From 082ee2b054b0d61ac02fea3deb704290e8d6021a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 15:26:34 +0300 Subject: Added MSSQL/SQLSRV field escaping support with QUOTE_IDENTIFIER detection (issue #706) --- system/database/DB_driver.php | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 39c19cdf7..f559863a5 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -944,24 +944,29 @@ abstract class CI_DB_driver { return $item; } - foreach ($this->_reserved_identifiers as $id) + static $preg_ec = array(); + + if (empty($preg_ec)) { - if (strpos($item, '.'.$id) !== FALSE) + if (is_array($this->_escape_char)) { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); + $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); + } + else + { + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); } } - if (strpos($item, '.') !== FALSE) + foreach ($this->_reserved_identifiers as $id) { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + if (strpos($item, '.'.$id) !== FALSE) + { + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1], $item); + } } - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[0].'$1'.$preg_ec[1].'$2', $item); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b