From e3a6e9b085f95fe97deb21e103dc0fd381b8122f Mon Sep 17 00:00:00 2001
From: Phil Sturgeon
Date: Tue, 8 Feb 2011 19:43:36 +0000
Subject: MySQL Driver will now wrap field names for insert(), update() and
replace() with backticks (`) so fields like "default" and "order" will not
cause SQL errors.
---
system/database/drivers/mysql/mysql_driver.php | 16 ++++++++--------
user_guide/changelog.html | 1 +
2 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index df18c912e..c9fc1ecab 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -287,12 +287,12 @@ class CI_DB_mysql_driver extends CI_DB {
if (is_array($str))
{
foreach($str as $key => $val)
- {
+ {
$str[$key] = $this->escape_str($val, $like);
- }
+ }
- return $str;
- }
+ return $str;
+ }
if (function_exists('mysql_real_escape_string') AND is_resource($this->conn_id))
{
@@ -532,7 +532,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function _insert($table, $keys, $values)
{
- return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")";
+ return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")";
}
// --------------------------------------------------------------------
@@ -551,7 +551,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function _replace($table, $keys, $values)
{
- return "REPLACE INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")";
+ return "REPLACE INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")";
}
// --------------------------------------------------------------------
@@ -569,7 +569,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function _insert_batch($table, $keys, $values)
{
- return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values);
+ return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES ".implode(', ', $values);
}
// --------------------------------------------------------------------
@@ -592,7 +592,7 @@ class CI_DB_mysql_driver extends CI_DB {
{
foreach($values as $key => $val)
{
- $valstr[] = $key." = ".$val;
+ $valstr[] = sprintf('`%s` = %s', $key, $val);
}
$limit = ( ! $limit) ? '' : ' LIMIT '.$limit;
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index cd728226b..1201df8b2 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -74,6 +74,7 @@ Hg Tag: n/a
Bug fixes for 2.0.1
- CLI requests can now be run from any folder, not just when CD'ed next to index.php.
+ - MySQL Driver will now wrap field names for insert(), update() and replace() with backticks (`) so fields like "default" and "order" will not cause SQL errors.
Version 2.0.0
--
cgit v1.2.3-24-g4f1b