From 3167eebb81d740e0a74b28ff0353dd4fcf110d0e Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 8 Feb 2011 21:19:28 +0000 Subject: MySQL Driver will now wrap field names for insert(), update() and replace() with backticks (`) so fields like "default" and "order" will not cause SQL errors. --- system/database/drivers/mysql/mysql_driver.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'system/database/drivers/mysql') diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index df18c912e..c9fc1ecab 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -287,12 +287,12 @@ class CI_DB_mysql_driver extends CI_DB { if (is_array($str)) { foreach($str as $key => $val) - { + { $str[$key] = $this->escape_str($val, $like); - } + } - return $str; - } + return $str; + } if (function_exists('mysql_real_escape_string') AND is_resource($this->conn_id)) { @@ -532,7 +532,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _insert($table, $keys, $values) { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; + return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")"; } // -------------------------------------------------------------------- @@ -551,7 +551,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _replace($table, $keys, $values) { - return "REPLACE INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; + return "REPLACE INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")"; } // -------------------------------------------------------------------- @@ -569,7 +569,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _insert_batch($table, $keys, $values) { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values); + return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES ".implode(', ', $values); } // -------------------------------------------------------------------- @@ -592,7 +592,7 @@ class CI_DB_mysql_driver extends CI_DB { { foreach($values as $key => $val) { - $valstr[] = $key." = ".$val; + $valstr[] = sprintf('`%s` = %s', $key, $val); } $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; -- cgit v1.2.3-24-g4f1b From a12216baff3aef18413a84e3d37aba2096b5ebe8 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 9 Feb 2011 16:09:31 +0000 Subject: Reverted recent MySQL backtick escaping as some queries were double-escaping. --- system/database/drivers/mysql/mysql_driver.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/database/drivers/mysql') diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index c9fc1ecab..72c834b8f 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -532,7 +532,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _insert($table, $keys, $values) { - return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")"; + return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; } // -------------------------------------------------------------------- @@ -551,7 +551,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _replace($table, $keys, $values) { - return "REPLACE INTO ".$table." (`".implode('`, `', $keys)."`) VALUES (".implode(', ', $values).")"; + return "REPLACE INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; } // -------------------------------------------------------------------- @@ -569,7 +569,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _insert_batch($table, $keys, $values) { - return "INSERT INTO ".$table." (`".implode('`, `', $keys)."`) VALUES ".implode(', ', $values); + return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values); } // -------------------------------------------------------------------- @@ -592,7 +592,7 @@ class CI_DB_mysql_driver extends CI_DB { { foreach($values as $key => $val) { - $valstr[] = sprintf('`%s` = %s', $key, $val); + $valstr[] = $key . ' = ' . $val; } $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; -- cgit v1.2.3-24-g4f1b From c3a4a8d973b9c0a7cc935d150b8b1c6898037c45 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Mon, 14 Feb 2011 13:40:08 -0500 Subject: Whitespace cleanup in db classes --- system/database/drivers/mysql/mysql_driver.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/database/drivers/mysql') diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 72c834b8f..4ff9b0a11 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -286,7 +286,7 @@ class CI_DB_mysql_driver extends CI_DB { { if (is_array($str)) { - foreach($str as $key => $val) + foreach ($str as $key => $val) { $str[$key] = $this->escape_str($val, $like); } @@ -590,7 +590,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function _update($table, $values, $where, $orderby = array(), $limit = FALSE) { - foreach($values as $key => $val) + foreach ($values as $key => $val) { $valstr[] = $key . ' = ' . $val; } @@ -627,11 +627,11 @@ class CI_DB_mysql_driver extends CI_DB { $ids = array(); $where = ($where != '' AND count($where) >=1) ? implode(" ", $where).' AND ' : ''; - foreach($values as $key => $val) + foreach ($values as $key => $val) { $ids[] = $val[$index]; - foreach(array_keys($val) as $field) + foreach (array_keys($val) as $field) { if ($field != $index) { @@ -643,7 +643,7 @@ class CI_DB_mysql_driver extends CI_DB { $sql = "UPDATE ".$table." SET "; $cases = ''; - foreach($final as $k => $v) + foreach ($final as $k => $v) { $cases .= $k.' = CASE '."\n"; foreach ($v as $row) -- cgit v1.2.3-24-g4f1b