)) { $key_name = $this->db->escape_identifiers(implode('_', $key)); - $key = $this->db->protect_identifiers($key); + $key = $this->db->escape_identifiers($key); } else { diff --git a/system/database/drivers/mysql/mysql_utility.php b/system/database/drivers/mysql/mysql_utility.php index 643682fde..f0bbc665e 100644 --- a/system/database/drivers/mysql/mysql_utility.php +++ b/system/database/drivers/mysql/mysql_utility.php @@ -65,7 +65,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { } // Get the table schema - $query = $this->db->query('SHOW CREATE TABLE '.$this->db->protect_identifiers($this->db->database).'.'.$this->db->protect_identifiers($table)); + $query = $this->db->query('SHOW CREATE TABLE '.$this->db->escape_identifiers($this->db->database.'.'.$table)); // No result means the table name was invalid if ($query === FALSE) @@ -120,7 +120,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { TRUE); // Create a string of field names - $field_str .= $this->db->protect_identifiers($field->name).', '; + $field_str .= $this->db->escape_identifiers($field->name).', '; $i++; } diff --git a/system/database/drivers/mysqli/mysqli_forge.php b/system/database/drivers/mysqli/mysqli_forge.php index e0e98f151..b74c775b2 100644 --- a/system/database/drivers/mysqli/mysqli_forge.php +++ b/system/database/drivers/mysqli/mysqli_forge.php @@ -152,7 +152,7 @@ class CI_DB_mysqli_forge extends CI_DB_forge { if (is_array($key)) { $key_name = $this->db->escape_identifiers(implode('_', $key)); - $key = $this->db->protect_identifiers($key); + $key = $this->db->escape_identifiers($key); } else { diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php index be093750b..92e8c02ed 100644 --- a/system/database/drivers/oci8/oci8_forge.php +++ b/system/database/drivers/oci8/oci8_forge.php @@ -100,7 +100,7 @@ class CI_DB_oci8_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tCONSTRAINT ".$table.' PRIMARY KEY ('.implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tCONSTRAINT ".$table.' PRIMARY KEY ('.implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -108,7 +108,7 @@ class CI_DB_oci8_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tUNIQUE COLUMNS (".implode(', ', $key).')'; diff --git a/system/database/drivers/odbc/odbc_forge.php b/system/database/drivers/odbc/odbc_forge.php index 5c0b200eb..b074c5884 100644 --- a/system/database/drivers/odbc/odbc_forge.php +++ b/system/database/drivers/odbc/odbc_forge.php @@ -104,7 +104,7 @@ class CI_DB_odbc_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -112,7 +112,7 @@ class CI_DB_odbc_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tFOREIGN KEY (".implode(', ', $key).')'; diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php index 56457505c..02ceb74fe 100644 --- a/system/database/drivers/pdo/pdo_forge.php +++ b/system/database/drivers/pdo/pdo_forge.php @@ -112,7 +112,7 @@ class CI_DB_pdo_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -120,7 +120,7 @@ class CI_DB_pdo_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tFOREIGN KEY (".implode(', ', $key).')'; diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php index fc1124568..c434e9510 100644 --- a/system/database/drivers/postgre/postgre_forge.php +++ b/system/database/drivers/postgre/postgre_forge.php @@ -158,13 +158,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - // Something seems to break when passing an array to escape_identifiers() - foreach ($primary_keys as $index => $key) - { - $primary_keys[$index] = $this->db->escape_identifiers($key); - } - - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $primary_keys).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } $sql .= "\n);"; @@ -174,7 +168,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); foreach ($key as $field) diff --git a/system/database/drivers/sqlite/sqlite_forge.php b/system/database/drivers/sqlite/sqlite_forge.php index ba7dc902b..71eed7df4 100644 --- a/system/database/drivers/sqlite/sqlite_forge.php +++ b/system/database/drivers/sqlite/sqlite_forge.php @@ -136,7 +136,7 @@ class CI_DB_sqlite_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -144,7 +144,7 @@ class CI_DB_sqlite_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tUNIQUE (".implode(', ', $key).')'; diff --git a/system/database/drivers/sqlite3/sqlite3_forge.php b/system/database/drivers/sqlite3/sqlite3_forge.php index 84651abd2..f8bd11656 100644 --- a/system/database/drivers/sqlite3/sqlite3_forge.php +++ b/system/database/drivers/sqlite3/sqlite3_forge.php @@ -143,7 +143,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -151,7 +151,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->db->escape_identifiers($key)); $sql .= ",\n\tUNIQUE (".implode(', ', $key).')'; diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 74e11c3af..655a9e90b 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -43,7 +43,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { public $dbdriver = 'sqlsrv'; // The character used for escaping - protected $_escape_char = ''; + protected $_escape_char = '"'; // clause and character used for LIKE escape sequences protected $_like_escape_str = " ESCAPE '%s' "; @@ -57,6 +57,9 @@ class CI_DB_sqlsrv_driver extends CI_DB { protected $_count_string = 'SELECT COUNT(*) AS '; protected $_random_keyword = ' NEWID()'; + // SQLSRV-specific properties + protected $_quoted_identifier = TRUE; + /** * Non-persistent database connection * @@ -83,7 +86,15 @@ class CI_DB_sqlsrv_driver extends CI_DB { unset($connection['UID'], $connection['PWD']); } - return sqlsrv_connect($this->hostname, $connection); + $conn_id = sqlsrv_connect($this->hostname, $connection); + + // Determine how identifiers are escaped + $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); + $query = $query->row_array(); + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); + + return $conn_id; } // -------------------------------------------------------------------- @@ -451,7 +462,10 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - return preg_replace('/(^\SELECT (DISTINCT)?)/i','\\1 TOP '.($limit + $offset).' ', $sql); + // As of SQL Server 2012 (11.0.*) OFFSET is supported + return version_compare($this->version(), '11', '>=') + ? $sql.' OFFSET '.(int) $offset.' ROWS FETCH NEXT '.(int) $limit.' ROWS ONLY' + : preg_replace('/(^\SELECT (DISTINCT)?)/i','\\1 TOP '.($limit + $offset).' ', $sql); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlsrv/sqlsrv_forge.php b/system/database/drivers/sqlsrv/sqlsrv_forge.php index 559746e87..e6f7e1ac1 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_forge.php +++ b/system/database/drivers/sqlsrv/sqlsrv_forge.php @@ -103,7 +103,7 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge { if (count($primary_keys) > 0) { - $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->protect_identifiers($primary_keys)).')'; + $sql .= ",\n\tPRIMARY KEY (".implode(', ', $this->db->escape_identifiers($primary_keys)).')'; } if (is_array($keys) && count($keys) > 0) @@ -111,7 +111,7 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge { foreach ($keys as $key) { $key = is_array($key) - ? $this->db->protect_identifiers($key) + ? $this->db->escape_identifiers($key) : array($this->escape_identifiers($key)); $sql .= ",\n\tFOREIGN KEY (".implode(', ', $key).')'; diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 959e2eea8..ce5e030b0 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -104,8 +104,7 @@ class CI_Encrypt { return $this->encryption_key; } - $CI =& get_instance(); - $key = $CI->config->item('encryption_key'); + $key = config_item('encryption_key'); if ($key === FALSE) { |