From bee6644ce280d8e72cc2db23c86d5f5f6973acf3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 28 Mar 2012 15:28:19 +0300 Subject: Add a dummy db_select() method to CI_DB_driver and remove it from drivers that don't have such functionality --- system/database/drivers/pdo/pdo_driver.php | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index f336eb0ab..a9bed367e 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -246,19 +246,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Select the database - * - * @return resource - */ - public function db_select() - { - // Not needed for PDO - return TRUE; - } - - // -------------------------------------------------------------------- - /** * Database version number * -- cgit v1.2.3-24-g4f1b From 97f3697b6c1c220a32d8e63c5da636e9d725dd8a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Apr 2012 12:44:36 +0300 Subject: Added a default _insert_batch() method instead of requiring each driver to define it and fixed 2 issues related to it --- system/database/drivers/pdo/pdo_driver.php | 17 ----------------- 1 file changed, 17 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index a9bed367e..6ba69b7a5 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -684,23 +684,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Insert_batch statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert_batch($table, $keys, $values) - { - return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); - } - - // -------------------------------------------------------------------- - /** * Update statement * -- cgit v1.2.3-24-g4f1b From 65d537ce35cc01c2f31144d695725255322cb792 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Apr 2012 14:11:41 +0300 Subject: Replaced driver instances of _insert() with one in CI_DB_active_record --- system/database/drivers/pdo/pdo_driver.php | 17 ----------------- 1 file changed, 17 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 6ba69b7a5..17c9f5e9c 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -667,23 +667,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Insert statement - * - * Generates a platform-specific insert string from the supplied data - * - * @param string the table name - * @param array the insert keys - * @param array the insert values - * @return string - */ - protected function _insert($table, $keys, $values) - { - return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; - } - - // -------------------------------------------------------------------- - /** * Update statement * -- cgit v1.2.3-24-g4f1b From 975034d50ed7b3c530631ba3e24a73e33be24eff Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Apr 2012 15:09:55 +0300 Subject: Added a default _update() method to CI_DB_active_record --- system/database/drivers/pdo/pdo_driver.php | 31 ------------------------------ 1 file changed, 31 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 17c9f5e9c..9a08f9d4c 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -667,37 +667,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string the table name - * @param array the update data - * @param array the where clause - * @param array the orderby clause - * @param array the limit clause - * @return string - */ - protected function _update($table, $values, $where, $orderby = array(), $limit = FALSE) - { - foreach ($values as $key => $val) - { - $valstr[] = $key." = ".$val; - } - - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - $orderby = (count($orderby) >= 1) ? ' ORDER BY '.implode(', ', $orderby) : ''; - - $sql = 'UPDATE '.$this->_from_tables($table).' SET '.implode(', ', $valstr); - $sql .= ($where != '' && count($where) >= 1) ? ' WHERE '.implode(' ', $where) : ''; - $sql .= $orderby.$limit; - - return $sql; - } - - // -------------------------------------------------------------------- - /** * Update_Batch statement * -- cgit v1.2.3-24-g4f1b From a6fe36eb42e5d8df8336f8c711ff8a6e0ee509e7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Apr 2012 16:00:32 +0300 Subject: Added a default _truncate() method to CI_DB_active_record --- system/database/drivers/pdo/pdo_driver.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 9a08f9d4c..aec39c819 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -722,15 +722,16 @@ class CI_DB_pdo_driver extends CI_DB { * Truncate statement * * Generates a platform-specific truncate string from the supplied data - * If the database does not support the truncate() command - * This function maps to "DELETE FROM table" + * + * If the database does not support the truncate() command, + * then this method maps to 'DELETE FROM table' * * @param string the table name * @return string */ protected function _truncate($table) { - return $this->_delete($table); + return 'DELETE FROM '.$table; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From e9f2095056a579bad9bf2ad80116cc8454f6520e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 6 Apr 2012 19:30:41 +0300 Subject: Fix PDO field and table escaping --- system/database/drivers/pdo/pdo_driver.php | 70 ++++++++---------------------- 1 file changed, 18 insertions(+), 52 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index aec39c819..bd9eddee3 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -46,8 +46,8 @@ class CI_DB_pdo_driver extends CI_DB { protected $_escape_char = ''; // clause and character used for LIKE escape sequences - protected $_like_escape_str; - protected $_like_escape_chr; + protected $_like_escape_str = " ESCAPE '%s' "; + protected $_like_escape_chr = '!'; /** * The syntax to count rows is slightly different across different @@ -81,18 +81,17 @@ class CI_DB_pdo_driver extends CI_DB { // this one depends on the driver being used if ($this->pdodriver == 'mysql') { + $this->_escape_char = '`'; $this->_like_escape_str = ''; $this->_like_escape_chr = ''; } elseif ($this->pdodriver == 'odbc') { $this->_like_escape_str = " {escape '%s'} "; - $this->_like_escape_chr = '!'; } - else + elseif ( ! in_array($this->pdodriver, array('sqlsrv', 'mssql', 'dblib', 'sybase'))) { - $this->_like_escape_str = " ESCAPE '%s' "; - $this->_like_escape_chr = '!'; + $this->_escape_char = '"'; } $this->trans_enabled = FALSE; @@ -268,8 +267,6 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _execute($sql) { - $sql = $this->_prep_query($sql); - $result_id = $this->conn_id->query($sql); if (is_object($result_id)) @@ -286,32 +283,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Prep the query - * - * If needed, each database adapter can prep the query string - * - * @param string an SQL query - * @return string - */ - protected function _prep_query($sql) - { - if ($this->pdodriver === 'pgsql') - { - // Change the backtick(s) for Postgre - $sql = str_replace('`', '"', $sql); - } - elseif ($this->pdodriver === 'sqlite') - { - // Change the backtick(s) for SQLite - $sql = str_replace('`', '', $sql); - } - - return $sql; - } - - // -------------------------------------------------------------------- - /** * Begin Transaction * @@ -516,7 +487,7 @@ class CI_DB_pdo_driver extends CI_DB { } else { - $sql = "SHOW TABLES FROM `".$this->database."`"; + $sql = 'SHOW TABLES FROM '.$this->_escape_identifiers($this->database); } if ($prefix_limit !== FALSE AND $this->dbprefix != '') @@ -539,7 +510,7 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SHOW COLUMNS FROM '.$this->_from_tables($table); + return 'SHOW COLUMNS FROM '.$this->_escape_identifiers($table); } // -------------------------------------------------------------------- @@ -557,20 +528,20 @@ class CI_DB_pdo_driver extends CI_DB { if ($this->pdodriver == 'mysql' or $this->pdodriver == 'pgsql') { // Analog function for mysql and postgre - return 'SELECT * FROM '.$this->_from_tables($table).' LIMIT 1'; + return 'SELECT * FROM '.$this->_escape_identifiers($table).' LIMIT 1'; } elseif ($this->pdodriver == 'oci') { // Analog function for oci - return 'SELECT * FROM '.$this->_from_tables($table).' WHERE ROWNUM <= 1'; + return 'SELECT * FROM '.$this->_escape_identifiers($table).' WHERE ROWNUM <= 1'; } elseif ($this->pdodriver == 'sqlite') { // Analog function for sqlite - return 'PRAGMA table_info('.$this->_from_tables($table).')'; + return 'PRAGMA table_info('.$this->_escape_identifiers($table).')'; } - return 'SELECT TOP 1 FROM '.$this->_from_tables($table); + return 'SELECT TOP 1 FROM '.$this->_escape_identifiers($table); } // -------------------------------------------------------------------- @@ -623,25 +594,20 @@ class CI_DB_pdo_driver extends CI_DB { { if (strpos($item, '.'.$id) !== FALSE) { - $str = $this->_escape_char. str_replace('.', $this->_escape_char.'.', $item); + $item = str_replace('.', $this->_escape_char.'.', $item); // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); + return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); } } if (strpos($item, '.') !== FALSE) { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - $str .= $this->_escape_char; - } - else - { - $str = $this->_escape_char.$item.$this->_escape_char; + $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); } // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $str); + return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); } // -------------------------------------------------------------------- @@ -662,7 +628,7 @@ class CI_DB_pdo_driver extends CI_DB { $tables = array($tables); } - return (count($tables) == 1) ? '`'.$tables[0].'`' : '('.implode(', ', $tables).')'; + return (count($tables) === 1) ? $tables[0] : '('.implode(', ', $tables).')'; } // -------------------------------------------------------------------- @@ -695,7 +661,7 @@ class CI_DB_pdo_driver extends CI_DB { } } - $sql = 'UPDATE '.$this->_from_tables($table).' SET '; + $sql = 'UPDATE '.$table.' SET '; $cases = ''; foreach ($final as $k => $v) @@ -765,7 +731,7 @@ class CI_DB_pdo_driver extends CI_DB { $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - return 'DELETE FROM '.$this->_from_tables($table).$conditions.$limit; + return 'DELETE FROM '.$table.$conditions.$limit; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From ea09a8a5552f2aacdeab0c88a605fe44047ebd0a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 6 Apr 2012 20:50:07 +0300 Subject: Renamed _escape_identifiers() to escape_identifiers() and moved it to CI_DB_driver --- system/database/drivers/pdo/pdo_driver.php | 49 ++++-------------------------- system/database/drivers/pdo/pdo_forge.php | 4 +-- 2 files changed, 8 insertions(+), 45 deletions(-) (limited to 'system/database/drivers/pdo') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index bd9eddee3..919bb9c00 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -487,7 +487,7 @@ class CI_DB_pdo_driver extends CI_DB { } else { - $sql = 'SHOW TABLES FROM '.$this->_escape_identifiers($this->database); + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); } if ($prefix_limit !== FALSE AND $this->dbprefix != '') @@ -510,7 +510,7 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SHOW COLUMNS FROM '.$this->_escape_identifiers($table); + return 'SHOW COLUMNS FROM '.$this->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -528,20 +528,20 @@ class CI_DB_pdo_driver extends CI_DB { if ($this->pdodriver == 'mysql' or $this->pdodriver == 'pgsql') { // Analog function for mysql and postgre - return 'SELECT * FROM '.$this->_escape_identifiers($table).' LIMIT 1'; + return 'SELECT * FROM '.$this->escape_identifiers($table).' LIMIT 1'; } elseif ($this->pdodriver == 'oci') { // Analog function for oci - return 'SELECT * FROM '.$this->_escape_identifiers($table).' WHERE ROWNUM <= 1'; + return 'SELECT * FROM '.$this->escape_identifiers($table).' WHERE ROWNUM <= 1'; } elseif ($this->pdodriver == 'sqlite') { // Analog function for sqlite - return 'PRAGMA table_info('.$this->_escape_identifiers($table).')'; + return 'PRAGMA table_info('.$this->escape_identifiers($table).')'; } - return 'SELECT TOP 1 FROM '.$this->_escape_identifiers($table); + return 'SELECT TOP 1 FROM '.$this->escape_identifiers($table); } // -------------------------------------------------------------------- @@ -575,43 +575,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Escape the SQL Identifiers - * - * This function escapes column and table names - * - * @param string - * @return string - */ - public function _escape_identifiers($item) - { - if ($this->_escape_char == '') - { - return $item; - } - - foreach ($this->_reserved_identifiers as $id) - { - if (strpos($item, '.'.$id) !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.', $item); - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item); - } - } - - if (strpos($item, '.') !== FALSE) - { - $item = str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); - } - - // remove duplicates if the user already included the escape - return preg_replace('/['.$this->_escape_char.']+/', $this->_escape_char, $this->_escape_char.$item.$this->_escape_char); - } - - // -------------------------------------------------------------------- - /** * From Tables * diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php index 6bff3542f..9635e4c9a 100644 --- a/system/database/drivers/pdo/pdo_forge.php +++ b/system/database/drivers/pdo/pdo_forge.php @@ -91,10 +91,10 @@ class CI_DB_pdo_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= '`'.$this->db->_escape_identifiers($table).'` ('; + $sql .= $this->db->escape_identifiers($table).' ('; $current_field_count = 0; - foreach ($fields as $field=>$attributes) + foreach ($fields as $field => $attributes) { // Numeric field names aren't allowed in databases, so if the key is // numeric, we know it was assigned by PHP and the developer manually -- cgit v1.2.3-24-g4f1b