From f68db392ea3861de9d80c41e3cd5b857468c53f9 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Thu, 14 Jun 2012 17:14:11 -0500 Subject: Somebody double `$$`ed, causing error Severity: 4096 Message: Object of class CI_DB_mysql_forge could not be converted to string Filename: database/DB_forge.php Line Number: 234 --- system/database/DB_forge.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index 9b7639289..91f9d560c 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -231,7 +231,7 @@ abstract class CI_DB_forge { if (($result = $this->db->query($sql)) !== FALSE && ! empty($this->db->data_cache['table_names'])) { - $this->db->data_cache['table_names'][] = $$this->db->dbprefix.$table; + $this->db->data_cache['table_names'][] = $this->db->dbprefix.$table; } return $result; -- cgit v1.2.3-24-g4f1b From e389b0eb2f107ee16e5f6ca47833809dffdfc02f Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Thu, 14 Jun 2012 17:37:18 -0500 Subject: Fixed ANOTHER DB_Forge bug in the mysql driver. I'm watching you @narfbg. --- system/database/drivers/mysql/mysql_forge.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index d22454d84..2ac75bad2 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -62,7 +62,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { $sql .= "\n\t".$this->db->escape_identifiers($field); - empty($attributes['NAME']) OR ' '.$this->db->escape_identifiers($attributes['NAME']).' '; + empty($attributes['NAME']) OR $sql .= ' '.$this->db->escape_identifiers($attributes['NAME']).' '; if ( ! empty($attributes['TYPE'])) { -- cgit v1.2.3-24-g4f1b From 8295c845a447b973ef27aec6ed41d4325af06a76 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 03:42:25 +0300 Subject: Fix issue #1482 --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 488b294e4..f3e75cbeb 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -381,7 +381,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // Assemble the JOIN statement - $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond; + $this->qb_join[] = $join = $type.'JOIN '.$table.' ON '.$cond; if ($this->qb_caching === TRUE) { -- cgit v1.2.3-24-g4f1b From e10fb79a95e2b0594ae68560df8963f92fea86d7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 12:07:04 +0300 Subject: Fix issue #1483 --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index f3e75cbeb..4c70ccc78 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -451,7 +451,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // If the escape value was not set will will base it on the global setting - $escape = $this->_protect_identifiers; + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { -- cgit v1.2.3-24-g4f1b From 974c75bc030b4eb0521b66bf85e81a5ab61d14a6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 12:30:02 +0300 Subject: Fix having() --- system/database/DB_query_builder.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4c70ccc78..486fda963 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -932,10 +932,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $prefix = (count($this->qb_having) === 0) ? '' : $type; - if ($escape === TRUE) - { - $k = $this->protect_identifiers($k); - } + $k = $this->_has_operator($k) + ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + : $this->protect_identifiers($k, FALSE, $escape); if ( ! $this->_has_operator($k)) { -- cgit v1.2.3-24-g4f1b From 857b00f4026f149350a6a3447d0c2b0149c1b534 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Fri, 15 Jun 2012 15:26:01 +0200 Subject: more logging --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index d056bdb90..28d665fdf 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -352,7 +352,7 @@ abstract class CI_DB_driver { $error = $this->error(); // Log errors - log_message('error', 'Query error: '.$error['message']); + log_message('error', 'Query error: '.$error['message'] . ' - Invalid query: ' . $sql); if ($this->db_debug) { -- cgit v1.2.3-24-g4f1b From d24160cc4348c32c0c1ec7350e2e2dada2c9291a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Jun 2012 03:21:20 +0300 Subject: Changed order_by() default escaping to _protect_identifiers --- system/database/DB_query_builder.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 486fda963..5eb6bbb4e 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -967,7 +967,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool enable field name escaping * @return object */ - public function order_by($orderby, $direction = '', $escape = TRUE) + public function order_by($orderby, $direction = '', $escape = NULL) { if (strtolower($direction) === 'random') { @@ -979,8 +979,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC'; } + is_bool($escape) OR $escape = $this->_protect_identifiers; - if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE) + if ($escape === TRUE && strpos($orderby, ',') !== FALSE) { $temp = array(); foreach (explode(',', $orderby) as $part) -- cgit v1.2.3-24-g4f1b From 498c1e027e67dfd8108e0e255ff18fb914742b63 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Jun 2012 03:34:10 +0300 Subject: Added an escape parameter to where_in(), or_where_in(), where_not_in(), or_where_not_in() and made where(), or_where() to default the escape setting to the value of _protect_identifiers --- system/database/DB_query_builder.php | 26 ++++++++++++---------- system/database/drivers/postgre/postgre_driver.php | 5 +---- 2 files changed, 15 insertions(+), 16 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 5eb6bbb4e..85dd77da9 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -405,7 +405,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function where($key, $value = NULL, $escape = TRUE) + public function where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'AND ', $escape); } @@ -423,7 +423,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_where($key, $value = NULL, $escape = TRUE) + public function or_where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'OR ', $escape); } @@ -504,9 +504,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_in($key = NULL, $values = NULL) + public function where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values); + return $this->_where_in($key, $values, FALSE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -521,9 +521,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_in($key = NULL, $values = NULL) + public function or_where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, FALSE, 'OR '); + return $this->_where_in($key, $values, FALSE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -538,9 +538,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_not_in($key = NULL, $values = NULL) + public function where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE); + return $this->_where_in($key, $values, TRUE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -555,9 +555,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_not_in($key = NULL, $values = NULL) + public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE, 'OR '); + return $this->_where_in($key, $values, TRUE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -573,7 +573,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @return object */ - protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ') + protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL) { if ($key === NULL OR $values === NULL) { @@ -587,6 +587,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $values = array($values); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $not = ($not) ? ' NOT' : ''; foreach ($values as $value) @@ -595,7 +597,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } $prefix = (count($this->qb_where) === 0) ? '' : $type; - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index ad9ac9000..3d25b25ee 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -606,10 +606,7 @@ class CI_DB_postgre_driver extends CI_DB { } // If the escape value was not set will will base it on the global setting - if ( ! is_bool($escape)) - { - $escape = $this->_protect_identifiers; - } + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { -- cgit v1.2.3-24-g4f1b From fe642dadd6ba62d597ccf1c7cb91e28059caeebf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Jun 2012 03:47:33 +0300 Subject: All Query Builder methods to respect _protect_identifiers by default --- system/database/DB_query_builder.php | 42 ++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 18 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 85dd77da9..1ac9af901 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -327,7 +327,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string wether not to try to escape identifiers * @return object */ - public function join($table, $cond, $type = '', $escape = TRUE) + public function join($table, $cond, $type = '', $escape = NULL) { if ($type !== '') { @@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // in the protect_identifiers to know whether to add a table prefix $this->_track_aliases($table); + is_bool($escape) OR $escape = $this->_protect_identifiers; + // Split multiple conditions if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) { @@ -888,7 +890,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function having($key, $value = '', $escape = TRUE) + public function having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'AND ', $escape); } @@ -905,7 +907,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_having($key, $value = '', $escape = TRUE) + public function or_having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'OR ', $escape); } @@ -923,13 +925,15 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE) + protected function _having($key, $value = '', $type = 'AND ', $escape = NULL) { if ( ! is_array($key)) { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $prefix = (count($this->qb_having) === 0) ? '' : $type; @@ -1057,14 +1061,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- /** - * The "set" function. Allows key/value pairs to be set for inserting or updating + * The "set" function. + * + * Allows key/value pairs to be set for inserting or updating * * @param mixed * @param string * @param bool * @return object */ - public function set($key, $value = '', $escape = TRUE) + public function set($key, $value = '', $escape = NULL) { $key = $this->_object_to_array($key); @@ -1073,16 +1079,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { - if ($escape === FALSE) - { - $this->qb_set[$this->protect_identifiers($k)] = $v; - } - else - { - $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v); - } + $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape) + ? $this->escape($v) : $v; } return $this; @@ -1288,7 +1290,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_insert_batch($key, $value = '', $escape = TRUE) + public function set_insert_batch($key, $value = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1297,6 +1299,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $keys = array_keys($this->_object_to_array(current($key))); sort($keys); @@ -1328,7 +1332,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($keys as $k) { - $this->qb_keys[] = $this->protect_identifiers($k); + $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape); } return $this; @@ -1727,7 +1731,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_update_batch($key, $index = '', $escape = TRUE) + public function set_update_batch($key, $index = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1736,6 +1740,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // @todo error } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $index_set = FALSE; @@ -1747,7 +1753,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $index_set = TRUE; } - $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2); + $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2); } if ($index_set === FALSE) -- cgit v1.2.3-24-g4f1b From f512b73bc78760198a5409f2c4da71fe749b1301 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 16 Jun 2012 11:15:19 +0100 Subject: Spelling fixes - `wether` to `whether` Interestingly `wether` means a castrated ram in old English --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 1ac9af901..531ca9eb7 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -324,7 +324,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @param string the join condition * @param string the type of join - * @param string wether not to try to escape identifiers + * @param string whether not to try to escape identifiers * @return object */ public function join($table, $cond, $type = '', $escape = NULL) -- cgit v1.2.3-24-g4f1b From 929fd2d52beb779e46681d35f8ff138aa65cb8df Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 17 Jun 2012 17:29:57 +0300 Subject: Improve escaping, support for table names with spaces and fix where() for strings with no spaces around operators --- system/database/DB_driver.php | 56 ++++++++++------------ system/database/DB_query_builder.php | 4 +- system/database/drivers/postgre/postgre_driver.php | 4 +- 3 files changed, 30 insertions(+), 34 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 28d665fdf..4ec20f45d 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1085,6 +1085,20 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- + /** + * Returns the SQL string operator + * + * @param string + * @return string + */ + protected function _get_operator($str) + { + return preg_match('/(=|!|<|>| IS NULL| IS NOT NULL| BETWEEN)/i', $str, $match) + ? $match[1] : FALSE; + } + + // -------------------------------------------------------------------- + /** * Enables a native PHP function to be run, using a platform agnostic wrapper. * @@ -1336,39 +1350,21 @@ abstract class CI_DB_driver { // Convert tabs or multiple spaces into single spaces $item = preg_replace('/\s+/', ' ', $item); - static $preg_ec = array(); - - if (empty($preg_ec)) + // If the item has an alias declaration we remove it and set it aside. + // Note: strripos() is used in order to support spaces in table names + if ($offset = strripos($item, ' AS ')) { - if (is_array($this->_escape_char)) - { - $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); - } - else - { - $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); - } + $alias = ($protect_identifiers) + ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - - // If the item has an alias declaration we remove it and set it aside. - // Basically we remove everything to the right of the first space - preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', $item, $matches); - - if (isset($matches[4])) + elseif ($offset = strrpos($item, ' ')) { - $item = $matches[1]; - - // Escape the alias, if needed - if ($protect_identifiers === TRUE) - { - $alias = empty($matches[5]) - ? ' '.$this->escape_identifiers(ltrim($matches[4])) - : $matches[4].' '.$this->escape_identifiers(ltrim($matches[5])); - } - else - { - $alias = $matches[4].$matches[5]; - } + $alias = ($protect_identifiers) + ? ' '.$this->escape_identifiers(substr($item, $offset + 1)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } else { diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 531ca9eb7..27f9f363b 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -459,8 +459,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) : $this->protect_identifiers($k, FALSE, $escape); if (is_null($v) && ! $this->_has_operator($k)) diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 3d25b25ee..23826a0ae 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -612,8 +612,8 @@ class CI_DB_postgre_driver extends CI_DB { { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) : $this->protect_identifiers($k, FALSE, $escape); if (is_null($v) && ! $this->_has_operator($k)) -- cgit v1.2.3-24-g4f1b From 3751f9362b731f5f3d2e63176c364d6281fdf415 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 17 Jun 2012 18:07:48 +0300 Subject: Add join() USING support --- system/database/DB_query_builder.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 27f9f363b..4c54b1c0a 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -368,12 +368,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $newcond .= $m[0][$i][0]; } - $cond = $newcond; + $cond = ' ON '.$newcond; } // Split apart the condition and protect the identifiers elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match)) { - $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + } + elseif ( ! $this->_has_operator($cond)) + { + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + } + else + { + $cond = ' ON '.$cond; } // Do we want to escape the table name? @@ -383,7 +391,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // Assemble the JOIN statement - $this->qb_join[] = $join = $type.'JOIN '.$table.' ON '.$cond; + $this->qb_join[] = $join = $type.'JOIN '.$table.$cond; if ($this->qb_caching === TRUE) { -- cgit v1.2.3-24-g4f1b From fad14b25148ca7202a036dc2b764feb0c8518838 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 18 Jun 2012 13:23:24 +0300 Subject: Fix ODBC _limit() --- system/database/drivers/odbc/odbc_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 222c311c0..5ebba7aeb 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -342,7 +342,7 @@ class CI_DB_odbc_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - return $sql.($offset == 0 ? '' : $offset.', ').$limit; + return $sql.' LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 777153d8362ed884fc3d47ea4a5e1fa0f1ce8ca9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 18 Jun 2012 13:30:45 +0300 Subject: Changed limit() and offset() to ignore NULL values --- system/database/DB_query_builder.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4c54b1c0a..d21f15066 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1042,12 +1042,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function limit($value, $offset = NULL) { - $this->qb_limit = (int) $value; - - if ( ! empty($offset)) - { - $this->qb_offset = (int) $offset; - } + is_null($value) OR $this->qb_limit = (int) $value; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } @@ -1062,7 +1058,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function offset($offset) { - $this->qb_offset = (int) $offset; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } -- cgit v1.2.3-24-g4f1b From 2f0dce0fa788c442c85318afc30122afb20a880b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 20 Jun 2012 11:05:01 +0300 Subject: Small adjustment due to 079fbfcde095230f304e889217f897031a948f61 --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 4ec20f45d..a99444167 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1281,7 +1281,7 @@ abstract class CI_DB_driver { if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) { // Found it - use a relative path for safety - $message[] = 'Filename: '.str_replace(array(BASEPATH, APPPATH), '', $call['file']); + $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); $message[] = 'Line Number: '.$call['line']; break; } -- cgit v1.2.3-24-g4f1b From bc69f369eba2f1188be6d89ebd1df8c48e96db5d Mon Sep 17 00:00:00 2001 From: WanWizard Date: Fri, 22 Jun 2012 00:10:11 +0200 Subject: fixed query grouping when using where($array) syntax on request of Phil --- system/database/DB_query_builder.php | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index d21f15066..62e02129b 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -453,8 +453,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); @@ -465,7 +463,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $k = (($op = $this->_get_operator($k)) !== FALSE) ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) @@ -590,8 +588,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return $this; } - $type = $this->_group_get_type($type); - if ( ! is_array($values)) { $values = array($values); @@ -606,7 +602,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } - $prefix = (count($this->qb_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) @@ -702,8 +698,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _like($field, $match = '', $type = 'AND ', $side = 'both', $not = '') { - $type = $this->_group_get_type($type); - if ( ! is_array($field)) { $field = array($field => $match); @@ -712,7 +706,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($field as $k => $v) { $k = $this->protect_identifiers($k); - $prefix = (count($this->qb_like) === 0) ? '' : $type; + $prefix = (count($this->qb_like) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $v = $this->escape_like_str($v); if ($side === 'none') @@ -2393,4 +2387,4 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } /* End of file DB_query_builder.php */ -/* Location: ./system/database/DB_query_builder.php */ \ No newline at end of file +/* Location: ./system/database/DB_query_builder.php */ -- cgit v1.2.3-24-g4f1b From 58803fb365e085401803d4b17a9508ceedde2e20 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 24 Jun 2012 00:45:37 +0300 Subject: Add _where() changes from pull #1517 to the PostgreSQL driver --- system/database/DB_query_builder.php | 6 ++++-- system/database/drivers/postgre/postgre_driver.php | 16 +++++++++------- 2 files changed, 13 insertions(+), 9 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 62e02129b..4631b1b92 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -463,7 +463,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); $k = (($op = $this->_get_operator($k)) !== FALSE) ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) @@ -2387,4 +2389,4 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } /* End of file DB_query_builder.php */ -/* Location: ./system/database/DB_query_builder.php */ +/* Location: ./system/database/DB_query_builder.php */ \ No newline at end of file diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 23826a0ae..b9f60264c 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -399,11 +399,13 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = 'public'"; + $sql = 'SELECT "table_name" FROM "information_schema"."tables" WHERE "table_schema" = \'public\''; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' AND "table_name" LIKE \'' + .$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -421,7 +423,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _list_columns($table = '') { - return "SELECT column_name FROM information_schema.columns WHERE table_name = '".$table."'"; + return 'SELECT "column_name" FROM "information_schema"."columns" WHERE "table_name" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -593,13 +595,11 @@ class CI_DB_postgre_driver extends CI_DB { * @param mixed * @param mixed * @param string + * @param mixed * @return object - * */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); @@ -610,7 +610,9 @@ class CI_DB_postgre_driver extends CI_DB { foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); $k = (($op = $this->_get_operator($k)) !== FALSE) ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) -- cgit v1.2.3-24-g4f1b From 473130a226219dac6ef5c59b625b0e1361b292b3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 24 Jun 2012 02:51:18 +0300 Subject: Minor changes to the MySQL and MySQLi drivers --- system/database/drivers/mysql/mysql_driver.php | 12 ++++++++++-- system/database/drivers/mysqli/mysqli_driver.php | 2 +- 2 files changed, 11 insertions(+), 3 deletions(-) (limited to 'system/database') diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 8938d22b5..4e93e619e 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -64,6 +64,12 @@ class CI_DB_mysql_driver extends CI_DB { */ public $delete_hack = TRUE; + /** + * Constructor + * + * @param array + * @return void + */ public function __construct($params) { parent::__construct($params); @@ -74,6 +80,8 @@ class CI_DB_mysql_driver extends CI_DB { } } + // -------------------------------------------------------------------- + /** * Non-persistent database connection * @@ -335,7 +343,7 @@ class CI_DB_mysql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); if ($prefix_limit !== FALSE && $this->dbprefix !== '') { @@ -355,7 +363,7 @@ class CI_DB_mysql_driver extends CI_DB { * @param string the table name * @return string */ - public function _list_columns($table = '') + protected function _list_columns($table = '') { return 'SHOW COLUMNS FROM '.$this->protect_identifiers($table, TRUE, NULL, FALSE); } diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index d3fb77a22..1b30b6c72 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -335,7 +335,7 @@ class CI_DB_mysqli_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); if ($prefix_limit !== FALSE && $this->dbprefix !== '') { -- cgit v1.2.3-24-g4f1b From 2c35b64fc2b072ce873c56dde0f4bb1e5f404450 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 24 Jun 2012 03:05:26 +0300 Subject: Add a default _limit() method to the Query Builder class --- system/database/DB_query_builder.php | 17 +++++++++++++++++ system/database/drivers/cubrid/cubrid_driver.php | 17 ----------------- system/database/drivers/interbase/interbase_driver.php | 4 ++-- system/database/drivers/mysql/mysql_driver.php | 17 ----------------- system/database/drivers/mysqli/mysqli_driver.php | 18 ------------------ system/database/drivers/oci8/oci8_driver.php | 2 +- system/database/drivers/odbc/odbc_driver.php | 17 ----------------- system/database/drivers/pdo/pdo_driver.php | 13 +++---------- system/database/drivers/postgre/postgre_driver.php | 2 +- system/database/drivers/sqlite/sqlite_driver.php | 17 ----------------- system/database/drivers/sqlite3/sqlite3_driver.php | 17 ----------------- 11 files changed, 24 insertions(+), 117 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4631b1b92..dad1df116 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1060,6 +1060,23 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- + /** + * Limit string + * + * Generates a platform-specific LIMIT clause + * + * @param string the sql query string + * @param int the number of rows to limit the query to + * @param int the offset value + * @return string + */ + protected function _limit($sql, $limit, $offset) + { + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; + } + + // -------------------------------------------------------------------- + /** * The "set" function. * diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index 6b67b7546..7496ee42f 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -436,23 +436,6 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - /** * Close DB Connection * diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php index 5a03607ee..512ee62d2 100644 --- a/system/database/drivers/interbase/interbase_driver.php +++ b/system/database/drivers/interbase/interbase_driver.php @@ -421,12 +421,12 @@ class CI_DB_interbase_driver extends CI_DB { if (stripos($this->version(), 'firebird') !== FALSE) { $select = 'FIRST '. (int) $limit - .($offset > 0 ? ' SKIP '. (int) $offset : ''); + .($offset ? ' SKIP '. (int) $offset : ''); } else { $select = 'ROWS ' - .($offset > 0 ? (int) $offset.' TO '.($limit + $offset) : (int) $limit); + .($offset ? (int) $offset.' TO '.($limit + $offset) : (int) $limit); } return preg_replace('`SELECT`i', 'SELECT '.$select, $sql); diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 4e93e619e..d11f015a6 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -460,23 +460,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - /** * Close DB Connection * diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 1b30b6c72..d1581bf1a 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -454,24 +454,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.$limit - .($offset > 0 ? ' OFFSET '.$offset : ''); - } - - // -------------------------------------------------------------------- - /** * Close DB Connection * diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index e78091614..1f571e586 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -634,7 +634,7 @@ class CI_DB_oci8_driver extends CI_DB { { $this->limit_used = TRUE; return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($offset + $limit).')' - .($offset !== 0 ? ' WHERE rnum >= '.$offset : ''); + .($offset ? ' WHERE rnum >= '.$offset : ''); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 5ebba7aeb..bd5759289 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -330,23 +330,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - /** * Close DB Connection * diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index e25013a52..a3ad46900 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -599,19 +599,12 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - if ($this->pdodriver === 'cubrid' OR $this->pdodriver === 'sqlite') + if ($this->pdodriver === 'pgsql') { - $offset = ($offset == 0) ? '' : $offset.', '; - - return $sql.'LIMIT '.$offset.$limit; + return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : ''); } - else - { - $sql .= 'LIMIT '.$limit; - $sql .= ($offset > 0) ? ' OFFSET '.$offset : ''; - return $sql; - } + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; } } diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index b9f60264c..fd253033b 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -582,7 +582,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - return $sql.' LIMIT '.$limit.($offset == 0 ? '' : ' OFFSET '.$offset); + return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : ''); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index 3305f6030..87be7a54a 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -359,23 +359,6 @@ class CI_DB_sqlite_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - /** * Close DB Connection * diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index bed61891b..1c6533f22 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -352,23 +352,6 @@ class CI_DB_sqlite3_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset ? $offset.',' : '').$limit; - } - - // -------------------------------------------------------------------- - /** * Close DB Connection * -- cgit v1.2.3-24-g4f1b From d3f13670cb79e2225ee871c0a7c78b65ead2f26b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 24 Jun 2012 22:13:21 +0300 Subject: Some changes to the OCI8 (Oracle) driver --- system/database/drivers/oci8/oci8_driver.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'system/database') diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 1f571e586..67bb0403b 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -66,6 +66,8 @@ class CI_DB_oci8_driver extends CI_DB { protected $_count_string = 'SELECT COUNT(1) AS '; protected $_random_keyword = ' ASC'; // not currently supported + protected $_reserved_identifiers = array('*', 'rownum'); + // Set "auto commit" by default public $commit_mode = OCI_COMMIT_ON_SUCCESS; @@ -464,11 +466,12 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SELECT TABLE_NAME FROM ALL_TABLES'; + $sql = 'SELECT "TABLE_NAME" FROM "ALL_TABLES"'; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql." WHERE TABLE_NAME LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' WHERE "TABLE_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -486,7 +489,7 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SELECT COLUMN_NAME FROM all_tab_columns WHERE table_name = \''.$table.'\''; + return 'SELECT "COLUMN_NAME" FROM "all_tab_columns" WHERE "TABLE_NAME" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -501,7 +504,7 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT * FROM '.$table.' WHERE rownum = 1'; + return 'SELECT * FROM '.$this->protect_identifiers($table).' WHERE rownum = 1'; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 70c72c91c87a4e83b672f93410c6790d403f7b58 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jun 2012 00:04:51 +0300 Subject: Some fixes to the SQLSRV and MSSQL drivers --- system/database/drivers/mssql/mssql_driver.php | 34 +++++++----------------- system/database/drivers/sqlsrv/sqlsrv_driver.php | 16 ++++++++--- 2 files changed, 22 insertions(+), 28 deletions(-) (limited to 'system/database') diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 47dc55844..7634be2bb 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -124,7 +124,7 @@ class CI_DB_mssql_driver extends CI_DB { // Determine how identifiers are escaped $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); return $conn_id; @@ -288,7 +288,7 @@ class CI_DB_mssql_driver extends CI_DB { */ public function insert_id() { - $query = (self::_parse_major_version($this->version()) > 7) + $query = version_compare($this->version(), '8', '>=') ? 'SELECT SCOPE_IDENTITY() AS last_id' : 'SELECT @@IDENTITY AS last_id'; @@ -299,23 +299,6 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- - /** - * Parse major version - * - * Grabs the major version number from the - * database server version string passed in. - * - * @param string $version - * @return int major version number - */ - protected function _parse_major_version($version) - { - preg_match('/([0-9]+)\.([0-9]+)\.([0-9]+)/', $version, $ver_info); - return $ver_info[1]; // return the major version b/c that's all we're interested in. - } - - // -------------------------------------------------------------------- - /** * Version number query string * @@ -338,16 +321,17 @@ class CI_DB_mssql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name"; + $sql = 'SELECT '.$this->escape_identifiers('name') + .' FROM '.$this->escape_identifiers('sysobjects') + .' WHERE '.$this->escape_identifiers('type')." = 'U'"; - // for future compatibility if ($prefix_limit !== FALSE AND $this->dbprefix !== '') { - //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); - return FALSE; // not currently supported + $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } - return $sql; + return $sql.' ORDER BY '.$this->escape_identifiers('name'); } // -------------------------------------------------------------------- @@ -377,7 +361,7 @@ class CI_DB_mssql_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT TOP 1 * FROM '.$table; + return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 825c02452..4fdc4aae0 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -91,7 +91,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { // Determine how identifiers are escaped $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); return $conn_id; @@ -284,7 +284,17 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - return "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name"; + $sql = 'SELECT '.$this->escape_identifiers('name') + .' FROM '.$this->escape_identifiers('sysobjects') + .' WHERE '.$this->escape_identifiers('type')." = 'U'"; + + if ($prefix_limit === TRUE && $this->dbprefix !== '') + { + $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_escape_like_str, $this->_escape_like_chr); + } + + return $sql.' ORDER BY '.$this->escape_identifiers('name'); } // -------------------------------------------------------------------- @@ -314,7 +324,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT TOP 1 * FROM '.$table; + return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 5382b1b7c3cbbf4a853b59954fbff5e69ed42234 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jun 2012 01:26:48 +0300 Subject: Fix Interbase _field_data() method --- system/database/drivers/interbase/interbase_driver.php | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'system/database') diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php index 512ee62d2..38d30962c 100644 --- a/system/database/drivers/interbase/interbase_driver.php +++ b/system/database/drivers/interbase/interbase_driver.php @@ -235,7 +235,7 @@ class CI_DB_interbase_driver extends CI_DB { * @param int $inc_by * @return int */ - public function insert_id($generator_name, $inc_by=0) + public function insert_id($generator_name, $inc_by = 0) { //If a generator hasn't been used before it will return 0 return ibase_gen_id('"'.$generator_name.'"', $inc_by); @@ -257,7 +257,8 @@ class CI_DB_interbase_driver extends CI_DB { if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -275,7 +276,7 @@ class CI_DB_interbase_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = \''.$this->escape_str($table)."'"; + return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -290,10 +291,7 @@ class CI_DB_interbase_driver extends CI_DB { */ protected function _field_data($table) { - // Need to find a more efficient way to do this - // but Interbase/Firebird seems to lack the - // limit clause - return 'SELECT * FROM '.$table; + return $this->_limit('SELECT * FROM '.$this->protect_identifiers($table), 1, NULL); } // -------------------------------------------------------------------- @@ -361,7 +359,6 @@ class CI_DB_interbase_driver extends CI_DB { .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : ''); } - // -------------------------------------------------------------------- /** -- cgit v1.2.3-24-g4f1b From 35443c6be9e181bdefe8d3c7851cd305caafde15 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jun 2012 15:34:30 +0300 Subject: Change where() to skip dbprefix (until a better solution is available) --- system/database/DB_query_builder.php | 16 ++++++++++++---- system/database/drivers/postgre/postgre_driver.php | 9 ++++++--- 2 files changed, 18 insertions(+), 7 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index dad1df116..439530714 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -467,9 +467,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ? $this->_group_get_type('') : $this->_group_get_type($type); - $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) + : $this->escape_identifiers($k); + } if (is_null($v) && ! $this->_has_operator($k)) { @@ -604,8 +607,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } + if ($escape === TRUE) + { + $key = $this->escape_identifiers($key); + } + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key, FALSE, $escape).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + $this->qb_where[] = $where_in = $prefix.$key.$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index fd253033b..21968a8dd 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -614,9 +614,12 @@ class CI_DB_postgre_driver extends CI_DB { ? $this->_group_get_type('') : $this->_group_get_type($type); - $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->protect_identifiers(substr($k, 0, strpos($k, $op)), FALSE, $escape).strstr($k, $op) - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) + : $this->escape_identifiers($k); + } if (is_null($v) && ! $this->_has_operator($k)) { -- cgit v1.2.3-24-g4f1b From 40f1404344d09520e91d6d3cb9ccd23b786ca35e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jun 2012 17:54:22 +0300 Subject: Fix issues #1529 & #1530 --- system/database/DB_query_builder.php | 6 +++--- system/database/drivers/postgre/postgre_driver.php | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 439530714..4c43fe3c3 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -470,8 +470,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if ($escape === TRUE) { $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) - : $this->escape_identifiers($k); + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); } if (is_null($v) && ! $this->_has_operator($k)) @@ -609,7 +609,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if ($escape === TRUE) { - $key = $this->escape_identifiers($key); + $key = $this->escape_identifiers(trim($key)); } $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 21968a8dd..e73122bc7 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -617,8 +617,8 @@ class CI_DB_postgre_driver extends CI_DB { if ($escape === TRUE) { $k = (($op = $this->_get_operator($k)) !== FALSE) - ? $this->escape_identifiers(substr($k, 0, strpos($k, $op))).strstr($k, $op) - : $this->escape_identifiers($k); + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); } if (is_null($v) && ! $this->_has_operator($k)) -- cgit v1.2.3-24-g4f1b From eb22d544c4ea1993fcbdad0404ce9ec65d0410be Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Jun 2012 23:16:35 +0300 Subject: Fix get_where() test --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/database') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 4c43fe3c3..3982885e8 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1218,7 +1218,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the offset clause * @return object */ - public function get_where($table = '', $where = null, $limit = null, $offset = null) + public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL) { if ($table !== '') { -- cgit v1.2.3-24-g4f1b From b66664b5decd68de50ae6c239c8d995d6c088d94 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Jun 2012 14:22:10 +0300 Subject: Utilize query()'s return_object parameter --- system/database/DB_driver.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'system/database') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index a99444167..739b25187 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -295,7 +295,7 @@ abstract class CI_DB_driver { * @param array An array of binding data * @return mixed */ - public function query($sql, $binds = FALSE, $return_object = TRUE) + public function query($sql, $binds = FALSE, $return_object = NULL) { if ($sql === '') { @@ -303,6 +303,10 @@ abstract class CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } + elseif ( ! is_bool($return_object)) + { + $return_object = ! $this->is_write_type($sql); + } // Verify table prefix and replace if necessary if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre) @@ -319,7 +323,7 @@ abstract class CI_DB_driver { // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists - if ($this->cache_on === TRUE && stripos($sql, 'SELECT') !== FALSE && $this->_cache_init()) + if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) @@ -328,7 +332,7 @@ abstract class CI_DB_driver { } } - // Save the query for debugging + // Save the query for debugging if ($this->save_queries === TRUE) { $this->queries[] = $sql; @@ -352,7 +356,7 @@ abstract class CI_DB_driver { $error = $this->error(); // Log errors - log_message('error', 'Query error: '.$error['message'] . ' - Invalid query: ' . $sql); + log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql); if ($this->db_debug) { @@ -381,12 +385,10 @@ abstract class CI_DB_driver { // Increment the query counter $this->query_count++; - // Was the query a "write" type? - // If so we'll simply return true - if ($this->is_write_type($sql) === TRUE) + // Will we have a result object instantiated? If not - we'll simply return TRUE + if ($return_object !== TRUE) { - // If caching is enabled we'll auto-cleanup any - // existing files related to this particular URI + // If caching is enabled we'll auto-cleanup any existing files related to this particular URI if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init()) { $this->CACHE->delete(); @@ -396,8 +398,6 @@ abstract class CI_DB_driver { } // Return TRUE if we don't need to create a result object - // Currently only the Oracle driver uses this when stored - // procedures are used if ($return_object !== TRUE) { return TRUE; -- cgit v1.2.3-24-g4f1b