Skip to content
Browse files

Fix issue #2015

  • Loading branch information...
1 parent d337a26 commit 3a5efc291ac17a8a9886be25f6b430796969d154 @narfbg narfbg committed Nov 20, 2012
View
2 system/database/DB_driver.php
@@ -985,7 +985,7 @@ public function last_query()
*/
public function escape($str)
{
- if (is_string($str) OR method_exists($str, '__toString'))
+ if (is_string($str) OR (is_object($str) && method_exists($str, '__toString')))
{
return "'".$this->escape_str($str)."'";
}
View
17 system/database/DB_query_builder.php
@@ -644,24 +644,23 @@ protected function _wh($qb_key, $key, $value = NULL, $type = 'AND ', $escape = N
? $this->_group_get_type('')
: $this->_group_get_type($type);
- if (is_null($v) && ! $this->_has_operator($k))
- {
- // value appears not to have been set, assign the test to IS NULL
- $k .= ' IS NULL';
- }
-
if ( ! is_null($v))
{
if ($escape === TRUE)
{
- $v = ' '.(is_int($v) ? $v : $this->escape($v));
+ $v = ' '.$this->escape($v);
}
if ( ! $this->_has_operator($k))
{
$k .= ' = ';
}
}
+ elseif ( ! $this->_has_operator($k))
+ {
+ // value appears not to have been set, assign the test to IS NULL
+ $k .= ' IS NULL';
+ }
$this->{$qb_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape);
if ($this->qb_caching === TRUE)
@@ -2540,7 +2539,7 @@ protected function _is_literal($str)
{
$str = trim($str);
- if (empty($str))
+ if (empty($str) OR ctype_digit($str) OR (string) (float) $str === $str OR in_array(strtoupper($str), array('TRUE', 'FALSE'), TRUE))
{
return TRUE;
}
@@ -2553,7 +2552,7 @@ protected function _is_literal($str)
? array('"', "'") : array("'");
}
- return (ctype_digit($str) OR in_array($str[0], $_str, TRUE));
+ return in_array($str[0], $_str, TRUE);
}
// --------------------------------------------------------------------
View
105 system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php
@@ -110,6 +110,26 @@ public function insert_id($name = NULL)
// --------------------------------------------------------------------
/**
+ * "Smart" Escape String
+ *
+ * Escapes data based on type
+ *
+ * @param string $str
+ * @return mixed
+ */
+ public function escape($str)
+ {
+ if (is_bool($str))
+ {
+ return ($str) ? 'TRUE' : 'FALSE';
+ }
+
+ return parent::escape($str);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* ORDER BY
*
* @param string $orderby
@@ -311,91 +331,6 @@ protected function _limit($sql)
return $sql.' LIMIT '.$this->qb_limit.($this->qb_offset ? ' OFFSET '.$this->qb_offset : '');
}
- // --------------------------------------------------------------------
-
- /**
- * WHERE, HAVING
- *
- * Called by where(), or_where(), having(), or_having()
- *
- * @param string 'qb_where' or 'qb_having'
- * @param mixed
- * @param mixed
- * @param string
- * @param bool
- * @return object
- */
- protected function _wh($qb_key, $key, $value = NULL, $type = 'AND ', $escape = NULL)
- {
- $qb_cache_key = ($qb_key === 'qb_having') ? 'qb_cache_having' : 'qb_cache_where';
-
- if ( ! is_array($key))
- {
- $key = array($key => $value);
- }
-
- // If the escape value was not set will will base it on the global setting
- is_bool($escape) OR $escape = $this->_protect_identifiers;
-
- foreach ($key as $k => $v)
- {
- $prefix = (count($this->$qb_key) === 0 && count($this->$qb_cache_key) === 0)
- ? $this->_group_get_type('')
- : $this->_group_get_type($type);
-
- if (is_null($v) && ! $this->_has_operator($k))
- {
- // value appears not to have been set, assign the test to IS NULL
- $k .= ' IS NULL';
- }
-
- if ( ! is_null($v))
- {
- if (is_bool($v))
- {
- $v = ' '.($v ? 'TRUE' : 'FALSE');
- }
- elseif ($escape === TRUE)
- {
- $v = ' '.(is_int($v) ? $v : $this->escape($v));
- }
-
- if ( ! $this->_has_operator($k))
- {
- $k .= ' = ';
- }
- }
-
- $this->{$qb_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape);
- if ($this->qb_caching === TRUE)
- {
- $this->{$qb_cache_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape);
- $this->qb_cache_exists[] = substr($qb_key, 3);
- }
-
- }
-
- return $this;
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Is literal
- *
- * Determines if a string represents a literal value or a field name
- *
- * @param string $str
- * @return bool
- */
- protected function _is_literal($str)
- {
- $str = trim($str);
-
- return (empty($str) OR ctype_digit($str) OR $str[0] === "'" OR in_array($str, array('TRUE', 'FALSE'), TRUE));
- }
-
-
}
/* End of file pdo_pgsql_driver.php */
View
85 system/database/drivers/postgre/postgre_driver.php
@@ -337,7 +337,6 @@ public function escape_str($str, $like = FALSE)
* "Smart" Escape String
*
* Escapes data based on type
- * Sets boolean and null types
*
* @param string $str
* @return mixed
@@ -632,90 +631,6 @@ protected function _limit($sql)
// --------------------------------------------------------------------
/**
- * WHERE, HAVING
- *
- * Called by where(), or_where(), having(), or_having()
- *
- * @param string 'qb_where' or 'qb_having'
- * @param mixed
- * @param mixed
- * @param string
- * @param bool
- * @return object
- */
- protected function _wh($qb_key, $key, $value = NULL, $type = 'AND ', $escape = NULL)
- {
- $qb_cache_key = ($qb_key === 'qb_having') ? 'qb_cache_having' : 'qb_cache_where';
-
- if ( ! is_array($key))
- {
- $key = array($key => $value);
- }
-
- // If the escape value was not set will will base it on the global setting
- is_bool($escape) OR $escape = $this->_protect_identifiers;
-
- foreach ($key as $k => $v)
- {
- $prefix = (count($this->$qb_key) === 0 && count($this->$qb_cache_key) === 0)
- ? $this->_group_get_type('')
- : $this->_group_get_type($type);
-
- if (is_null($v) && ! $this->_has_operator($k))
- {
- // value appears not to have been set, assign the test to IS NULL
- $k .= ' IS NULL';
- }
-
- if ( ! is_null($v))
- {
- if (is_bool($v))
- {
- $v = ' '.($v ? 'TRUE' : 'FALSE');
- }
- elseif ($escape === TRUE)
- {
- $v = ' '.(is_int($v) ? $v : $this->escape($v));
- }
-
- if ( ! $this->_has_operator($k))
- {
- $k .= ' = ';
- }
- }
-
- $this->{$qb_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape);
- if ($this->qb_caching === TRUE)
- {
- $this->{$qb_cache_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape);
- $this->qb_cache_exists[] = substr($qb_key, 3);
- }
-
- }
-
- return $this;
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Is literal
- *
- * Determines if a string represents a literal value or a field name
- *
- * @param string $str
- * @return bool
- */
- protected function _is_literal($str)
- {
- $str = trim($str);
-
- return (empty($str) OR ctype_digit($str) OR $str[0] === "'" OR in_array($str, array('TRUE', 'FALSE'), TRUE));
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void

0 comments on commit 3a5efc2

Please sign in to comment.
Something went wrong with that request. Please try again.