Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix issue #1789

Signed-off-by: Andrey Andreev <narf@bofh.bg>
  • Loading branch information...
commit 2ea33c37e9bfa3ff0e029c18a0d2c9ef05016bf0 1 parent 7bd1690
@narfbg narfbg authored
View
4 system/database/DB_driver.php
@@ -79,6 +79,10 @@
protected $_protect_identifiers = TRUE;
protected $_reserved_identifiers = array('*'); // Identifiers that should NOT be escaped
+ // clause and character used for LIKE escape sequences
+ protected $_like_escape_str = " ESCAPE '%s' ";
+ protected $_like_escape_chr = '!';
+
/**
* The syntax to count rows is slightly different across different
* database engines, so this string appears in each driver and is
View
6 system/database/drivers/cubrid/cubrid_driver.php
@@ -45,10 +45,6 @@ class CI_DB_cubrid_driver extends CI_DB {
// The character used for escaping - no need in CUBRID
protected $_escape_char = '`';
- // clause and character used for LIKE escape sequences - not used in CUBRID
- protected $_like_escape_str = '';
- protected $_like_escape_chr = '';
-
protected $_random_keyword = ' RAND()'; // database specific random keyword
// CUBRID-specific properties
@@ -72,6 +68,8 @@ public function __construct($params)
}
}
+ // --------------------------------------------------------------------
+
/**
* Non-persistent database connection
*
View
4 system/database/drivers/ibase/ibase_driver.php
@@ -45,10 +45,6 @@ class CI_DB_ibase_driver extends CI_DB {
// The character used to escape with
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
protected $_random_keyword = ' Random()'; // database specific random keyword
// Keeps track of the resource for the current transaction
View
4 system/database/drivers/mssql/mssql_driver.php
@@ -45,10 +45,6 @@ class CI_DB_mssql_driver extends CI_DB {
// The character used for escaping
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
protected $_random_keyword = ' NEWID()';
// MSSQL-specific properties
View
4 system/database/drivers/mysql/mysql_driver.php
@@ -45,10 +45,6 @@ class CI_DB_mysql_driver extends CI_DB {
// The character used for escaping
protected $_escape_char = '`';
- // clause and character used for LIKE escape sequences - not used in MySQL
- protected $_like_escape_str = '';
- protected $_like_escape_chr = '\\';
-
protected $_random_keyword = ' RAND()'; // database specific random keyword
/**
View
4 system/database/drivers/mysqli/mysqli_driver.php
@@ -45,10 +45,6 @@ class CI_DB_mysqli_driver extends CI_DB {
// The character used for escaping
protected $_escape_char = '`';
- // clause and character used for LIKE escape sequences - not used in MySQL
- protected $_like_escape_str = '';
- protected $_like_escape_chr = '\\';
-
protected $_random_keyword = ' RAND()'; // database specific random keyword
/**
View
4 system/database/drivers/oci8/oci8_driver.php
@@ -54,10 +54,6 @@ class CI_DB_oci8_driver extends CI_DB {
// The character used for excaping
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
/**
* The syntax to count rows is slightly different across different
* database engines, so this string appears in each driver and is
View
2  system/database/drivers/odbc/odbc_driver.php
@@ -45,9 +45,7 @@ class CI_DB_odbc_driver extends CI_DB {
// the character used to excape - not necessary for ODBC
protected $_escape_char = '';
- // clause and character used for LIKE escape sequences
protected $_like_escape_str = " {escape '%s'} ";
- protected $_like_escape_chr = '!';
protected $_random_keyword;
View
4 system/database/drivers/pdo/pdo_driver.php
@@ -45,10 +45,6 @@ class CI_DB_pdo_driver extends CI_DB {
// The character used to escaping
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
protected $_random_keyword;
public $trans_enabled = FALSE;
View
4 system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php
@@ -44,10 +44,6 @@ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver {
protected $_escape_char = '`';
- // clause and character used for LIKE escape sequences - not used in CUBRID
- protected $_like_escape_str = '';
- protected $_like_escape_chr = '\\';
-
protected $_random_keyword = ' RAND()';
/**
View
4 system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
@@ -44,10 +44,6 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver {
protected $_escape_char = '`';
- // clause and character used for LIKE escape sequences - not used in MySQL
- protected $_like_escape_str = '';
- protected $_like_escape_chr = '\\';
-
protected $_random_keyword = ' RAND()';
/**
View
1  system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php
@@ -46,7 +46,6 @@ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver {
protected $_escape_char = '';
// clause and character used for LIKE escape sequences
- protected $_like_escape_chr = '!';
protected $_like_escape_str = " {escape '%s'} ";
protected $_random_keyword = ' RAND()';
View
4 system/database/drivers/postgre/postgre_driver.php
@@ -44,10 +44,6 @@ class CI_DB_postgre_driver extends CI_DB {
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
protected $_random_keyword = ' RANDOM()'; // database specific random keyword
/**
View
4 system/database/drivers/sqlite/sqlite_driver.php
@@ -45,10 +45,6 @@ class CI_DB_sqlite_driver extends CI_DB {
// The character used to escape with - not needed for SQLite
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
protected $_random_keyword = ' Random()'; // database specific random keyword
/**
View
4 system/database/drivers/sqlite3/sqlite3_driver.php
@@ -46,10 +46,6 @@ class CI_DB_sqlite3_driver extends CI_DB {
// The character used for escaping
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = ' ESCAPE \'%s\' ';
- protected $_like_escape_chr = '!';
-
protected $_random_keyword = ' RANDOM()';
/**
View
4 system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -45,10 +45,6 @@ class CI_DB_sqlsrv_driver extends CI_DB {
// The character used for escaping
protected $_escape_char = '"';
- // clause and character used for LIKE escape sequences
- protected $_like_escape_str = " ESCAPE '%s' ";
- protected $_like_escape_chr = '!';
-
protected $_random_keyword = ' NEWID()';
// SQLSRV-specific properties
View
11 user_guide_src/source/changelog.rst
@@ -312,12 +312,12 @@ Bug fixes for 3.0
- Fixed a bug (#666) - :doc:`Output library <libraries/output>`'s set_content_type() method didn't set the document charset.
- Fixed a bug (#784, #861) - :doc:`Database Forge <database/forge>` method ``create_table()`` used to accept constraints for MSSQL/SQLSRV integer-type columns.
- Fixed a bug (#706) - SQLSRV/MSSSQL didn't escape field names.
-- Fixed a bug (#1452) - protect_identifiers() didn't properly detect identifiers with spaces in their names.
-- Fixed a bug where protect_identifiers() ignored it's extra arguments when the value passed to it is an array.
-- Fixed a bug where _has_operator() didn't detect BETWEEN.
-- Fixed a bug in :doc:`Query Builder <database/query_builder>`'s join() method where it failed with identifiers containing dashes.
+- Fixed a bug (#1452) - ``protect_identifiers()`` didn't properly detect identifiers with spaces in their names.
+- Fixed a bug where ``protect_identifiers()`` ignored it's extra arguments when the value passed to it is an array.
+- Fixed a bug where ``_has_operator()`` didn't detect BETWEEN.
+- Fixed a bug in :doc:`Query Builder <database/query_builder>`'s ``join()`` method where it failed with identifiers containing dashes.
- Fixed a bug (#1264) - :doc:`Database Forge <database/forge>` and :doc:`Database Utilities <database/utilities>` didn't update/reset the databases and tables list cache when a table or a database is created, dropped or renamed.
-- Fixed a bug (#7) - :doc:`Query Builder <database/query_builder>`'s join() method only escaped one set of conditions.
+- Fixed a bug (#7) - :doc:`Query Builder <database/query_builder>`'s ``join()`` method only escaped one set of conditions.
- Fixed a bug (#1321) - Core Exceptions class couldn't find the errors/ folder in some cases.
- Fixed a bug in the File-based :doc:`Cache Library <libraries/caching>` driver's get_metadata() method where a non-existent array key was accessed for the TTL value.
- Fixed a bug (#1202) - :doc:`Encryption Library <libraries/encryption>` encode_from_legacy() didn't set back the encrypt mode on failure.
@@ -343,6 +343,7 @@ Bug fixes for 3.0
- Fixed a bug in SQLSRV's ``affected_rows()`` method where an erroneous function name was used.
- Fixed a bug (#1000) - Change syntax of ``$view_file`` to ``$_ci_view_file`` to prevent being overwritten by application.
- Fixed a bug (#1757) - :doc:`Directory Helper <helpers/directory_helper>` function ``directory_map()`` was skipping files and directories named *0*.
+- Fixed a bug (#1789) - :doc:`Database Library <libraries/database>` method ``escape_str()`` escaped quote characters in LIKE conditions twice under MySQL.
Version 2.1.2
=============
Please sign in to comment.
Something went wrong with that request. Please try again.