From 9859cb032ab5b702bd91d4aafbf5119c0f7d200a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Jul 2012 13:07:58 +0300 Subject: escape_identifiers() to not escape string literals inside double quotes as well --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e9efc8914..d63a1d955 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -985,7 +985,7 @@ abstract class CI_DB_driver { return $item; } // Avoid breaking functions and literal values inside queries - elseif (ctype_digit($item) OR $item[0] === "'" OR strpos($item, '(') !== FALSE) + elseif (ctype_digit($item) OR $item[0] === "'" OR ($this->_escape_char !== '"' && $item[0] === '"') OR strpos($item, '(') !== FALSE) { return $item; } -- cgit v1.2.3-24-g4f1b