From 082ee2b054b0d61ac02fea3deb704290e8d6021a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 15:26:34 +0300 Subject: Added MSSQL/SQLSRV field escaping support with QUOTE_IDENTIFIER detection (issue #706) --- system/database/DB_driver.php | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 39c19cdf7..f559863a5 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -944,24 +944,29 @@ abstract class CI_DB_driver { return $item; } - foreach ($this->_reserved_identifiers as $id) + static $preg_ec = array(); + + if (empty($preg_ec)) { - if (strpos($item, '.'.$id) !== FALSE) + if (is_array($this->_escape_char)) { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); + $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); + } + else + { + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); } } - if (strpos($item, '.') !== FALSE) + foreach ($this->_reserved_identifiers as $id) { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + if (strpos($item, '.'.$id) !== FALSE) + { + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1], $item); + } } - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[0].'$1'.$preg_ec[1].'$2', $item); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 9637b40ca9e9ac1cdce2b895d3db09848a6eef76 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 15:39:24 +0300 Subject: escape_identifiers() to accept arrays as well --- system/database/DB_driver.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index f559863a5..6188c9447 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -934,8 +934,8 @@ abstract class CI_DB_driver { * * This function escapes column and table names * - * @param string - * @return string + * @param mixed + * @return mixed */ public function escape_identifiers($item) { @@ -943,6 +943,15 @@ abstract class CI_DB_driver { { return $item; } + elseif (is_array($item)) + { + foreach ($item as $key => $value) + { + $item[$key] = $this->escape_identifiers($value); + } + + return $item; + } static $preg_ec = array(); -- cgit v1.2.3-24-g4f1b From a593c69de4ea125c096f611c78dd0839489e7ebd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 17:50:26 +0300 Subject: Fix issue #1447 --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 6188c9447..65f1f18d0 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -971,7 +971,7 @@ abstract class CI_DB_driver { { if (strpos($item, '.'.$id) !== FALSE) { - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1], $item); + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[0].'$1'.$preg_ec[1].'.', $item); } } -- cgit v1.2.3-24-g4f1b From 5a257187c4ca09ea61c19999bf061cec3f224cc2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 06:18:14 +0300 Subject: Merge branch 2.1-stable into develop --- system/database/DB_driver.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 65f1f18d0..f5a7e2ac0 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1307,14 +1307,16 @@ abstract class CI_DB_driver { } // Convert tabs or multiple spaces into single spaces - $item = preg_replace('/[\t ]+/', ' ', $item); + $item = preg_replace('/\s+/', ' ', $item); // If the item has an alias declaration we remove it and set it aside. // Basically we remove everything to the right of the first space - if (strpos($item, ' ') !== FALSE) + if (preg_match('/^([^\s]+) (AS )*(.+)$/i', $item, $matches)) { - $alias = strstr($item, ' '); - $item = substr($item, 0, - strlen($alias)); + $item = $matches[1]; + + // Escape the alias + $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]); } else { -- cgit v1.2.3-24-g4f1b From bf94058d537efc78ed2df7009db8b3261ff44619 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 07:05:05 +0300 Subject: Fix issue #1452 --- system/database/DB_driver.php | 51 ++++++++++++++++++++++++++++++++----------- 1 file changed, 38 insertions(+), 13 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index f5a7e2ac0..e34021e50 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1300,38 +1300,63 @@ abstract class CI_DB_driver { $escaped_array = array(); foreach ($item as $k => $v) { - $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v); + $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v, $prefix_single, $protect_identifiers, $field_exists); } return $escaped_array; } + // This is basically a bug fix for queries that use MAX, MIN, etc. + // If a parenthesis is found we know that we do not need to + // escape the data or add a prefix. There's probably a more graceful + // way to deal with this, but I'm not thinking of it -- Rick + if (strpos($item, '(') !== FALSE) + { + return $item.$alias; + } + // Convert tabs or multiple spaces into single spaces $item = preg_replace('/\s+/', ' ', $item); + static $preg_ec = array(); + + if (empty($preg_ec)) + { + if (is_array($this->_escape_char)) + { + $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); + } + else + { + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); + } + } + // If the item has an alias declaration we remove it and set it aside. // Basically we remove everything to the right of the first space - if (preg_match('/^([^\s]+) (AS )*(.+)$/i', $item, $matches)) + preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', 'Test table]', $matches); + + if (isset($matches[4])) { $item = $matches[1]; - // Escape the alias - $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]); + // Escape the alias, if needed + if ($protect_identifiers === TRUE) + { + $alias = empty($matches[5]) + ? ' '.$this->escape_identifiers(ltrim($matches[4])) + : $matches[4].' '.$this->escape_identifiers(ltrim($matches[5])); + } + else + { + $alias = $matches[4].$matches[5]; + } } else { $alias = ''; } - // This is basically a bug fix for queries that use MAX, MIN, etc. - // If a parenthesis is found we know that we do not need to - // escape the data or add a prefix. There's probably a more graceful - // way to deal with this, but I'm not thinking of it -- Rick - if (strpos($item, '(') !== FALSE) - { - return $item.$alias; - } - // Break the string apart if it contains periods, then insert the table prefix // in the correct location, assuming the period doesn't indicate that we're dealing // with an alias. While we're at it, we will escape the components -- cgit v1.2.3-24-g4f1b From b30426d50d84631201bcdc93439feaa37ce71df9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 14:08:29 +0300 Subject: Fix count_all() --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e34021e50..d6f9f9c17 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1334,7 +1334,7 @@ abstract class CI_DB_driver { // If the item has an alias declaration we remove it and set it aside. // Basically we remove everything to the right of the first space - preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', 'Test table]', $matches); + preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', $item, $matches); if (isset($matches[4])) { -- cgit v1.2.3-24-g4f1b From d454f0e413ba6df6494b6c0da4d32fac8a17de1c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 14:51:04 +0300 Subject: Add BETWEEN to _has_operator() --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index d6f9f9c17..48f9fb5ac 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1062,7 +1062,7 @@ abstract class CI_DB_driver { */ protected function _has_operator($str) { - return (bool) preg_match('/(\s|<|>|!|=|IS NULL|IS NOT NULL)/i', trim($str)); + return (bool) preg_match('/(\s|<|>|!|=|IS NULL|IS NOT NULL|BETWEEN)/i', trim($str)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 4db16326a0418776f10802ecdcccb385ff67e363 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 15:12:02 +0300 Subject: Remove a non-existent variable usage --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 48f9fb5ac..079ee8d05 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1312,7 +1312,7 @@ abstract class CI_DB_driver { // way to deal with this, but I'm not thinking of it -- Rick if (strpos($item, '(') !== FALSE) { - return $item.$alias; + return $item; } // Convert tabs or multiple spaces into single spaces -- cgit v1.2.3-24-g4f1b From 4e9538fe19b09c0dc588542cfb7f793348b83bf7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 12 Jun 2012 14:16:53 +0300 Subject: Fix issue #145 --- system/database/DB_driver.php | 26 +++++++++----------------- 1 file changed, 9 insertions(+), 17 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 079ee8d05..88a3b388f 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -596,35 +596,27 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (strpos($sql, $this->bind_marker) === FALSE) + if (preg_match_all('/(>|<|=|!)\s*('.preg_quote($this->bind_marker).')/i', $sql, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE) !== count($binds)) { return $sql; } - - if ( ! is_array($binds)) + elseif ( ! is_array($binds)) { $binds = array($binds); } - - // Get the sql segments around the bind markers - $segments = explode($this->bind_marker, $sql); - - // The count of bind should be 1 less then the count of segments - // If there are more bind arguments trim it down - if (count($binds) >= count($segments)) + else { - $binds = array_slice($binds, 0, count($segments)-1); + // Make sure we're using numeric keys + $binds = array_values($binds); } - // Construct the binded query - $result = $segments[0]; - $i = 0; - foreach ($binds as $bind) + + for ($i = count($matches) - 1; $i >= 0; $i--) { - $result .= $this->escape($bind).$segments[++$i]; + $sql = substr_replace($sql, $this->escape($binds[$i]), $matches[$i][2][1], 1); } - return $result; + return $sql; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 97827bc9ddad61f51ceb595e8b8b5441d4d991c2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 12 Jun 2012 21:20:05 +0300 Subject: Fix issue #1460 --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 88a3b388f..63d3372cf 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -596,7 +596,7 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (preg_match_all('/(>|<|=|!)\s*('.preg_quote($this->bind_marker).')/i', $sql, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE) !== count($binds)) + if (preg_match_all('/(>|<|=|!|BETWEEN\s|AND\s)\s*('.preg_quote($this->bind_marker).')/i', $sql, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE) !== count($binds)) { return $sql; } -- cgit v1.2.3-24-g4f1b From 29953ddc989e2ae26afedefd99e347f2d692d0ec Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 12 Jun 2012 21:48:13 +0300 Subject: Additional improvements to compile_binds() --- system/database/DB_driver.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 63d3372cf..e0266b2b6 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -596,7 +596,12 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (preg_match_all('/(>|<|=|!|BETWEEN\s|AND\s)\s*('.preg_quote($this->bind_marker).')/i', $sql, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE) !== count($binds)) + if (empty($binds)) OR empty($this->bind_marker)) + { + return $sql; + } + elseif (preg_match_all('/(>|<|=|!|BETWEEN\s|AND\s)\s*('.preg_quote($this->bind_marker).')/i', + $sql, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE) !== count($binds)) { return $sql; } @@ -610,10 +615,9 @@ abstract class CI_DB_driver { $binds = array_values($binds); } - - for ($i = count($matches) - 1; $i >= 0; $i--) + for ($i = count($matches) - 1, $l = strlen($this->bind_marker); $i >= 0; $i--) { - $sql = substr_replace($sql, $this->escape($binds[$i]), $matches[$i][2][1], 1); + $sql = substr_replace($sql, $this->escape($binds[$i]), $matches[$i][2][1], $l); } return $sql; -- cgit v1.2.3-24-g4f1b From 63779194b6788edfa8899ed3c86c653d0933ce3b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 13 Jun 2012 10:04:49 +0300 Subject: Fix a syntax error --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e0266b2b6..e04463429 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -596,7 +596,7 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (empty($binds)) OR empty($this->bind_marker)) + if (empty($binds) OR empty($this->bind_marker)) { return $sql; } -- cgit v1.2.3-24-g4f1b From 10cbdf091b3cdbc72847dad28a1dce03a92119b6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 13 Jun 2012 13:32:30 +0300 Subject: Really fix compile_binds() --- system/database/DB_driver.php | 44 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e04463429..1fece5cf7 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -596,28 +596,54 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (empty($binds) OR empty($this->bind_marker)) - { - return $sql; - } - elseif (preg_match_all('/(>|<|=|!|BETWEEN\s|AND\s)\s*('.preg_quote($this->bind_marker).')/i', - $sql, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE) !== count($binds)) + if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) { return $sql; } elseif ( ! is_array($binds)) { - $binds = array($binds); + $binds = array($this->escape($binds)); + $bind_count = 1; } else { // Make sure we're using numeric keys $binds = array_values($binds); + $bind_count = count($binds); + + // Escape the bind values + for ($i = 0; $i < $bind_count; $i++) + { + $binds[$i] = $this->escape($binds[$i]); + } } - for ($i = count($matches) - 1, $l = strlen($this->bind_marker); $i >= 0; $i--) + // Make sure not to replace a chunk inside a string that happens to match the bind marker + if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) + { + $ml = strlen($this->bind_marker); + $c = preg_match_all('/'.preg_quote($this->bind_marker).'/i', + str_replace($matches[0], + str_replace($this->bind_marker, str_repeat(' ', $ml), $matches[0]), + $sql, $c), + $matches, PREG_OFFSET_CAPTURE); + + // Bind values' count must match the count of markers in the query + if ($bind_count !== $c) + { + return $sql; + } + + do + { + $c--; + $sql = substr_replace($sql, $binds[$c], $matches[0][$c][1], $ml); + } + while ($c !== 0); + } + elseif (substr_count($sql, $this->bind_marker) === count($binds)) { - $sql = substr_replace($sql, $this->escape($binds[$i]), $matches[$i][2][1], $l); + return str_replace($this->bind_marker, $binds, $sql, $bind_count); } return $sql; -- cgit v1.2.3-24-g4f1b From af915ce01e4e5424a7a4ea67e4e3018a40752a89 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 13 Jun 2012 19:03:06 +0300 Subject: Switch compile_binds() to use substr_replace() instead of str_replace() --- system/database/DB_driver.php | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) (limited to 'system/database/DB_driver.php') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 1fece5cf7..d056bdb90 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -602,7 +602,7 @@ abstract class CI_DB_driver { } elseif ( ! is_array($binds)) { - $binds = array($this->escape($binds)); + $binds = array($binds); $bind_count = 1; } else @@ -610,18 +610,14 @@ abstract class CI_DB_driver { // Make sure we're using numeric keys $binds = array_values($binds); $bind_count = count($binds); - - // Escape the bind values - for ($i = 0; $i < $bind_count; $i++) - { - $binds[$i] = $this->escape($binds[$i]); - } } + // We'll need the marker length later + $ml = strlen($this->bind_marker); + // Make sure not to replace a chunk inside a string that happens to match the bind marker if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) { - $ml = strlen($this->bind_marker); $c = preg_match_all('/'.preg_quote($this->bind_marker).'/i', str_replace($matches[0], str_replace($this->bind_marker, str_repeat(' ', $ml), $matches[0]), @@ -633,18 +629,18 @@ abstract class CI_DB_driver { { return $sql; } - - do - { - $c--; - $sql = substr_replace($sql, $binds[$c], $matches[0][$c][1], $ml); - } - while ($c !== 0); } - elseif (substr_count($sql, $this->bind_marker) === count($binds)) + elseif (($c = preg_match_all('/'.preg_quote($this->bind_marker).'/i', $sql, $matches, PREG_OFFSET_CAPTURE)) !== $bind_count) + { + return $sql; + } + + do { - return str_replace($this->bind_marker, $binds, $sql, $bind_count); + $c--; + $sql = substr_replace($sql, $this->escape($binds[$c]), $matches[0][$c][1], $ml); } + while ($c !== 0); return $sql; } -- cgit v1.2.3-24-g4f1b