From 7b5eb7310e5980ffb23fde8a11261e4a40c3b90e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 24 May 2012 20:52:41 +0300 Subject: Fix issue #1273 and some cleanup in Query Builder --- system/database/DB_query_builder.php | 43 +++++++++++++++--------------------- 1 file changed, 18 insertions(+), 25 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index d0af66de1..cee4354e9 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -211,8 +211,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $alias = $this->_create_alias_from_table(trim($select)); } - $sql = $this->protect_identifiers($type.'('.trim($select).')').' AS '.$this->protect_identifiers(trim($alias)); - + $sql = $this->protect_identifiers($type.'('.trim($select).')').' AS '.$this->escape_identifiers(trim($alias)); + $this->qb_select[] = $sql; $this->qb_no_escape[] = NULL; @@ -256,7 +256,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function distinct($val = TRUE) { - $this->qb_distinct = (is_bool($val)) ? $val : TRUE; + $this->qb_distinct = is_bool($val) ? $val : TRUE; return $this; } @@ -272,7 +272,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function from($from) { - foreach ((array)$from as $val) + foreach ((array) $from as $val) { if (strpos($val, ',') !== FALSE) { @@ -1111,6 +1111,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return $result; } + // -------------------------------------------------------------------- + /** * "Count All Results" query * @@ -1139,6 +1141,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $row = $result->row(); return (int) $row->numrows; } + // -------------------------------------------------------------------- /** @@ -1401,16 +1404,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; } - if ($table == '') + if ($table != '') { - if ( ! isset($this->qb_from[0])) - { - return ($this->db_debug) ? $this->display_error('db_must_set_table') : FALSE; - } + $this->qb_from[0] = $table; } - else + elseif ( ! isset($this->qb_from[0])) { - $this->qb_from[0] = $table; + return ($this->db_debug) ? $this->display_error('db_must_set_table') : FALSE; } return TRUE; @@ -1600,16 +1600,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; } - if ($table == '') + if ($table != '') { - if ( ! isset($this->qb_from[0])) - { - return ($this->db_debug) ? $this->display_error('db_must_set_table') : FALSE; - } + $this->qb_from[0] = $table; } - else + elseif ( ! isset($this->qb_from[0])) { - $this->qb_from[0] = $table; + return ($this->db_debug) ? $this->display_error('db_must_set_table') : FALSE; } return TRUE; @@ -1696,15 +1693,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $index_set = TRUE; } - else - { - $not[] = $k.'-'.$v; - } $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2); } - if ($index_set == FALSE) + if ($index_set === FALSE) { return $this->display_error('db_batch_missing_index'); } @@ -2102,7 +2095,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param object * @return array */ - public function _object_to_array($object) + protected function _object_to_array($object) { if ( ! is_object($object)) { @@ -2132,7 +2125,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param object * @return array */ - public function _object_to_array_batch($object) + protected function _object_to_array_batch($object) { if ( ! is_object($object)) { -- cgit v1.2.3-24-g4f1b From 48a2baf0e288accd206f5da5031d29076e130792 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 2 Jun 2012 11:09:54 +0100 Subject: Replaced `==` with `===` and `!=` with `!==` in /system/database --- system/database/DB_query_builder.php | 60 ++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 30 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index cee4354e9..45d68cd39 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -97,7 +97,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $val = trim($val); - if ($val != '') + if ($val !== '') { $this->qb_select[] = $val; $this->qb_no_escape[] = $escape; @@ -194,7 +194,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _max_min_avg_sum($select = '', $alias = '', $type = 'MAX') { - if ( ! is_string($select) OR $select == '') + if ( ! is_string($select) OR $select === '') { $this->display_error('db_invalid_query'); } @@ -206,7 +206,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { show_error('Invalid function type: '.$type); } - if ($alias == '') + if ($alias === '') { $alias = $this->_create_alias_from_table(trim($select)); } @@ -325,7 +325,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function join($table, $cond, $type = '') { - if ($type != '') + if ($type !== '') { $type = strtoupper(trim($type)); @@ -691,7 +691,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // some platforms require an escape sequence definition for LIKE wildcards - if ($this->_like_escape_str != '') + if ($this->_like_escape_str !== '') { $like_statement = $like_statement.sprintf($this->_like_escape_str, $this->_like_escape_chr); } @@ -829,7 +829,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $val = trim($val); - if ($val != '') + if ($val !== '') { $this->qb_groupby[] = $val = $this->protect_identifiers($val); @@ -908,7 +908,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $k .= ' = '; } - if ($v != '') + if ($v !== '') { $v = ' '.$this->escape($v); } @@ -941,7 +941,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $orderby = ''; // Random results want or don't need a field name $direction = $this->_random_keyword; } - elseif (trim($direction) != '') + elseif (trim($direction) !== '') { $direction = (in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE)) ? ' '.$direction : ' ASC'; } @@ -963,7 +963,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $orderby = implode(', ', $temp); } - elseif ($direction != $this->_random_keyword) + elseif ($direction !== $this->_random_keyword) { if ($escape === TRUE) { @@ -1064,7 +1064,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function get_compiled_select($table = '', $reset = TRUE) { - if ($table != '') + if ($table !== '') { $this->_track_aliases($table); $this->from($table); @@ -1095,7 +1095,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function get($table = '', $limit = null, $offset = null) { - if ($table != '') + if ($table !== '') { $this->_track_aliases($table); $this->from($table); @@ -1124,7 +1124,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function count_all_results($table = '') { - if ($table != '') + if ($table !== '') { $this->_track_aliases($table); $this->from($table); @@ -1156,7 +1156,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function get_where($table = '', $where = null, $limit = null, $offset = null) { - if ($table != '') + if ($table !== '') { $this->from($table); } @@ -1204,7 +1204,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return FALSE; } - if ($table == '') + if ($table === '') { if ( ! isset($this->qb_from[0])) { @@ -1404,7 +1404,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; } - if ($table != '') + if ($table !== '') { $this->qb_from[0] = $table; } @@ -1439,7 +1439,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; } - if ($table == '') + if ($table === '') { if ( ! isset($this->qb_from[0])) { @@ -1530,12 +1530,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return FALSE; } - if ($where != NULL) + if ($where !== NULL) { $this->where($where); } - if ($limit != NULL) + if ($limit !== NULL) { $this->limit($limit); } @@ -1595,12 +1595,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _validate_update($table = '') { - if (count($this->qb_set) == 0) + if (count($this->qb_set) === 0) { return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; } - if ($table != '') + if ($table !== '') { $this->qb_from[0] = $table; } @@ -1644,7 +1644,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; } - if ($table == '') + if ($table === '') { if ( ! isset($this->qb_from[0])) { @@ -1689,7 +1689,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $clean = array(); foreach ($v as $k2 => $v2) { - if ($k2 == $index) + if ($k2 === $index) { $index_set = TRUE; } @@ -1720,7 +1720,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function empty_table($table = '') { - if ($table == '') + if ($table === '') { if ( ! isset($this->qb_from[0])) { @@ -1753,7 +1753,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function truncate($table = '') { - if ($table == '') + if ($table === '') { if ( ! isset($this->qb_from[0])) { @@ -1827,7 +1827,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Combine any cached components with the current statements $this->_merge_cache(); - if ($table == '') + if ($table === '') { if ( ! isset($this->qb_from[0])) { @@ -1851,12 +1851,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $table = $this->protect_identifiers($table, TRUE, NULL, FALSE); } - if ($where != '') + if ($where !== '') { $this->where($where); } - if ($limit != NULL) + if ($limit !== NULL) { $this->limit($limit); } @@ -1912,7 +1912,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function dbprefix($table = '') { - if ($table == '') + if ($table === '') { $this->display_error('db_table_name_required'); } @@ -2072,7 +2072,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $sql .= "\nORDER BY ".implode(', ', $this->qb_orderby); if ($this->qb_order !== FALSE) { - $sql .= ($this->qb_order == 'desc') ? ' DESC' : ' ASC'; + $sql .= ($this->qb_order === 'desc') ? ' DESC' : ' ASC'; } } @@ -2106,7 +2106,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach (get_object_vars($object) as $key => $val) { // There are some built in keys we need to ignore for this conversion - if ( ! is_object($val) && ! is_array($val) && $key != '_parent_name') + if ( ! is_object($val) && ! is_array($val) && $key !== '_parent_name') { $array[$key] = $val; } -- cgit v1.2.3-24-g4f1b From e4c30195c5f6dc7a144cfe4ee160b18626626612 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 4 Jun 2012 15:08:24 +0300 Subject: Revert/optimize some changes from 48a2baf0e288accd206f5da5031d29076e130792 --- system/database/DB_query_builder.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index ccfd9bfc6..c8a161929 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1535,7 +1535,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->where($where); } - if ($limit !== NULL) + if ($limit != NULL) { $this->limit($limit); } @@ -1856,7 +1856,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->where($where); } - if ($limit !== NULL) + if ($limit != NULL) { $this->limit($limit); } @@ -2336,4 +2336,4 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } /* End of file DB_query_builder.php */ -/* Location: ./system/database/DB_query_builder.php */ +/* Location: ./system/database/DB_query_builder.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From fc11dcc82cefa7299e6f8c74d0e005ebb6fa568c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 4 Jun 2012 16:39:19 +0300 Subject: Alter SQLite3's version() method and clear some spaces --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index c8a161929..7a0ea0c30 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -672,7 +672,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $k = $this->protect_identifiers($k); $prefix = (count($this->qb_like) === 0) ? '' : $type; $v = $this->escape_like_str($v); - + if ($side === 'none') { $like_statement = "{$prefix} $k $not LIKE '{$v}'"; -- cgit v1.2.3-24-g4f1b From c78e56a7df140ee777ffc67687877f3e70c77e28 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 02:12:07 +0300 Subject: Add a default _from_tables() method to CI_DB_query_builder and remove it from most of the drivers --- system/database/DB_query_builder.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7a0ea0c30..3ed556212 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1474,6 +1474,24 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- + /** + * From Tables + * + * This public function implicitly groups FROM tables so there is no confusion + * about operator precedence in harmony with SQL standards + * + * @param array + * @return string + */ + protected function _from_tables($tables) + { + is_array($tables) OR $tables = array($tables); + + return (count($tables) === 1) ? $tables[0] : '('.implode(', ', $tables).')'; + } + + // -------------------------------------------------------------------- + /** * Get UPDATE query string * -- cgit v1.2.3-24-g4f1b From 6600b6965d99e53408356f04f69703396c9c7d5f Mon Sep 17 00:00:00 2001 From: Rafael Queiroz Date: Fri, 8 Jun 2012 14:34:20 -0300 Subject: Return $this when values ($key OR $values) is NULL --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 3ed556212..5d0a2ae2c 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -547,7 +547,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { if ($key === NULL OR $values === NULL) { - return; + return $this; } $type = $this->_group_get_type($type); -- cgit v1.2.3-24-g4f1b From 5a257187c4ca09ea61c19999bf061cec3f224cc2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 06:18:14 +0300 Subject: Merge branch 2.1-stable into develop --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 5d0a2ae2c..3b45bbada 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1985,7 +1985,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if (strpos($table, ' ') !== FALSE) { // if the alias is written with the AS keyword, remove it - $table = preg_replace('/ AS /i', ' ', $table); + $table = preg_replace('/\s+AS\s+/i', ' ', $table); // Grab the alias $table = trim(strrchr($table, ' ')); -- cgit v1.2.3-24-g4f1b From 9c14f650c86f54f950695e0c628b33a59d4dd10b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 14:35:07 +0300 Subject: Fix _where() escaping operators --- system/database/DB_query_builder.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 3b45bbada..7a54fce48 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -426,6 +426,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $k = $this->_has_operator($k) + ? $this->protect_identifiers(substr($k, 0, strrpos(rtrim($k), ' ')), FALSE, $escape).strrchr(rtrim($k), ' ') + : $this->protect_identifiers($k, FALSE, $escape); + if (is_null($v) && ! $this->_has_operator($k)) { // value appears not to have been set, assign the test to IS NULL @@ -436,7 +440,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { if ($escape === TRUE) { - $k = $this->protect_identifiers($k, FALSE, $escape); $v = ' '.$this->escape($v); } @@ -445,10 +448,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $k .= ' = '; } } - else - { - $k = $this->protect_identifiers($k, FALSE, $escape); - } $this->qb_where[] = $prefix.$k.$v; if ($this->qb_caching === TRUE) -- cgit v1.2.3-24-g4f1b From 392b6ad264f045a5b9c19d51d09cb9f5a8675e8a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 10 Jun 2012 15:08:59 +0300 Subject: Fix _where() with multiple condition custom query --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7a54fce48..65e2fa749 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -427,7 +427,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strrpos(rtrim($k), ' ')), FALSE, $escape).strrchr(rtrim($k), ' ') + ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') : $this->protect_identifiers($k, FALSE, $escape); if (is_null($v) && ! $this->_has_operator($k)) -- cgit v1.2.3-24-g4f1b From 650b4c000242ad90ed1ca1e56bdee7d42dbdedaa Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jun 2012 12:07:15 +0300 Subject: Remove unused qb_order property + other minor changes --- system/database/DB_query_builder.php | 46 +++++++++++++----------------------- 1 file changed, 17 insertions(+), 29 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 65e2fa749..b9d77f1fb 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -53,7 +53,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { protected $qb_keys = array(); protected $qb_limit = FALSE; protected $qb_offset = FALSE; - protected $qb_order = FALSE; protected $qb_orderby = array(); protected $qb_set = array(); protected $qb_wherein = array(); @@ -942,7 +941,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } elseif (trim($direction) !== '') { - $direction = (in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE)) ? ' '.$direction : ' ASC'; + $direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC'; } @@ -962,12 +961,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $orderby = implode(', ', $temp); } - elseif ($direction !== $this->_random_keyword) + elseif ($direction !== $this->_random_keyword && $escape === TRUE) { - if ($escape === TRUE) - { - $orderby = $this->protect_identifiers($orderby); - } + $orderby = $this->protect_identifiers($orderby); } $this->qb_orderby[] = $orderby_statement = $orderby.$direction; @@ -994,7 +990,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $this->qb_limit = (int) $value; - if ( ! is_null($offset)) + if ( ! empty($offset)) { $this->qb_offset = (int) $offset; } @@ -1069,7 +1065,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->from($table); } - $select = $this->_compile_select(); + $select = $this->_compile_select(); if ($reset === TRUE) { @@ -1092,7 +1088,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the offset clause * @return object */ - public function get($table = '', $limit = null, $offset = null) + public function get($table = '', $limit = NULL, $offset = NULL) { if ($table !== '') { @@ -1100,7 +1096,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->from($table); } - if ( ! is_null($limit)) + if ( ! empty($limit)) { $this->limit($limit, $offset); } @@ -1165,7 +1161,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->where($where); } - if ( ! is_null($limit)) + if ( ! empty($limit)) { $this->limit($limit, $offset); } @@ -1274,11 +1270,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ksort($row); // puts $row in the same order as our keys - if ($escape === FALSE) - { - $this->qb_set[] = '('.implode(',', $row).')'; - } - else + if ($escape !== FALSE) { $clean = array(); foreach ($row as $value) @@ -1286,8 +1278,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $clean[] = $this->escape($value); } - $this->qb_set[] = '('.implode(',', $clean).')'; + $row = $clean; } + + $this->qb_set[] = '('.implode(',', $row).')'; } foreach ($keys as $k) @@ -1552,7 +1546,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->where($where); } - if ($limit != NULL) + if ( ! empty($limit)) { $this->limit($limit); } @@ -1873,7 +1867,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->where($where); } - if ($limit != NULL) + if ( ! empty($limit)) { $this->limit($limit); } @@ -1914,7 +1908,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return 'DELETE FROM '.$table .(count($conditions) > 0 ? ' WHERE '.implode(' AND ', $conditions) : '') - .($limit ? ' LIMIT '.$limit : ''); + .($limit ? ' LIMIT '.(int) $limit : ''); } // -------------------------------------------------------------------- @@ -2087,10 +2081,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if (count($this->qb_orderby) > 0) { $sql .= "\nORDER BY ".implode(', ', $this->qb_orderby); - if ($this->qb_order !== FALSE) - { - $sql .= ($this->qb_order === 'desc') ? ' DESC' : ' ASC'; - } } // Write the "LIMIT" portion of the query @@ -2320,8 +2310,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { 'qb_no_escape' => array(), 'qb_distinct' => FALSE, 'qb_limit' => FALSE, - 'qb_offset' => FALSE, - 'qb_order' => FALSE + 'qb_offset' => FALSE ) ); } @@ -2344,8 +2333,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { 'qb_like' => array(), 'qb_orderby' => array(), 'qb_keys' => array(), - 'qb_limit' => FALSE, - 'qb_order' => FALSE + 'qb_limit' => FALSE ) ); } -- cgit v1.2.3-24-g4f1b From 88cb278a1e52dd7db5b0ebe2037c12f0dd69c0c1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jun 2012 20:40:50 +0300 Subject: Fix issue #1456 --- system/database/DB_query_builder.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index b9d77f1fb..7490639dd 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -953,7 +953,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $part = trim($part); if ( ! in_array($part, $this->qb_aliased_tables)) { - $part = $this->protect_identifiers(trim($part)); + $part = preg_match('/^(.+)\s+(ASC|DESC)$/i', $part, $matches) + ? $this->protect_identifiers(rtrim($matches[1])).' '.$matches[2] + : $this->protect_identifiers($part); } $temp[] = $part; @@ -963,7 +965,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } elseif ($direction !== $this->_random_keyword && $escape === TRUE) { - $orderby = $this->protect_identifiers($orderby); + $part = preg_match('/^(.+)\s+(ASC|DESC)$/i', $orderby, $matches) + ? $this->protect_identifiers(rtrim($matches[1])).' '.$matches[2] + : $this->protect_identifiers($orderby); } $this->qb_orderby[] = $orderby_statement = $orderby.$direction; -- cgit v1.2.3-24-g4f1b From e6302791d229e42c8fc42a3982a10eb63508197f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jun 2012 21:28:22 +0300 Subject: Fix a join() issue --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7490639dd..b99d4c607 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -343,7 +343,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->_track_aliases($table); // Strip apart the condition and protect the identifiers - if (preg_match('/([\[\w\.]+)([\W\s]+)(.+)/', $cond, $match)) + if (preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/', $cond, $match)) { $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); } -- cgit v1.2.3-24-g4f1b From 1d1d7ffc3868fd76b46fdce093fab0ce89320e94 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jun 2012 22:35:35 +0300 Subject: Fix an issue introduced in 88cb278a1e52dd7db5b0ebe2037c12f0dd69c0c1 --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index b99d4c607..645ac3969 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -965,7 +965,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } elseif ($direction !== $this->_random_keyword && $escape === TRUE) { - $part = preg_match('/^(.+)\s+(ASC|DESC)$/i', $orderby, $matches) + $orderby = preg_match('/^(.+)\s+(ASC|DESC)$/i', $orderby, $matches) ? $this->protect_identifiers(rtrim($matches[1])).' '.$matches[2] : $this->protect_identifiers($orderby); } -- cgit v1.2.3-24-g4f1b From 428702387ca071db4686ec6d6c60bd35b01c33e4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 12 Jun 2012 01:30:20 +0300 Subject: join() with multiple conditions and optional escape parameter --- system/database/DB_query_builder.php | 52 ++++++++++++++++++++++++++++++------ 1 file changed, 44 insertions(+), 8 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 645ac3969..488b294e4 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -83,6 +83,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * Generates the SELECT portion of the query * * @param string + * @param mixed * @return object */ public function select($select = '*', $escape = NULL) @@ -92,6 +93,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $select = explode(',', $select); } + // If the escape value was not set will will base it on the global setting + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($select as $val) { $val = trim($val); @@ -320,15 +324,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @param string the join condition * @param string the type of join + * @param string wether not to try to escape identifiers * @return object */ - public function join($table, $cond, $type = '') + public function join($table, $cond, $type = '', $escape = TRUE) { if ($type !== '') { $type = strtoupper(trim($type)); - if ( ! in_array($type, array('LEFT', 'RIGHT', 'OUTER', 'INNER', 'LEFT OUTER', 'RIGHT OUTER'))) + if ( ! in_array($type, array('LEFT', 'RIGHT', 'OUTER', 'INNER', 'LEFT OUTER', 'RIGHT OUTER'), TRUE)) { $type = ''; } @@ -342,12 +347,39 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // in the protect_identifiers to know whether to add a table prefix $this->_track_aliases($table); - // Strip apart the condition and protect the identifiers - if (preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/', $cond, $match)) + // Split multiple conditions + if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) + { + $newcond = ''; + $m[0][] = array('', strlen($cond)); + + for ($i = 0, $c = count($m[0]), $s = 0; + $i < $c; + $s += $m[0][$i][1] + strlen($m[0][$i][0]), $i++) + { + $temp = substr($cond, $s, $m[0][$i][1]); + + $newcond .= preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $temp, $match) + ? $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]) + : $temp; + + $newcond .= $m[0][$i][0]; + } + + $cond = $newcond; + } + // Split apart the condition and protect the identifiers + elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match)) { $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); } + // Do we want to escape the table name? + if ($escape === TRUE) + { + $table = $this->protect_identifiers($table, TRUE, NULL, FALSE); + } + // Assemble the JOIN statement $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond; @@ -370,6 +402,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param mixed * @param mixed + * @param bool * @return object */ public function where($key, $value = NULL, $escape = TRUE) @@ -387,6 +420,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param mixed * @param mixed + * @param bool * @return object */ public function or_where($key, $value = NULL, $escape = TRUE) @@ -404,6 +438,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param mixed * @param mixed * @param string + * @param mixed * @return object */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) @@ -416,10 +451,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // If the escape value was not set will will base it on the global setting - if ( ! is_bool($escape)) - { - $escape = $this->_protect_identifiers; - } + $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { @@ -851,6 +883,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param string * @param string + * @param bool * @return object */ public function having($key, $value = '', $escape = TRUE) @@ -867,6 +900,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param string * @param string + * @param bool * @return object */ public function or_having($key, $value = '', $escape = TRUE) @@ -883,6 +917,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param string * @param string + * @param string + * @param bool * @return object */ protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE) -- cgit v1.2.3-24-g4f1b From 8295c845a447b973ef27aec6ed41d4325af06a76 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 03:42:25 +0300 Subject: Fix issue #1482 --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 488b294e4..f3e75cbeb 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -381,7 +381,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // Assemble the JOIN statement - $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond; + $this->qb_join[] = $join = $type.'JOIN '.$table.' ON '.$cond; if ($this->qb_caching === TRUE) { -- cgit v1.2.3-24-g4f1b From e10fb79a95e2b0594ae68560df8963f92fea86d7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 12:07:04 +0300 Subject: Fix issue #1483 --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index f3e75cbeb..4c70ccc78 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -451,7 +451,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // If the escape value was not set will will base it on the global setting - $escape = $this->_protect_identifiers; + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { -- cgit v1.2.3-24-g4f1b From 974c75bc030b4eb0521b66bf85e81a5ab61d14a6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 12:30:02 +0300 Subject: Fix having() --- system/database/DB_query_builder.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4c70ccc78..486fda963 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -932,10 +932,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $prefix = (count($this->qb_having) === 0) ? '' : $type; - if ($escape === TRUE) - { - $k = $this->protect_identifiers($k); - } + $k = $this->_has_operator($k) + ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + : $this->protect_identifiers($k, FALSE, $escape); if ( ! $this->_has_operator($k)) { -- cgit v1.2.3-24-g4f1b From d24160cc4348c32c0c1ec7350e2e2dada2c9291a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Jun 2012 03:21:20 +0300 Subject: Changed order_by() default escaping to _protect_identifiers --- system/database/DB_query_builder.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 486fda963..5eb6bbb4e 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -967,7 +967,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool enable field name escaping * @return object */ - public function order_by($orderby, $direction = '', $escape = TRUE) + public function order_by($orderby, $direction = '', $escape = NULL) { if (strtolower($direction) === 'random') { @@ -979,8 +979,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC'; } + is_bool($escape) OR $escape = $this->_protect_identifiers; - if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE) + if ($escape === TRUE && strpos($orderby, ',') !== FALSE) { $temp = array(); foreach (explode(',', $orderby) as $part) -- cgit v1.2.3-24-g4f1b From 498c1e027e67dfd8108e0e255ff18fb914742b63 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Jun 2012 03:34:10 +0300 Subject: Added an escape parameter to where_in(), or_where_in(), where_not_in(), or_where_not_in() and made where(), or_where() to default the escape setting to the value of _protect_identifiers --- system/database/DB_query_builder.php | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 5eb6bbb4e..85dd77da9 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -405,7 +405,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function where($key, $value = NULL, $escape = TRUE) + public function where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'AND ', $escape); } @@ -423,7 +423,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_where($key, $value = NULL, $escape = TRUE) + public function or_where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'OR ', $escape); } @@ -504,9 +504,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_in($key = NULL, $values = NULL) + public function where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values); + return $this->_where_in($key, $values, FALSE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -521,9 +521,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_in($key = NULL, $values = NULL) + public function or_where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, FALSE, 'OR '); + return $this->_where_in($key, $values, FALSE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -538,9 +538,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_not_in($key = NULL, $values = NULL) + public function where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE); + return $this->_where_in($key, $values, TRUE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -555,9 +555,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_not_in($key = NULL, $values = NULL) + public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE, 'OR '); + return $this->_where_in($key, $values, TRUE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -573,7 +573,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @return object */ - protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ') + protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL) { if ($key === NULL OR $values === NULL) { @@ -587,6 +587,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $values = array($values); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $not = ($not) ? ' NOT' : ''; foreach ($values as $value) @@ -595,7 +597,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } $prefix = (count($this->qb_where) === 0) ? '' : $type; - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { -- cgit v1.2.3-24-g4f1b From fe642dadd6ba62d597ccf1c7cb91e28059caeebf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Jun 2012 03:47:33 +0300 Subject: All Query Builder methods to respect _protect_identifiers by default --- system/database/DB_query_builder.php | 42 ++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 18 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 85dd77da9..1ac9af901 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -327,7 +327,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string wether not to try to escape identifiers * @return object */ - public function join($table, $cond, $type = '', $escape = TRUE) + public function join($table, $cond, $type = '', $escape = NULL) { if ($type !== '') { @@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // in the protect_identifiers to know whether to add a table prefix $this->_track_aliases($table); + is_bool($escape) OR $escape = $this->_protect_identifiers; + // Split multiple conditions if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) { @@ -888,7 +890,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function having($key, $value = '', $escape = TRUE) + public function having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'AND ', $escape); } @@ -905,7 +907,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_having($key, $value = '', $escape = TRUE) + public function or_having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'OR ', $escape); } @@ -923,13 +925,15 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE) + protected function _having($key, $value = '', $type = 'AND ', $escape = NULL) { if ( ! is_array($key)) { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $prefix = (count($this->qb_having) === 0) ? '' : $type; @@ -1057,14 +1061,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- /** - * The "set" function. Allows key/value pairs to be set for inserting or updating + * The "set" function. + * + * Allows key/value pairs to be set for inserting or updating * * @param mixed * @param string * @param bool * @return object */ - public function set($key, $value = '', $escape = TRUE) + public function set($key, $value = '', $escape = NULL) { $key = $this->_object_to_array($key); @@ -1073,16 +1079,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { - if ($escape === FALSE) - { - $this->qb_set[$this->protect_identifiers($k)] = $v; - } - else - { - $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v); - } + $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape) + ? $this->escape($v) : $v; } return $this; @@ -1288,7 +1290,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_insert_batch($key, $value = '', $escape = TRUE) + public function set_insert_batch($key, $value = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1297,6 +1299,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $keys = array_keys($this->_object_to_array(current($key))); sort($keys); @@ -1328,7 +1332,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($keys as $k) { - $this->qb_keys[] = $this->protect_identifiers($k); + $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape); } return $this; @@ -1727,7 +1731,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_update_batch($key, $index = '', $escape = TRUE) + public function set_update_batch($key, $index = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1736,6 +1740,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // @todo error } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $index_set = FALSE; @@ -1747,7 +1753,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $index_set = TRUE; } - $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2); + $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2); } if ($index_set === FALSE) -- cgit v1.2.3-24-g4f1b From f512b73bc78760198a5409f2c4da71fe749b1301 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 16 Jun 2012 11:15:19 +0100 Subject: Spelling fixes - `wether` to `whether` Interestingly `wether` means a castrated ram in old English --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 1ac9af901..531ca9eb7 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -324,7 +324,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @param string the join condition * @param string the type of join - * @param string wether not to try to escape identifiers + * @param string whether not to try to escape identifiers * @return object */ public function join($table, $cond, $type = '', $escape = NULL) -- cgit v1.2.3-24-g4f1b From 929fd2d52beb779e46681d35f8ff138aa65cb8df Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 17 Jun 2012 17:29:57 +0300 Subject: Improve escaping, support for table names with spaces and fix where() for strings with no spaces around operators --- system/database/DB_query_builder.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 531ca9eb7..27f9f363b 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -459,8 +459,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) : $this->protect_identifiers($k, FALSE, $escape); if (is_null($v) && ! $this->_has_operator($k)) -- cgit v1.2.3-24-g4f1b From 3751f9362b731f5f3d2e63176c364d6281fdf415 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 17 Jun 2012 18:07:48 +0300 Subject: Add join() USING support --- system/database/DB_query_builder.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 27f9f363b..4c54b1c0a 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -368,12 +368,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $newcond .= $m[0][$i][0]; } - $cond = $newcond; + $cond = ' ON '.$newcond; } // Split apart the condition and protect the identifiers elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match)) { - $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + } + elseif ( ! $this->_has_operator($cond)) + { + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + } + else + { + $cond = ' ON '.$cond; } // Do we want to escape the table name? @@ -383,7 +391,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // Assemble the JOIN statement - $this->qb_join[] = $join = $type.'JOIN '.$table.' ON '.$cond; + $this->qb_join[] = $join = $type.'JOIN '.$table.$cond; if ($this->qb_caching === TRUE) { -- cgit v1.2.3-24-g4f1b From 777153d8362ed884fc3d47ea4a5e1fa0f1ce8ca9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 18 Jun 2012 13:30:45 +0300 Subject: Changed limit() and offset() to ignore NULL values --- system/database/DB_query_builder.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4c54b1c0a..d21f15066 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1042,12 +1042,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function limit($value, $offset = NULL) { - $this->qb_limit = (int) $value; - - if ( ! empty($offset)) - { - $this->qb_offset = (int) $offset; - } + is_null($value) OR $this->qb_limit = (int) $value; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } @@ -1062,7 +1058,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function offset($offset) { - $this->qb_offset = (int) $offset; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } -- cgit v1.2.3-24-g4f1b From bc69f369eba2f1188be6d89ebd1df8c48e96db5d Mon Sep 17 00:00:00 2001 From: WanWizard Date: Fri, 22 Jun 2012 00:10:11 +0200 Subject: fixed query grouping when using where($array) syntax on request of Phil --- system/database/DB_query_builder.php | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index d21f15066..62e02129b 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -453,8 +453,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); @@ -465,7 +463,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $k = (($op = $this->_get_operator($k)) !== FALSE) ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) @@ -590,8 +588,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return $this; } - $type = $this->_group_get_type($type); - if ( ! is_array($values)) { $values = array($values); @@ -606,7 +602,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } - $prefix = (count($this->qb_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) @@ -702,8 +698,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _like($field, $match = '', $type = 'AND ', $side = 'both', $not = '') { - $type = $this->_group_get_type($type); - if ( ! is_array($field)) { $field = array($field => $match); @@ -712,7 +706,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($field as $k => $v) { $k = $this->protect_identifiers($k); - $prefix = (count($this->qb_like) === 0) ? '' : $type; + $prefix = (count($this->qb_like) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $v = $this->escape_like_str($v); if ($side === 'none') @@ -2393,4 +2387,4 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } /* End of file DB_query_builder.php */ -/* Location: ./system/database/DB_query_builder.php */ \ No newline at end of file +/* Location: ./system/database/DB_query_builder.php */ -- cgit v1.2.3-24-g4f1b From 58803fb365e085401803d4b17a9508ceedde2e20 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 24 Jun 2012 00:45:37 +0300 Subject: Add _where() changes from pull #1517 to the PostgreSQL driver --- system/database/DB_query_builder.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 62e02129b..4631b1b92 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -463,7 +463,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); $k = (($op = $this->_get_operator($k)) !== FALSE) ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) @@ -2387,4 +2389,4 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } /* End of file DB_query_builder.php */ -/* Location: ./system/database/DB_query_builder.php */ +/* Location: ./system/database/DB_query_builder.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 2c35b64fc2b072ce873c56dde0f4bb1e5f404450 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 24 Jun 2012 03:05:26 +0300 Subject: Add a default _limit() method to the Query Builder class --- system/database/DB_query_builder.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4631b1b92..dad1df116 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1060,6 +1060,23 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- + /** + * Limit string + * + * Generates a platform-specific LIMIT clause + * + * @param string the sql query string + * @param int the number of rows to limit the query to + * @param int the offset value + * @return string + */ + protected function _limit($sql, $limit, $offset) + { + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; + } + + // -------------------------------------------------------------------- + /** * The "set" function. * -- cgit v1.2.3-24-g4f1b From 35443c6be9e181bdefe8d3c7851cd305caafde15 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jun 2012 15:34:30 +0300 Subject: Change where() to skip dbprefix (until a better solution is available) --- system/database/DB_query_builder.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index dad1df116..439530714 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -467,9 +467,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ? $this->_group_get_type('') : $this->_group_get_type($type); - $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) + : $this->escape_identifiers($k); + } if (is_null($v) && ! $this->_has_operator($k)) { @@ -604,8 +607,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } + if ($escape === TRUE) + { + $key = $this->escape_identifiers($key); + } + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + $this->qb_where[] = $where_in = $prefix.$key.$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { -- cgit v1.2.3-24-g4f1b From 40f1404344d09520e91d6d3cb9ccd23b786ca35e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jun 2012 17:54:22 +0300 Subject: Fix issues #1529 & #1530 --- system/database/DB_query_builder.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 439530714..4c43fe3c3 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -470,8 +470,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if ($escape === TRUE) { $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) - : $this->escape_identifiers($k); + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); } if (is_null($v) && ! $this->_has_operator($k)) @@ -609,7 +609,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if ($escape === TRUE) { - $key = $this->escape_identifiers($key); + $key = $this->escape_identifiers(trim($key)); } $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); -- cgit v1.2.3-24-g4f1b From eb22d544c4ea1993fcbdad0404ce9ec65d0410be Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Jun 2012 23:16:35 +0300 Subject: Fix get_where() test --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4c43fe3c3..3982885e8 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1218,7 +1218,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the offset clause * @return object */ - public function get_where($table = '', $where = null, $limit = null, $offset = null) + public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL) { if ($table !== '') { -- cgit v1.2.3-24-g4f1b From 75546118c628fc17ba2f1ef97442760a701aa8e8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Jul 2012 11:01:29 +0300 Subject: Move _insert() and _update() defaults from Query Builder to DB_driver so that they're available for use by insert_string() and update_string() at all times --- system/database/DB_query_builder.php | 52 ------------------------------------ 1 file changed, 52 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 3982885e8..79e67e0c0 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1434,23 +1434,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- - /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - /** * Validate Insert * @@ -1630,41 +1613,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @param array the like clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE, $like = array()) - { - foreach ($values as $key => $val) - { - $valstr[] = $key.' = '.$val; - } - - $where = empty($where) ? '' : ' WHERE '.implode(' ', $where); - - if ( ! empty($like)) - { - $where .= ($where === '' ? ' WHERE ' : ' AND ').implode(' ', $like); - } - - return 'UPDATE '.$table.' SET '.implode(', ', $valstr) - .$where - .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '') - .($limit ? ' LIMIT '.$limit : ''); - } - - // -------------------------------------------------------------------- - /** * Validate Update * -- cgit v1.2.3-24-g4f1b From 49aa45b45e1cc83cb61d1524ba32d6c188dac2e1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 6 Jul 2012 16:22:21 +0300 Subject: Fix a few join() bugs --- system/database/DB_query_builder.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/database/DB_query_builder.php') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 79e67e0c0..479b7f24a 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -350,18 +350,18 @@ abstract class CI_DB_query_builder extends CI_DB_driver { is_bool($escape) OR $escape = $this->_protect_identifiers; // Split multiple conditions - if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) + if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_OFFSET_CAPTURE)) { $newcond = ''; $m[0][] = array('', strlen($cond)); for ($i = 0, $c = count($m[0]), $s = 0; $i < $c; - $s += $m[0][$i][1] + strlen($m[0][$i][0]), $i++) + $s = $m[0][$i][1] + strlen($m[0][$i][0]), $i++) { - $temp = substr($cond, $s, $m[0][$i][1]); + $temp = substr($cond, $s, ($m[0][$i][1] - $s)); - $newcond .= preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $temp, $match) + $newcond .= preg_match("/([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $temp, $match) ? $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]) : $temp; @@ -371,7 +371,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $cond = ' ON '.$newcond; } // Split apart the condition and protect the identifiers - elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match)) + elseif ($escape === TRUE && preg_match("/([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $cond, $match)) { $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); } -- cgit v1.2.3-24-g4f1b