From 7545ffd90647cd65aeaff2a21032a13140700c63 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Thu, 10 Jan 2013 16:23:48 +0200
Subject: Fix SQLSRV escape_str()

---
 system/database/drivers/sqlsrv/sqlsrv_driver.php | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

(limited to 'system/database/drivers/sqlsrv')

diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 0e04c5c67..a6f2d5537 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -230,8 +230,30 @@ class CI_DB_sqlsrv_driver extends CI_DB {
 	 */
 	public function escape_str($str, $like = FALSE)
 	{
+		if (is_array($str))
+		{
+			foreach ($str as $key => $val)
+			{
+				$str[$key] = $this->escape_str($val, $like);
+			}
+
+			return $str;
+		}
+
 		// Escape single quotes
-		return str_replace("'", "''", $str);
+		$str = str_replace("'", "''", remove_invisible_characters($str));
+
+		// escape LIKE condition wildcards
+		if ($like === TRUE)
+		{
+			return str_replace(
+				array($this->_like_escape_chr, '%', '_'),
+				array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
+				$str
+			);
+		}
+
+		return $str;
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b