diff options
Diffstat (limited to 'system')
27 files changed, 707 insertions, 1496 deletions
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index b324226ab..a19f9bedd 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -1219,6 +1219,23 @@ abstract class CI_DB_active_record extends CI_DB_driver { // -------------------------------------------------------------------- /** + * Insert_batch statement + * + * Generates a platform-specific insert string from the supplied data. + * + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + protected function _insert_batch($table, $keys, $values) + { + return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); + } + + // -------------------------------------------------------------------- + + /** * The "set_insert_batch" function. Allows key/value pairs to be set for batch inserts * * @param mixed @@ -1341,6 +1358,23 @@ abstract class CI_DB_active_record extends CI_DB_driver { // -------------------------------------------------------------------- /** + * Insert statement + * + * Generates a platform-specific insert string from the supplied data + * + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + protected function _insert($table, $keys, $values) + { + return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; + } + + // -------------------------------------------------------------------- + + /** * Validate Insert * * This method is used by both insert() and get_compiled_insert() to @@ -1413,6 +1447,23 @@ abstract class CI_DB_active_record extends CI_DB_driver { // -------------------------------------------------------------------- /** + * Replace statement + * + * Generates a platform-specific replace string from the supplied data + * + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + protected function _replace($table, $keys, $values) + { + return 'REPLACE INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; + } + + // -------------------------------------------------------------------- + + /** * Get UPDATE query string * * Compiles an update query and returns the sql @@ -1486,6 +1537,33 @@ abstract class CI_DB_active_record extends CI_DB_driver { // -------------------------------------------------------------------- /** + * Update statement + * + * Generates a platform-specific update string from the supplied data + * + * @param string the table name + * @param array the update data + * @param array the where clause + * @param array the orderby clause + * @param array the limit clause + * @return string + */ + protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) + { + foreach ($values as $key => $val) + { + $valstr[] = $key.' = '.$val; + } + + return 'UPDATE '.$table.' SET '.implode(', ', $valstr) + .(($where != '' && count($where) > 0) ? ' WHERE '.implode(' ', $where) : '') + .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '') + .($limit ? ' LIMIT '.$limit : ''); + } + + // -------------------------------------------------------------------- + + /** * Validate Update * * This method is used by both update() and get_compiled_update() to @@ -1684,6 +1762,24 @@ abstract class CI_DB_active_record extends CI_DB_driver { // -------------------------------------------------------------------- /** + * Truncate statement + * + * Generates a platform-specific truncate string from the supplied data + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' + * + * @param string the table name + * @return string + */ + protected function _truncate($table) + { + return 'TRUNCATE '.$table; + } + + // -------------------------------------------------------------------- + + /** * Get DELETE query string * * Compiles a delete query string and returns the sql diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index dea705054..8b030af77 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -901,6 +901,43 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Escape the SQL Identifiers + * + * This function escapes column and table names + * + * @param string + * @return string + */ + public function escape_identifiers($item) + { + if ($this->_escape_char == '') + { + return $item; + } + + foreach ($this->_reserved_identifiers as $id) + { + if (strpos($item, '.'.$id) !== FALSE) + { + $item = str_replace('.', $this->_escape_char.'.', $item); + + // remove duplicates if the user already included the escape + return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); + } + } + + if (strpos($item, '.') !== FALSE) + { + $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + } + + // remove duplicates if the user already included the escape + return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); + } + + // -------------------------------------------------------------------- + + /** * Generate an insert string * * @param string the table upon which the query will be performed @@ -913,7 +950,7 @@ abstract class CI_DB_driver { foreach ($data as $key => $val) { - $fields[] = $this->_escape_identifiers($key); + $fields[] = $this->escape_identifiers($key); $values[] = $this->escape($val); } @@ -1254,7 +1291,7 @@ abstract class CI_DB_driver { { if ( ! in_array($val, $this->_reserved_identifiers)) { - $parts[$key] = $this->_escape_identifiers($val); + $parts[$key] = $this->escape_identifiers($val); } } @@ -1311,7 +1348,7 @@ abstract class CI_DB_driver { if ($protect_identifiers === TRUE) { - $item = $this->_escape_identifiers($item); + $item = $this->escape_identifiers($item); } return $item.$alias; @@ -1334,7 +1371,7 @@ abstract class CI_DB_driver { if ($protect_identifiers === TRUE && ! in_array($item, $this->_reserved_identifiers)) { - $item = $this->_escape_identifiers($item); + $item = $this->escape_identifiers($item); } return $item.$alias; diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index 0f9c427e6..74d1a850a 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -435,45 +435,6 @@ class CI_DB_cubrid_driver extends CI_DB { return array('code' => cubrid_errno($this->conn_id), 'message' => cubrid_error($this->conn_id)); } - /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - } - - if (strpos($item, '.') !== FALSE) - { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char; - } - else - { - $str = $this->_escape_char.$item.$this->_escape_char; - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - // -------------------------------------------------------------------- /** @@ -498,94 +459,6 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return "INSERT INTO ".$table." (\"".implode('", "', $keys)."\") VALUES (".implode(', ', $values).")"; - } - - // -------------------------------------------------------------------- - - - /** - * Replace statement - * - * Generates a platform-specific replace string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _replace($table, $keys, $values) - { - return "REPLACE INTO ".$table." (\"".implode('", "', $keys)."\") VALUES (".implode(', ', $values).")"; - } - - // -------------------------------------------------------------------- - - /** - * Insert_batch statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert_batch($table, $keys, $values) - { - return "INSERT INTO ".$table." (\"".implode('", "', $keys)."\") VALUES ".implode(', ', $values); - } - - // -------------------------------------------------------------------- - - - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = sprintf('"%s" = %s', $key, $val); - } - - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - - $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; - - $sql = "UPDATE ".$table." SET ".implode(', ', $valstr); - - $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : ''; - - $sql .= $orderby.$limit; - - return $sql; - } - - // -------------------------------------------------------------------- - - - /** * Update_Batch statement * * Generates a platform-specific batch update string from the supplied data @@ -637,23 +510,6 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" - * - * @param string the table name - * @return string - */ - protected function _truncate($table) - { - return "TRUNCATE ".$table; - } - - // -------------------------------------------------------------------- - - /** * Delete statement * * Generates a platform-specific delete string from the supplied data diff --git a/system/database/drivers/cubrid/cubrid_forge.php b/system/database/drivers/cubrid/cubrid_forge.php index bbda484c4..f83dc97f4 100644 --- a/system/database/drivers/cubrid/cubrid_forge.php +++ b/system/database/drivers/cubrid/cubrid_forge.php @@ -184,9 +184,7 @@ class CI_DB_cubrid_forge extends CI_DB_forge { // As of version 8.4.0 CUBRID does not support this SQL syntax. } - $sql .= $this->db->_escape_identifiers($table)." ("; - - $sql .= $this->_process_fields($fields); + $sql .= $this->db->escape_identifiers($table).' ('.$this->_process_fields($fields); // If there is a PK defined if (count($primary_keys) > 0) @@ -230,7 +228,7 @@ class CI_DB_cubrid_forge extends CI_DB_forge { */ public function _drop_table($table) { - return "DROP TABLE IF EXISTS ".$this->db->_escape_identifiers($table); + return 'DROP TABLE IF EXISTS '.$this->db->escape_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php index 6d3346292..88638a21a 100644 --- a/system/database/drivers/interbase/interbase_driver.php +++ b/system/database/drivers/interbase/interbase_driver.php @@ -343,38 +343,6 @@ class CI_DB_interbase_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This public function escapes column and table names - * - * @param string - * @return string - */ - protected function _escape_identifiers($item) - { - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This public function implicitly groups FROM tables so there is no confusion @@ -397,23 +365,6 @@ class CI_DB_interbase_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data @@ -446,15 +397,16 @@ class CI_DB_interbase_driver extends CI_DB { * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This public function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return $this->_delete($table); + return 'DELETE FROM '.$table; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 81af6cd72..ae3b843ee 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -404,47 +404,6 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - } - - if (strpos($item, '.') !== FALSE) - { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char; - } - else - { - $str = $this->_escape_char.$item.$this->_escape_char; - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -466,70 +425,19 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; - } - - // -------------------------------------------------------------------- - - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key." = ".$val; - } - - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - - $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; - - $sql = "UPDATE ".$table." SET ".implode(', ', $valstr); - - $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : ''; - - $sql .= $orderby.$limit; - - return $sql; - } - - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return "TRUNCATE ".$table; + return 'TRUNCATE TABLE '.$table; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mssql/mssql_forge.php b/system/database/drivers/mssql/mssql_forge.php index 2e3e314ed..d787b3764 100644 --- a/system/database/drivers/mssql/mssql_forge.php +++ b/system/database/drivers/mssql/mssql_forge.php @@ -68,7 +68,7 @@ class CI_DB_mssql_forge extends CI_DB_forge { */ public function _drop_table($table) { - return "DROP TABLE ".$this->db->_escape_identifiers($table); + return 'DROP TABLE '.$this->db->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -92,7 +92,7 @@ class CI_DB_mssql_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table)." ("; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; foreach ($fields as $field => $attributes) diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index bef4111c3..28020d3e6 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -439,43 +439,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -497,59 +460,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - - /** - * Replace statement - * - * Generates a platform-specific replace string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _replace($table, $keys, $values) - { - return 'REPLACE INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** - * Insert_batch statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert_batch($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); - } - - // -------------------------------------------------------------------- - - - /** * Update statement * * Generates a platform-specific update string from the supplied data @@ -624,23 +534,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" - * - * @param string the table name - * @return string - */ - protected function _truncate($table) - { - return 'TRUNCATE '.$table; - } - - // -------------------------------------------------------------------- - - /** * Delete statement * * Generates a platform-specific delete string from the supplied data diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 47b0449d6..50e213641 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -439,43 +439,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -497,85 +460,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** - * Insert_batch statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert_batch($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); - } - - // -------------------------------------------------------------------- - - - /** - * Replace statement - * - * Generates a platform-specific replace string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _replace($table, $keys, $values) - { - return 'REPLACE INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key.' = '.$val; - } - - return 'UPDATE '.$table.' SET '.implode(', ', $valstr) - .(($where != '' && count($where) > 0) ? ' WHERE '.implode(' ', $where) : '') - .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '') - .( ! $limit ? '' : ' LIMIT '.$limit); - } - - // -------------------------------------------------------------------- - - /** * Update_Batch statement * * Generates a platform-specific batch update string from the supplied data @@ -619,23 +503,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" - * - * @param string the table name - * @return string - */ - protected function _truncate($table) - { - return 'TRUNCATE '.$table; - } - - // -------------------------------------------------------------------- - - /** * Delete statement * * Generates a platform-specific delete string from the supplied data diff --git a/system/database/drivers/mysqli/mysqli_forge.php b/system/database/drivers/mysqli/mysqli_forge.php index a1caf5cfb..4b6939e2a 100644 --- a/system/database/drivers/mysqli/mysqli_forge.php +++ b/system/database/drivers/mysqli/mysqli_forge.php @@ -148,7 +148,7 @@ class CI_DB_mysqli_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table).' ('.$this->_process_fields($fields); + $sql .= $this->db->escape_identifiers($table).' ('.$this->_process_fields($fields); if (count($primary_keys) > 0) { @@ -187,7 +187,7 @@ class CI_DB_mysqli_forge extends CI_DB_forge { */ public function _drop_table($table) { - return 'DROP TABLE IF EXISTS '.$this->db->_escape_identifiers($table); + return 'DROP TABLE IF EXISTS '.$this->db->escape_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysqli/mysqli_utility.php b/system/database/drivers/mysqli/mysqli_utility.php index 4d7002e78..cb3f86b8b 100644 --- a/system/database/drivers/mysqli/mysqli_utility.php +++ b/system/database/drivers/mysqli/mysqli_utility.php @@ -56,7 +56,7 @@ class CI_DB_mysqli_utility extends CI_DB_utility { */ public function _optimize_table($table) { - return 'OPTIMIZE TABLE '.$this->db->_escape_identifiers($table); + return 'OPTIMIZE TABLE '.$this->db->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -71,7 +71,7 @@ class CI_DB_mysqli_utility extends CI_DB_utility { */ public function _repair_table($table) { - return 'REPAIR TABLE '.$this->db->_escape_identifiers($table); + return 'REPAIR TABLE '.$this->db->escape_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 0a96f3f6d..6e225ee1f 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -567,43 +567,6 @@ class CI_DB_oci8_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -620,23 +583,6 @@ class CI_DB_oci8_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** * Insert_batch statement * * Generates a platform-specific insert string from the supplied data @@ -653,7 +599,7 @@ class CI_DB_oci8_driver extends CI_DB { for ($i = 0, $c = count($values); $i < $c; $i++) { - $sql .= ' INTO '.$table.' ('.$keys.') VALUES '.$values[$i].'\n'; + $sql .= ' INTO '.$table.' ('.$keys.') VALUES '.$values[$i]."\n"; } return $sql.'SELECT * FROM dual'; @@ -662,38 +608,12 @@ class CI_DB_oci8_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key.' = '.$val; - } - - return 'UPDATE '.$table.' SET '.implode(', ', $valstr) - .(($where != '' && count($where) > 0) ? ' WHERE '.implode(' ', $where) : '') - .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '') - .( ! $limit ? '' : ' LIMIT '.$limit); - } - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php index 4b2eccae5..033e618e7 100644 --- a/system/database/drivers/oci8/oci8_forge.php +++ b/system/database/drivers/oci8/oci8_forge.php @@ -81,7 +81,7 @@ class CI_DB_oci8_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table).' ('; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; foreach ($fields as $field => $attributes) diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index ed901bd81..d1a5f774b 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -343,47 +343,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - } - - if (strpos($item, '.') !== FALSE) - { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char; - } - else - { - $str = $this->_escape_char.$item.$this->_escape_char; - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -405,70 +364,19 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; - } - - // -------------------------------------------------------------------- - - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key." = ".$val; - } - - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - - $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; - - $sql = "UPDATE ".$table." SET ".implode(', ', $valstr); - - $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : ''; - - $sql .= $orderby.$limit; - - return $sql; - } - - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return $this->_delete($table); + return 'DELETE FROM '.$table; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/odbc/odbc_forge.php b/system/database/drivers/odbc/odbc_forge.php index 486a8dd7f..afdd6dec2 100644 --- a/system/database/drivers/odbc/odbc_forge.php +++ b/system/database/drivers/odbc/odbc_forge.php @@ -91,7 +91,7 @@ class CI_DB_odbc_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table)." ("; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; foreach ($fields as $field => $attributes) diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index a9bed367e..919bb9c00 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -46,8 +46,8 @@ class CI_DB_pdo_driver extends CI_DB { protected $_escape_char = ''; // clause and character used for LIKE escape sequences - protected $_like_escape_str; - protected $_like_escape_chr; + protected $_like_escape_str = " ESCAPE '%s' "; + protected $_like_escape_chr = '!'; /** * The syntax to count rows is slightly different across different @@ -81,18 +81,17 @@ class CI_DB_pdo_driver extends CI_DB { // this one depends on the driver being used if ($this->pdodriver == 'mysql') { + $this->_escape_char = '`'; $this->_like_escape_str = ''; $this->_like_escape_chr = ''; } elseif ($this->pdodriver == 'odbc') { $this->_like_escape_str = " {escape '%s'} "; - $this->_like_escape_chr = '!'; } - else + elseif ( ! in_array($this->pdodriver, array('sqlsrv', 'mssql', 'dblib', 'sybase'))) { - $this->_like_escape_str = " ESCAPE '%s' "; - $this->_like_escape_chr = '!'; + $this->_escape_char = '"'; } $this->trans_enabled = FALSE; @@ -268,8 +267,6 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _execute($sql) { - $sql = $this->_prep_query($sql); - $result_id = $this->conn_id->query($sql); if (is_object($result_id)) @@ -287,32 +284,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Prep the query - * - * If needed, each database adapter can prep the query string - * - * @param string an SQL query - * @return string - */ - protected function _prep_query($sql) - { - if ($this->pdodriver === 'pgsql') - { - // Change the backtick(s) for Postgre - $sql = str_replace('`', '"', $sql); - } - elseif ($this->pdodriver === 'sqlite') - { - // Change the backtick(s) for SQLite - $sql = str_replace('`', '', $sql); - } - - return $sql; - } - - // -------------------------------------------------------------------- - - /** * Begin Transaction * * @return bool @@ -516,7 +487,7 @@ class CI_DB_pdo_driver extends CI_DB { } else { - $sql = "SHOW TABLES FROM `".$this->database."`"; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); } if ($prefix_limit !== FALSE AND $this->dbprefix != '') @@ -539,7 +510,7 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SHOW COLUMNS FROM '.$this->_from_tables($table); + return 'SHOW COLUMNS FROM '.$this->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -557,20 +528,20 @@ class CI_DB_pdo_driver extends CI_DB { if ($this->pdodriver == 'mysql' or $this->pdodriver == 'pgsql') { // Analog function for mysql and postgre - return 'SELECT * FROM '.$this->_from_tables($table).' LIMIT 1'; + return 'SELECT * FROM '.$this->escape_identifiers($table).' LIMIT 1'; } elseif ($this->pdodriver == 'oci') { // Analog function for oci - return 'SELECT * FROM '.$this->_from_tables($table).' WHERE ROWNUM <= 1'; + return 'SELECT * FROM '.$this->escape_identifiers($table).' WHERE ROWNUM <= 1'; } elseif ($this->pdodriver == 'sqlite') { // Analog function for sqlite - return 'PRAGMA table_info('.$this->_from_tables($table).')'; + return 'PRAGMA table_info('.$this->escape_identifiers($table).')'; } - return 'SELECT TOP 1 FROM '.$this->_from_tables($table); + return 'SELECT TOP 1 FROM '.$this->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -605,48 +576,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - } - - if (strpos($item, '.') !== FALSE) - { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - $str .= $this->_escape_char; - } - else - { - $str = $this->_escape_char.$item.$this->_escape_char; - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -662,72 +591,7 @@ class CI_DB_pdo_driver extends CI_DB { $tables = array($tables); } - return (count($tables) == 1) ? '`'.$tables[0].'`' : '('.implode(', ', $tables).')'; - } - - // -------------------------------------------------------------------- - - /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** - * Insert_batch statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert_batch($table, $keys, $values) - { - return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); - } - - // -------------------------------------------------------------------- - - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key." = ".$val; - } - - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - $orderby = (count($orderby) >= 1) ? ' ORDER BY '.implode(', ', $orderby) : ''; - - $sql = 'UPDATE '.$this->_from_tables($table).' SET '.implode(', ', $valstr); - $sql .= ($where != '' && count($where) >= 1) ? ' WHERE '.implode(' ', $where) : ''; - $sql .= $orderby.$limit; - - return $sql; + return (count($tables) === 1) ? $tables[0] : '('.implode(', ', $tables).')'; } // -------------------------------------------------------------------- @@ -760,7 +624,7 @@ class CI_DB_pdo_driver extends CI_DB { } } - $sql = 'UPDATE '.$this->_from_tables($table).' SET '; + $sql = 'UPDATE '.$table.' SET '; $cases = ''; foreach ($final as $k => $v) @@ -787,15 +651,16 @@ class CI_DB_pdo_driver extends CI_DB { * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return $this->_delete($table); + return 'DELETE FROM '.$table; } // -------------------------------------------------------------------- @@ -829,7 +694,7 @@ class CI_DB_pdo_driver extends CI_DB { $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - return 'DELETE FROM '.$this->_from_tables($table).$conditions.$limit; + return 'DELETE FROM '.$table.$conditions.$limit; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php index 6bff3542f..9635e4c9a 100644 --- a/system/database/drivers/pdo/pdo_forge.php +++ b/system/database/drivers/pdo/pdo_forge.php @@ -91,10 +91,10 @@ class CI_DB_pdo_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= '`'.$this->db->_escape_identifiers($table).'` ('; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; - foreach ($fields as $field=>$attributes) + foreach ($fields as $field => $attributes) { // Numeric field names aren't allowed in databases, so if the key is // numeric, we know it was assigned by PHP and the developer manually diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index d92110e3b..a5e296718 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -465,43 +465,6 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -523,40 +486,6 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** - * Insert_batch statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert_batch($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data @@ -584,23 +513,6 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" - * - * @param string the table name - * @return string - */ - protected function _truncate($table) - { - return 'TRUNCATE '.$table; - } - - // -------------------------------------------------------------------- - - /** * Delete statement * * Generates a platform-specific delete string from the supplied data diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php index ab9c95b89..0662ce9e8 100644 --- a/system/database/drivers/postgre/postgre_forge.php +++ b/system/database/drivers/postgre/postgre_forge.php @@ -172,7 +172,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { } } - $sql .= $this->db->protect_identifiers($table).' ('.$this->_process_fields($fields, $primary_keys); + $sql .= $this->db->escape_identifiers($table).' ('.$this->_process_fields($fields, $primary_keys); if (count($primary_keys) > 0) { @@ -220,7 +220,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { */ public function _drop_table($table) { - return 'DROP TABLE IF EXISTS '.$this->db->protect_identifiers($table).' CASCADE'; + return 'DROP TABLE IF EXISTS '.$this->db->escape_identifiers($table).' CASCADE'; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index ef543c9b5..3a986d0a8 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -366,47 +366,6 @@ class CI_DB_sqlite_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - } - - if (strpos($item, '.') !== FALSE) - { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char; - } - else - { - $str = $this->_escape_char.$item.$this->_escape_char; - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -428,70 +387,36 @@ class CI_DB_sqlite_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement + * Replace statement * - * Generates a platform-specific insert string from the supplied data + * Generates a platform-specific replace string from the supplied data * * @param string the table name * @param array the insert keys * @param array the insert values * @return string */ - protected function _insert($table, $keys, $values) + protected function _replace($table, $keys, $values) { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; + return 'INSERT OR '.parent::_replace($table, $keys, $values); } // -------------------------------------------------------------------- /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key." = ".$val; - } - - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - - $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; - - $sql = "UPDATE ".$table." SET ".implode(', ', $valstr); - - $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : ''; - - $sql .= $orderby.$limit; - - return $sql; - } - - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this function maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return $this->_delete($table); + return 'DELETE FROM '.$table; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlite/sqlite_forge.php b/system/database/drivers/sqlite/sqlite_forge.php index 068a556ed..a62e8d9ae 100644 --- a/system/database/drivers/sqlite/sqlite_forge.php +++ b/system/database/drivers/sqlite/sqlite_forge.php @@ -90,10 +90,10 @@ class CI_DB_sqlite_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table)."("; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; - foreach ($fields as $field=>$attributes) + foreach ($fields as $field => $attributes) { // Numeric field names aren't allowed in databases, so if the key is // numeric, we know it was assigned by PHP and the developer manually diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index de3705296..12354e1bc 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -16,12 +16,12 @@ * through the world wide web, please send an email to * licensing@ellislab.com so we can send you a copy immediately. * - * @package CodeIgniter - * @author EllisLab Dev Team + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 1.0 + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) + * @link http://codeigniter.com + * @since Version 1.0 * @filesource */ @@ -32,11 +32,12 @@ * creates dynamically based on whether the active record * class is being used or not. * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Drivers * @category Database - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/database/ + * @since Version 3.0 */ class CI_DB_sqlite3_driver extends CI_DB { @@ -341,43 +342,6 @@ class CI_DB_sqlite3_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -399,45 +363,18 @@ class CI_DB_sqlite3_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement + * Replace statement * - * Generates a platform-specific insert string from the supplied data + * Generates a platform-specific replace string from the supplied data * * @param string the table name * @param array the insert keys * @param array the insert values * @return string */ - protected function _insert($table, $keys, $values) + protected function _replace($table, $keys, $values) { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key.' = '.$val; - } - - return 'UPDATE '.$table.' SET '.implode(', ', $valstr) - .(($where != '' && count($where) > 0) ? ' WHERE '.implode(' ', $where) : '') - .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '') - .( ! $limit ? '' : ' LIMIT '.$limit); + return 'INSERT OR '.parent::_replace($table, $keys, $values); } // -------------------------------------------------------------------- @@ -446,15 +383,16 @@ class CI_DB_sqlite3_driver extends CI_DB { * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command, then - * this method maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, then, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return $this->_delete($table); + return 'DELETE FROM '.$table; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlite3/sqlite3_forge.php b/system/database/drivers/sqlite3/sqlite3_forge.php index 254db21d8..3a2060c3b 100644 --- a/system/database/drivers/sqlite3/sqlite3_forge.php +++ b/system/database/drivers/sqlite3/sqlite3_forge.php @@ -95,10 +95,10 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table).'('; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; - foreach ($fields as $field=>$attributes) + foreach ($fields as $field => $attributes) { // Numeric field names aren't allowed in databases, so if the key is // numeric, we know it was assigned by PHP and the developer manually diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index bb4f009bc..f4eab8f28 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -393,21 +393,6 @@ class CI_DB_sqlsrv_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - return $item; - } - - // -------------------------------------------------------------------- - - /** * From Tables * * This function implicitly groups FROM tables so there is no confusion @@ -429,23 +414,6 @@ class CI_DB_sqlsrv_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data @@ -473,15 +441,16 @@ class CI_DB_sqlsrv_driver extends CI_DB { * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return "TRUNCATE ".$table; + return 'TRUNCATE TABLE '.$table; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlsrv/sqlsrv_forge.php b/system/database/drivers/sqlsrv/sqlsrv_forge.php index 0dc7b5242..377dcf154 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_forge.php +++ b/system/database/drivers/sqlsrv/sqlsrv_forge.php @@ -63,11 +63,12 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge { /** * Drop Table * - * @return bool + * @param string table name + * @return string */ public function _drop_table($table) { - return "DROP TABLE ".$this->db->_escape_identifiers($table); + return 'DROP TABLE '.$this->db->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -91,7 +92,7 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table)." ("; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; foreach ($fields as $field => $attributes) diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index b6e6c810d..fea560c2e 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -25,14 +25,6 @@ * @filesource */ -if ( ! function_exists('xml_parser_create')) -{ - show_error('Your PHP installation does not support XML'); -} - - -// ------------------------------------------------------------------------ - /** * XML-RPC request handler class * @@ -42,6 +34,14 @@ if ( ! function_exists('xml_parser_create')) * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html */ + +if ( ! function_exists('xml_parser_create')) +{ + show_error('Your PHP installation does not support XML'); +} + +// ------------------------------------------------------------------------ + class CI_Xmlrpc { public $debug = FALSE; // Debugging on or off @@ -77,13 +77,17 @@ class CI_Xmlrpc { public $xss_clean = TRUE; - //------------------------------------- - // VALUES THAT MULTIPLE CLASSES NEED - //------------------------------------- + /** + * Constructor + * + * Initializes property default values + * + * @param array + * @return void + */ public function __construct($config = array()) { - $this->xmlrpcName = $this->xmlrpcName; $this->xmlrpc_backslash = chr(92).chr(92); // Types for info sent back and forth @@ -139,10 +143,14 @@ class CI_Xmlrpc { log_message('debug', 'XML-RPC Class Initialized'); } - //------------------------------------- - // Initialize Prefs - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Initialize + * + * @param array + * @return void + */ public function initialize($config = array()) { if (count($config) > 0) @@ -156,17 +164,21 @@ class CI_Xmlrpc { } } } - // END - //------------------------------------- - // Take URL and parse it - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Parse server URL + * + * @param string url + * @param int port + * @return void + */ public function server($url, $port = 80) { if (strpos($url, 'http') !== 0) { - $url = "http://".$url; + $url = 'http://'.$url; } $parts = parse_url($url); @@ -180,12 +192,15 @@ class CI_Xmlrpc { $this->client = new XML_RPC_Client($path, $parts['host'], $port); } - // END - //------------------------------------- - // Set Timeout - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Set Timeout + * + * @param int seconds + * @return void + */ public function timeout($seconds = 5) { if ( ! is_null($this->client) && is_int($seconds)) @@ -193,27 +208,34 @@ class CI_Xmlrpc { $this->client->timeout = $seconds; } } - // END - //------------------------------------- - // Set Methods - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Set Methods + * + * @param string method name + * @return void + */ public function method($function) { $this->method = $function; } - // END - //------------------------------------- - // Take Array of Data and Create Objects - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Take Array of Data and Create Objects + * + * @param array + * @return void + */ public function request($incoming) { if ( ! is_array($incoming)) { // Send Error + return; } $this->data = array(); @@ -223,23 +245,29 @@ class CI_Xmlrpc { $this->data[$key] = $this->values_parsing($value); } } - // END - - //------------------------------------- - // Set Debug - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Set Debug + * + * @param bool + * @return void + */ public function set_debug($flag = TRUE) { $this->debug = ($flag == TRUE); } - //------------------------------------- - // Values Parsing - //------------------------------------- + // -------------------------------------------------------------------- - public function values_parsing($value, $return = FALSE) + /** + * Values Parsing + * + * @param mixed + * @return object + */ + public function values_parsing($value) { if (is_array($value) && array_key_exists(0, $value)) { @@ -267,16 +295,17 @@ class CI_Xmlrpc { return $temp; } - // END - - //------------------------------------- - // Sends XML-RPC Request - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Sends XML-RPC Request + * + * @return bool + */ public function send_request() { - $this->message = new XML_RPC_Message($this->method,$this->data); + $this->message = new XML_RPC_Message($this->method, $this->data); $this->message->debug = $this->debug; if ( ! $this->result = $this->client->send($this->message) OR ! is_object($this->result->val)) @@ -288,54 +317,62 @@ class CI_Xmlrpc { $this->response = $this->result->decode(); return TRUE; } - // END - //------------------------------------- - // Returns Error - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Returns Error + * + * @return string + */ public function display_error() { return $this->error; } - // END - //------------------------------------- - // Returns Remote Server Response - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Returns Remote Server Response + * + * @return string + */ public function display_response() { return $this->response; } - // END - //------------------------------------- - // Sends an Error Message for Server Request - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Sends an Error Message for Server Request + * + * @param int + * @param string + * @return object + */ public function send_error_message($number, $message) { return new XML_RPC_Response(0, $number, $message); } - // END + // -------------------------------------------------------------------- - //------------------------------------- - // Send Response for Server Request - //------------------------------------- - + /** + * Send Response for Server Request + * + * @param array + * @return object + */ public function send_response($response) { // $response should be array of values, which will be parsed // based on their data and type into a valid group of XML-RPC values return new XML_RPC_Response($this->values_parsing($response)); } - // END } // END XML_RPC Class - /** * XML-RPC Client class * @@ -353,6 +390,14 @@ class XML_RPC_Client extends CI_Xmlrpc public $timeout = 5; public $no_multicall = FALSE; + /** + * Constructor + * + * @param string + * @param object + * @param int + * @return void + */ public function __construct($path, $server, $port = 80) { parent::__construct(); @@ -362,18 +407,33 @@ class XML_RPC_Client extends CI_Xmlrpc $this->path = $path; } + // -------------------------------------------------------------------- + + /** + * Send message + * + * @param mixed + * @return object + */ public function send($msg) { if (is_array($msg)) { // Multi-call disabled - $r = new XML_RPC_Response(0, $this->xmlrpcerr['multicall_recursion'],$this->xmlrpcstr['multicall_recursion']); - return $r; + return new XML_RPC_Response(0, $this->xmlrpcerr['multicall_recursion'], $this->xmlrpcstr['multicall_recursion']); } return $this->sendPayload($msg); } + // -------------------------------------------------------------------- + + /** + * Send payload + * + * @param object + * @return object + */ public function sendPayload($msg) { $fp = @fsockopen($this->server, $this->port,$this->errno, $this->errstr, $this->timeout); @@ -381,8 +441,7 @@ class XML_RPC_Client extends CI_Xmlrpc if ( ! is_resource($fp)) { error_log($this->xmlrpcstr['http_error']); - $r = new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']); - return $r; + return new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']); } if (empty($msg->payload)) @@ -399,20 +458,18 @@ class XML_RPC_Client extends CI_Xmlrpc .'Content-Length: '.strlen($msg->payload).$r.$r .$msg->payload; - if ( ! fputs($fp, $op, strlen($op))) { error_log($this->xmlrpcstr['http_error']); - $r = new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']); - return $r; + return new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']); } + $resp = $msg->parseResponse($fp); fclose($fp); return $resp; } -} -// end class XML_RPC_Client +} // END XML_RPC_Client Class /** * XML-RPC Response class @@ -423,26 +480,29 @@ class XML_RPC_Client extends CI_Xmlrpc */ class XML_RPC_Response { - public $val = 0; - public $errno = 0; - public $errstr = ''; - public $headers = array(); - public $xss_clean = TRUE; - + public $val = 0; + public $errno = 0; + public $errstr = ''; + public $headers = array(); + public $xss_clean = TRUE; + + /** + * Constructor + * + * @param mixed + * @param int + * @param string + * @return void + */ public function __construct($val, $code = 0, $fstr = '') { if ($code != 0) { // error $this->errno = $code; - if ( ! is_php('5.4')) - { - $this->errstr = htmlspecialchars($fstr, ENT_NOQUOTES, 'UTF-8'); - } - else - { - $this->errstr = htmlspecialchars($fstr, ENT_XML1 | ENT_NOQUOTES, 'UTF-8'); - } + $this->errstr = htmlspecialchars($fstr, + (is_php('5.4') ? ENT_XML1 | ENT_NOQUOTES : ENT_NOQUOTES), + 'UTF-8'); } elseif ( ! is_object($val)) { @@ -456,43 +516,79 @@ class XML_RPC_Response } } + // -------------------------------------------------------------------- + + /** + * Fault code + * + * @return int + */ public function faultCode() { return $this->errno; } + // -------------------------------------------------------------------- + + /** + * Fault string + * + * @return string + */ public function faultString() { return $this->errstr; } + // -------------------------------------------------------------------- + + /** + * Value + * + * @return mixed + */ public function value() { return $this->val; } + // -------------------------------------------------------------------- + + /** + * Prepare response + * + * @return string xml + */ public function prepare_response() { return "<methodResponse>\n" - . ($this->errno - ? '<fault> + .($this->errno + ? '<fault> <value> <struct> <member> <name>faultCode</name> - <value><int>' . $this->errno . '</int></value> + <value><int>'.$this->errno.'</int></value> </member> <member> <name>faultString</name> - <value><string>' . $this->errstr . '</string></value> + <value><string>'.$this->errstr.'</string></value> </member> </struct> </value> </fault>' - : "<params>\n<param>\n".$this->val->serialize_class()."</param>\n</params>") - . "\n</methodResponse>"; + : "<params>\n<param>\n".$this->val->serialize_class()."</param>\n</params>") + ."\n</methodResponse>"; } + // -------------------------------------------------------------------- + + /** + * Decode + * + * @param mixed + * @return array + */ public function decode($array = FALSE) { $CI =& get_instance(); @@ -511,29 +607,31 @@ class XML_RPC_Response } } - $result = $array; + return $array; + } + + $result = $this->xmlrpc_decoder($this->val); + + if (is_array($result)) + { + $result = $this->decode($result); } else { - $result = $this->xmlrpc_decoder($this->val); - - if (is_array($result)) - { - $result = $this->decode($result); - } - else - { - $result = ($this->xss_clean) ? $CI->security->xss_clean($result) : $result; - } + $result = ($this->xss_clean) ? $CI->security->xss_clean($result) : $result; } return $result; } - //------------------------------------- - // XML-RPC Object to PHP Types - //------------------------------------- + // -------------------------------------------------------------------- + /** + * XML-RPC Object to PHP Types + * + * @param object + * @return array + */ public function xmlrpc_decoder($xmlrpc_val) { $kind = $xmlrpc_val->kindOf(); @@ -567,24 +665,28 @@ class XML_RPC_Response } } - //------------------------------------- - // ISO-8601 time to server or UTC time - //------------------------------------- + // -------------------------------------------------------------------- - public function iso8601_decode($time, $utc = 0) + /** + * ISO-8601 time to server or UTC time + * + * @param string + * @param bool + * @return int unix timestamp + */ + public function iso8601_decode($time, $utc = FALSE) { - // return a timet in the localtime, or UTC + // return a time in the localtime, or UTC $t = 0; if (preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $time, $regs)) { - $fnc = ($utc == 1) ? 'gmmktime' : 'mktime'; + $fnc = ($utc == TRUE) ? 'gmmktime' : 'mktime'; $t = $fnc($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); } return $t; } -} -// End Response Class +} // END XML_RPC_Response Class /** * XML-RPC Message class @@ -597,10 +699,17 @@ class XML_RPC_Message extends CI_Xmlrpc { public $payload; public $method_name; - public $params = array(); - public $xh = array(); - - public function __construct($method, $pars = 0) + public $params = array(); + public $xh = array(); + + /** + * Constructor + * + * @param string method name + * @param array + * @return void + */ + public function __construct($method, $pars = FALSE) { parent::__construct(); @@ -615,15 +724,18 @@ class XML_RPC_Message extends CI_Xmlrpc } } - //------------------------------------- - // Create Payload to Send - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Create Payload to Send + * + * @return void + */ public function createPayload() { - $this->payload = "<?xml version=\"1.0\"?".">\r\n<methodCall>\r\n" - . '<methodName>'.$this->method_name."</methodName>\r\n" - . "<params>\r\n"; + $this->payload = '<?xml version="1.0"?'.">\r\n<methodCall>\r\n" + .'<methodName>'.$this->method_name."</methodName>\r\n" + ."<params>\r\n"; for ($i = 0, $c = count($this->params); $i < $c; $i++) { @@ -635,10 +747,14 @@ class XML_RPC_Message extends CI_Xmlrpc $this->payload .= "</params>\r\n</methodCall>\r\n"; } - //------------------------------------- - // Parse External XML-RPC Server's Response - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Parse External XML-RPC Server's Response + * + * @param resource + * @return object + */ public function parseResponse($fp) { $data = ''; @@ -648,36 +764,24 @@ class XML_RPC_Message extends CI_Xmlrpc $data .= $datum; } - //------------------------------------- - // DISPLAY HTTP CONTENT for DEBUGGING - //------------------------------------- - + // Display HTTP content for debugging if ($this->debug === TRUE) { echo "<pre>---DATA---\n".htmlspecialchars($data)."\n---END DATA---\n\n</pre>"; } - //------------------------------------- - // Check for data - //------------------------------------- - + // Check for data if ($data === '') { error_log($this->xmlrpcstr['no_data']); - $r = new XML_RPC_Response(0, $this->xmlrpcerr['no_data'], $this->xmlrpcstr['no_data']); - return $r; + return new XML_RPC_Response(0, $this->xmlrpcerr['no_data'], $this->xmlrpcstr['no_data']); } - - //------------------------------------- - // Check for HTTP 200 Response - //------------------------------------- - + // Check for HTTP 200 Response if (strncmp($data, 'HTTP', 4) === 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data)) { - $errstr= substr($data, 0, strpos($data, "\n")-1); - $r = new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error'].' (' . $errstr . ')'); - return $r; + $errstr = substr($data, 0, strpos($data, "\n")-1); + return new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error'].' ('.$errstr.')'); } //------------------------------------- @@ -687,24 +791,21 @@ class XML_RPC_Message extends CI_Xmlrpc $parser = xml_parser_create($this->xmlrpc_defencoding); $this->xh[$parser] = array( - 'isf' => 0, - 'ac' => '', - 'headers' => array(), - 'stack' => array(), - 'valuestack' => array(), - 'isf_reason' => 0 + 'isf' => 0, + 'ac' => '', + 'headers' => array(), + 'stack' => array(), + 'valuestack' => array(), + 'isf_reason' => 0 ); xml_set_object($parser, $this); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, TRUE); xml_set_element_handler($parser, 'open_tag', 'closing_tag'); xml_set_character_data_handler($parser, 'character_data'); //xml_set_default_handler($parser, 'default_handler'); - //------------------------------------- - // GET HEADERS - //------------------------------------- - + // Get headers $lines = explode("\r\n", $data); while (($line = array_shift($lines))) { @@ -716,16 +817,12 @@ class XML_RPC_Message extends CI_Xmlrpc } $data = implode("\r\n", $lines); - - //------------------------------------- - // PARSE XML DATA - //------------------------------------- - + // Parse XML data if ( ! xml_parse($parser, $data, count($data))) { $errstr = sprintf('XML error: %s at line %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser)); + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser)); //error_log($errstr); $r = new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return']); xml_parser_free($parser); @@ -733,10 +830,7 @@ class XML_RPC_Message extends CI_Xmlrpc } xml_parser_free($parser); - // --------------------------------------- - // Got Ourselves Some Badness, It Seems - // --------------------------------------- - + // Got ourselves some badness, it seems if ($this->xh[$parser]['isf'] > 1) { if ($this->debug === TRUE) @@ -744,19 +838,14 @@ class XML_RPC_Message extends CI_Xmlrpc echo "---Invalid Return---\n".$this->xh[$parser]['isf_reason']."---Invalid Return---\n\n"; } - $r = new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'],$this->xmlrpcstr['invalid_return'].' '.$this->xh[$parser]['isf_reason']); - return $r; + return new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return'].' '.$this->xh[$parser]['isf_reason']); } elseif ( ! is_object($this->xh[$parser]['value'])) { - $r = new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'],$this->xmlrpcstr['invalid_return'].' '.$this->xh[$parser]['isf_reason']); - return $r; + return new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return'].' '.$this->xh[$parser]['isf_reason']); } - //------------------------------------- - // DISPLAY XML CONTENT for DEBUGGING - //------------------------------------- - + // Display XML content for debugging if ($this->debug === TRUE) { echo '<pre>'; @@ -776,10 +865,7 @@ class XML_RPC_Message extends CI_Xmlrpc echo "\n---END PARSED---</pre>"; } - //------------------------------------- - // SEND RESPONSE - //------------------------------------- - + // Send response $v = $this->xh[$parser]['value']; if ($this->xh[$parser]['isf']) { @@ -804,6 +890,8 @@ class XML_RPC_Message extends CI_Xmlrpc return $r; } + // -------------------------------------------------------------------- + // ------------------------------------ // Begin Return Message Parsing section // ------------------------------------ @@ -818,17 +906,21 @@ class XML_RPC_Message extends CI_Xmlrpc // stack - array with parent tree of the xml element, // used to validate the nesting of elements - //------------------------------------- - // Start Element Handler - //------------------------------------- + // -------------------------------------------------------------------- - public function open_tag($the_parser, $name, $attrs) + /** + * Start Element Handler + * + * @param string + * @param string + * @return void + */ + public function open_tag($the_parser, $name) { // If invalid nesting, then return if ($this->xh[$the_parser]['isf'] > 1) return; // Evaluate and check for correct nesting of XML elements - if (count($this->xh[$the_parser]['stack']) == 0) { if ($name != 'METHODRESPONSE' && $name != 'METHODCALL') @@ -838,42 +930,37 @@ class XML_RPC_Message extends CI_Xmlrpc return; } } - else + // not top level element: see if parent is OK + elseif ( ! in_array($this->xh[$the_parser]['stack'][0], $this->valid_parents[$name], TRUE)) { - // not top level element: see if parent is OK - if ( ! in_array($this->xh[$the_parser]['stack'][0], $this->valid_parents[$name], TRUE)) - { - $this->xh[$the_parser]['isf'] = 2; - $this->xh[$the_parser]['isf_reason'] = 'XML-RPC element $name cannot be child of '.$this->xh[$the_parser]['stack'][0]; - return; - } + $this->xh[$the_parser]['isf'] = 2; + $this->xh[$the_parser]['isf_reason'] = 'XML-RPC element $name cannot be child of '.$this->xh[$the_parser]['stack'][0]; + return; } - switch($name) + switch ($name) { case 'STRUCT': case 'ARRAY': // Creates array for child elements - $cur_val = array('value' => array(), 'type' => $name); - array_unshift($this->xh[$the_parser]['valuestack'], $cur_val); - break; + break; case 'METHODNAME': case 'NAME': $this->xh[$the_parser]['ac'] = ''; - break; + break; case 'FAULT': $this->xh[$the_parser]['isf'] = 1; - break; + break; case 'PARAM': $this->xh[$the_parser]['value'] = NULL; - break; + break; case 'VALUE': $this->xh[$the_parser]['vt'] = 'value'; $this->xh[$the_parser]['ac'] = ''; $this->xh[$the_parser]['lv'] = 1; - break; + break; case 'I4': case 'INT': case 'STRING': @@ -885,65 +972,70 @@ class XML_RPC_Message extends CI_Xmlrpc { //two data elements inside a value: an error occurred! $this->xh[$the_parser]['isf'] = 2; - $this->xh[$the_parser]['isf_reason'] = "'Twas a $name element following a ".$this->xh[$the_parser]['vt']." element inside a single value"; + $this->xh[$the_parser]['isf_reason'] = "'Twas a ".$name.' element following a ' + .$this->xh[$the_parser]['vt'].' element inside a single value'; return; } $this->xh[$the_parser]['ac'] = ''; - break; + break; case 'MEMBER': // Set name of <member> to nothing to prevent errors later if no <name> is found $this->xh[$the_parser]['valuestack'][0]['name'] = ''; // Set NULL value to check to see if value passed for this param/member $this->xh[$the_parser]['value'] = NULL; - break; + break; case 'DATA': case 'METHODCALL': case 'METHODRESPONSE': case 'PARAMS': // valid elements that add little to processing - break; + break; default: /// An Invalid Element is Found, so we have trouble $this->xh[$the_parser]['isf'] = 2; - $this->xh[$the_parser]['isf_reason'] = "Invalid XML-RPC element found: $name"; - break; + $this->xh[$the_parser]['isf_reason'] = 'Invalid XML-RPC element found: '.$name; + break; } // Add current element name to stack, to allow validation of nesting array_unshift($this->xh[$the_parser]['stack'], $name); - if ($name != 'VALUE') $this->xh[$the_parser]['lv'] = 0; + $name == 'VALUE' OR $this->xh[$the_parser]['lv'] = 0; } - // END - //------------------------------------- - // End Element Handler - //------------------------------------- + // -------------------------------------------------------------------- + /** + * End Element Handler + * + * @param string + * @param string + * @return void + */ public function closing_tag($the_parser, $name) { if ($this->xh[$the_parser]['isf'] > 1) return; // Remove current element from stack and set variable // NOTE: If the XML validates, then we do not have to worry about - // the opening and closing of elements. Nesting is checked on the opening + // the opening and closing of elements. Nesting is checked on the opening // tag so we be safe there as well. $curr_elem = array_shift($this->xh[$the_parser]['stack']); - switch($name) + switch ($name) { case 'STRUCT': case 'ARRAY': $cur_val = array_shift($this->xh[$the_parser]['valuestack']); - $this->xh[$the_parser]['value'] = ( ! isset($cur_val['values'])) ? array() : $cur_val['values']; + $this->xh[$the_parser]['value'] = isset($cur_val['values']) ? $cur_val['values'] : array(); $this->xh[$the_parser]['vt'] = strtolower($name); - break; + break; case 'NAME': $this->xh[$the_parser]['valuestack'][0]['name'] = $this->xh[$the_parser]['ac']; - break; + break; case 'BOOLEAN': case 'I4': case 'INT': @@ -957,56 +1049,39 @@ class XML_RPC_Message extends CI_Xmlrpc { $this->xh[$the_parser]['value'] = $this->xh[$the_parser]['ac']; } - elseif ($name=='DATETIME.ISO8601') + elseif ($name == 'DATETIME.ISO8601') { $this->xh[$the_parser]['vt'] = $this->xmlrpcDateTime; $this->xh[$the_parser]['value'] = $this->xh[$the_parser]['ac']; } - elseif ($name=='BASE64') + elseif ($name == 'BASE64') { $this->xh[$the_parser]['value'] = base64_decode($this->xh[$the_parser]['ac']); } - elseif ($name=='BOOLEAN') + elseif ($name == 'BOOLEAN') { // Translated BOOLEAN values to TRUE AND FALSE - if ($this->xh[$the_parser]['ac'] == '1') - { - $this->xh[$the_parser]['value'] = TRUE; - } - else - { - $this->xh[$the_parser]['value'] = FALSE; - } + $this->xh[$the_parser]['value'] = (bool) $this->xh[$the_parser]['ac']; } elseif ($name=='DOUBLE') { // we have a DOUBLE // we must check that only 0123456789-.<space> are characters here - if ( ! preg_match('/^[+-]?[eE0-9\t \.]+$/', $this->xh[$the_parser]['ac'])) - { - $this->xh[$the_parser]['value'] = 'ERROR_NON_NUMERIC_FOUND'; - } - else - { - $this->xh[$the_parser]['value'] = (float) $this->xh[$the_parser]['ac']; - } + $this->xh[$the_parser]['value'] = preg_match('/^[+-]?[eE0-9\t \.]+$/', $this->xh[$the_parser]['ac']) + ? (float) $this->xh[$the_parser]['ac'] + : 'ERROR_NON_NUMERIC_FOUND'; } else { // we have an I4/INT // we must check that only 0123456789-<space> are characters here - if ( ! preg_match('/^[+-]?[0-9\t ]+$/', $this->xh[$the_parser]['ac'])) - { - $this->xh[$the_parser]['value'] = 'ERROR_NON_NUMERIC_FOUND'; - } - else - { - $this->xh[$the_parser]['value'] = (int)$this->xh[$the_parser]['ac']; - } + $this->xh[$the_parser]['value'] = preg_match('/^[+-]?[0-9\t ]+$/', $this->xh[$the_parser]['ac']) + ? (int) $this->xh[$the_parset]['ac'] + : 'ERROR_NON_NUMERIC_FOUND'; } $this->xh[$the_parser]['ac'] = ''; $this->xh[$the_parser]['lv'] = 3; // indicate we've found a value - break; + break; case 'VALUE': // This if() detects if no scalar was inside <VALUE></VALUE> if ($this->xh[$the_parser]['vt']=='value') @@ -1028,44 +1103,49 @@ class XML_RPC_Message extends CI_Xmlrpc // Struct $this->xh[$the_parser]['value'] = $temp; } - break; + break; case 'MEMBER': - $this->xh[$the_parser]['ac']=''; + $this->xh[$the_parser]['ac'] = ''; // If value add to array in the stack for the last element built if ($this->xh[$the_parser]['value']) { $this->xh[$the_parser]['valuestack'][0]['values'][$this->xh[$the_parser]['valuestack'][0]['name']] = $this->xh[$the_parser]['value']; } - break; + break; case 'DATA': - $this->xh[$the_parser]['ac']=''; - break; + $this->xh[$the_parser]['ac'] = ''; + break; case 'PARAM': if ($this->xh[$the_parser]['value']) { $this->xh[$the_parser]['params'][] = $this->xh[$the_parser]['value']; } - break; + break; case 'METHODNAME': $this->xh[$the_parser]['method'] = ltrim($this->xh[$the_parser]['ac']); - break; + break; case 'PARAMS': case 'FAULT': case 'METHODCALL': case 'METHORESPONSE': // We're all good kids with nuthin' to do - break; + break; default: - // End of an Invalid Element. Taken care of during the opening tag though - break; + // End of an Invalid Element. Taken care of during the opening tag though + break; } } - //------------------------------------- - // Parses Character Data - //------------------------------------- + // -------------------------------------------------------------------- + /** + * Parse character data + * + * @param string + * @param string + * @return void + */ public function character_data($the_parser, $data) { if ($this->xh[$the_parser]['isf'] > 1) return; // XML Fault found already @@ -1078,7 +1158,7 @@ class XML_RPC_Message extends CI_Xmlrpc $this->xh[$the_parser]['lv'] = 2; // Found a value } - if ( ! @isset($this->xh[$the_parser]['ac'])) + if ( ! isset($this->xh[$the_parser]['ac'])) { $this->xh[$the_parser]['ac'] = ''; } @@ -1087,12 +1167,27 @@ class XML_RPC_Message extends CI_Xmlrpc } } + // -------------------------------------------------------------------- + /** + * Add parameter + * + * @param mixed + * @return void + */ public function addParam($par) { $this->params[] = $par; } + // -------------------------------------------------------------------- + + /** + * Output parameters + * + * @param array + * @return array + */ public function output_parameters($array = FALSE) { $CI =& get_instance(); @@ -1113,30 +1208,36 @@ class XML_RPC_Message extends CI_Xmlrpc } } - $parameters = $array; + return $array; } - else + + $parameters = array(); + + for ($i = 0, $c = count($this->params); $i < $c; $i++) { - $parameters = array(); + $a_param = $this->decode_message($this->params[$i]); - for ($i = 0, $c = count($this->params); $i < $c; $i++) + if (is_array($a_param)) { - $a_param = $this->decode_message($this->params[$i]); - - if (is_array($a_param)) - { - $parameters[] = $this->output_parameters($a_param); - } - else - { - $parameters[] = ($this->xss_clean) ? $CI->security->xss_clean($a_param) : $a_param; - } + $parameters[] = $this->output_parameters($a_param); + } + else + { + $parameters[] = ($this->xss_clean) ? $CI->security->xss_clean($a_param) : $a_param; } } return $parameters; } + // -------------------------------------------------------------------- + + /** + * Decode message + * + * @param object + * @return mixed + */ public function decode_message($param) { $kind = $param->kindOf(); @@ -1151,7 +1252,7 @@ class XML_RPC_Message extends CI_Xmlrpc $b = current($param->me); $arr = array(); - for($i = 0, $c = count($b); $i < $c; $i++) + for ($i = 0, $c = count($b); $i < $c; $i++) { $arr[] = $this->decode_message($param->me['array'][$i]); } @@ -1172,8 +1273,7 @@ class XML_RPC_Message extends CI_Xmlrpc } } -} -// End XML_RPC_Messages class +} // END XML_RPC_Message Class /** * XML-RPC Values class @@ -1187,6 +1287,13 @@ class XML_RPC_Values extends CI_Xmlrpc public $me = array(); public $mytype = 0; + /** + * Constructor + * + * @param mixed + * @param string + * @return void + */ public function __construct($val = -1, $type = '') { parent::__construct(); @@ -1210,11 +1317,20 @@ class XML_RPC_Values extends CI_Xmlrpc } } + // -------------------------------------------------------------------- + + /** + * Add scalar value + * + * @param scalar + * @param string + * @return int + */ public function addScalar($val, $type = 'string') { $typeof = $this->xmlrpcTypes[$type]; - if ($this->mytype==1) + if ($this->mytype == 1) { echo '<strong>XML_RPC_Values</strong>: scalar can have only one value<br />'; return 0; @@ -1228,7 +1344,7 @@ class XML_RPC_Values extends CI_Xmlrpc if ($type == $this->xmlrpcBoolean) { - $val = (strcasecmp($val,'true') === 0 OR $val == 1 OR ($val == TRUE && strcasecmp($val, 'false'))) ? 1 : 0; + $val = (int) (strcasecmp($val,'true') === 0 OR $val === 1 OR ($val === TRUE && strcasecmp($val, 'false'))); } if ($this->mytype == 2) @@ -1244,9 +1360,18 @@ class XML_RPC_Values extends CI_Xmlrpc $this->me[$type] = $val; $this->mytype = $typeof; } + return 1; } + // -------------------------------------------------------------------- + + /** + * Add array value + * + * @param array + * @return int + */ public function addArray($vals) { if ($this->mytype != 0) @@ -1260,6 +1385,14 @@ class XML_RPC_Values extends CI_Xmlrpc return 1; } + // -------------------------------------------------------------------- + + /** + * Add struct value + * + * @param object + * @return int + */ public function addStruct($vals) { if ($this->mytype != 0) @@ -1272,29 +1405,37 @@ class XML_RPC_Values extends CI_Xmlrpc return 1; } + // -------------------------------------------------------------------- + + /** + * Get value type + * + * @return string + */ public function kindOf() { - switch($this->mytype) + switch ($this->mytype) { - case 3: - return 'struct'; - break; - case 2: - return 'array'; - break; - case 1: - return 'scalar'; - break; - default: - return 'undef'; + case 3: return 'struct'; + case 2: return 'array'; + case 1: return 'scalar'; + default: return 'undef'; } } + // -------------------------------------------------------------------- + + /** + * Serialize data + * + * @param string + * @param mixed + */ public function serializedata($typ, $val) { $rs = ''; - switch($this->xmlrpcTypes[$typ]) + switch ($this->xmlrpcTypes[$typ]) { case 3: // struct @@ -1305,11 +1446,11 @@ class XML_RPC_Values extends CI_Xmlrpc $rs .= "<member>\n<name>{$key2}</name>\n".$this->serializeval($val2)."</member>\n"; } $rs .= '</struct>'; - break; + break; case 2: // array $rs .= "<array>\n<data>\n"; - for($i = 0, $c = count($val); $i < $c; $i++) + for ($i = 0, $c = count($val); $i < $c; $i++) { $rs .= $this->serializeval($val[$i]); } @@ -1320,29 +1461,45 @@ class XML_RPC_Values extends CI_Xmlrpc switch ($typ) { case $this->xmlrpcBase64: - $rs .= "<{$typ}>" . base64_encode((string)$val) . "</{$typ}>\n"; - break; + $rs .= '<'.$typ.'>'.base64_encode( (string) $val).'</'.$typ.">\n"; + break; case $this->xmlrpcBoolean: - $rs .= "<{$typ}>" . ((bool)$val ? '1' : '0') . "</{$typ}>\n"; - break; + $rs .= '<'.$typ.'>'.( (bool) $val ? '1' : '0').'</'.$typ.">\n"; + break; case $this->xmlrpcString: - $rs .= "<{$typ}>" . htmlspecialchars((string)$val). "</{$typ}>\n"; - break; + $rs .= '<'.$typ.'>'.htmlspecialchars( (string) $val).'</'.$typ.">\n"; + break; default: - $rs .= "<{$typ}>{$val}</{$typ}>\n"; - break; + $rs .= '<'.$typ.'>'.$val.'</'.$typ.">\n"; + break; } default: - break; + break; } + return $rs; } + // -------------------------------------------------------------------- + + /** + * Serialize class + * + * @return string + */ public function serialize_class() { return $this->serializeval($this); } + // -------------------------------------------------------------------- + + /** + * Serialize value + * + * @param object + * @return string + */ public function serializeval($o) { $ar = $o->me; @@ -1352,26 +1509,35 @@ class XML_RPC_Values extends CI_Xmlrpc return "<value>\n".$this->serializedata($typ, $val)."</value>\n"; } + // -------------------------------------------------------------------- + + /** + * Scalar value + * + * @return mixed + */ public function scalarval() { reset($this->me); return current($this->me); } - - //------------------------------------- - // Encode time in ISO-8601 form. - //------------------------------------- - - // Useful for sending time in XML-RPC - - public function iso8601_encode($time, $utc = 0) + // -------------------------------------------------------------------- + + /** + * Encode time in ISO-8601 form. + * Useful for sending time in XML-RPC + * + * @param int unix timestamp + * @param bool + * @return string + */ + public function iso8601_encode($time, $utc = FALSE) { return ($utc) ? strftime('%Y%m%dT%H:%i:%s', $time) : gmstrftime('%Y%m%dT%H:%i:%s', $time); } -} -// END XML_RPC_Values Class +} // END XML_RPC_Values Class /* End of file Xmlrpc.php */ /* Location: ./system/libraries/Xmlrpc.php */
\ No newline at end of file diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index e91e2a2ff..80438546b 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -279,7 +279,7 @@ class CI_Zip { */ public function read_dir($path, $preserve_filepath = TRUE, $root_path = NULL) { - $path = rtrim($path, '/\\').'/'; + $path = rtrim($path, '/\\').DIRECTORY_SEPARATOR; if ( ! $fp = @opendir($path)) { return FALSE; @@ -288,7 +288,7 @@ class CI_Zip { // Set the original directory root for child dir's to use as relative if ($root_path === NULL) { - $root_path = dirname($path).'/'; + $root_path = dirname($path).DIRECTORY_SEPARATOR; } while (FALSE !== ($file = readdir($fp))) @@ -300,11 +300,11 @@ class CI_Zip { if (@is_dir($path.$file)) { - $this->read_dir($path.$file.'/', $preserve_filepath, $root_path); + $this->read_dir($path.$file.DIRECTORY_SEPARATOR, $preserve_filepath, $root_path); } elseif (FALSE !== ($data = file_get_contents($path.$file))) { - $name = str_replace('\\', '/', $path); + $name = str_replace(array('\\', '/'), DIRECTORY_SEPARATOR, $path); if ($preserve_filepath === FALSE) { $name = str_replace($root_path, '', $name); |