From 31d28fda8bd01ff0c7a2f196bf072bf9d84a83fe Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Mon, 31 Oct 2016 09:35:29 +0200
Subject: Merge pull request #4886 from tianhe1986/develop_dbdriver_quote

Detect double-quoted strings in DB::compile_binds()
---
 system/database/DB_driver.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/database/DB_driver.php')

diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 7ae52a307..fcc15eee5 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1000,7 +1000,7 @@ abstract class CI_DB_driver {
 		$ml = strlen($this->bind_marker);
 
 		// Make sure not to replace a chunk inside a string that happens to match the bind marker
-		if ($c = preg_match_all("/'[^']*'/i", $sql, $matches))
+		if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches))
 		{
 			$c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i',
 				str_replace($matches[0],
-- 
cgit v1.2.3-24-g4f1b