From 0e857631f5c6f38c5715450ea3f6ff514ac65b2c Mon Sep 17 00:00:00 2001 From: kenjis Date: Fri, 2 Sep 2011 08:41:17 +0900 Subject: fixes potential SQL injection vector in Active Record offset() --- system/database/DB_active_rec.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_active_rec.php') diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 37d162bc1..89766e304 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -894,7 +894,7 @@ class CI_DB_active_record extends CI_DB_driver { */ public function offset($offset) { - $this->ar_offset = $offset; + $this->ar_offset = (int) $offset; return $this; } -- cgit v1.2.3-24-g4f1b From bff3dfda42b58289c41f88342a0ab17846f52f3b Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 7 Sep 2011 18:54:25 +0200 Subject: Use NULL as the default value for offset in limit(x, offset) so that default is not LIMIT 0. --- system/database/DB_active_rec.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/database/DB_active_rec.php') diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 89766e304..7162e2ac5 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -872,11 +872,11 @@ class CI_DB_active_record extends CI_DB_driver { * @param integer the offset value * @return object */ - public function limit($value, $offset = '') + public function limit($value, $offset = NULL) { $this->ar_limit = (int) $value; - if ($offset != '') + if ( ! is_null($offset)) { $this->ar_offset = (int) $offset; } -- cgit v1.2.3-24-g4f1b From 8b4d83b23b3b93e8042b01d9117f496206b309c0 Mon Sep 17 00:00:00 2001 From: Juan José González Date: Tue, 27 Sep 2011 17:21:14 -0500 Subject: Fixing issue 465: select_max is adding prefix to table aliases when is not necessary --- system/database/DB_active_rec.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_active_rec.php') diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 7162e2ac5..83518232e 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -196,7 +196,7 @@ class CI_DB_active_record extends CI_DB_driver { $alias = $this->_create_alias_from_table(trim($select)); } - $sql = $type.'('.$this->_protect_identifiers(trim($select)).') AS '.$this->_protect_identifiers(trim($alias)); + $sql = $this->_protect_identifiers($type.'('.trim($select).')').' AS '.$this->_protect_identifiers(trim($alias)); $this->ar_select[] = $sql; -- cgit v1.2.3-24-g4f1b