• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Query Builder search parameters with spaces (like) causes fields to not have table pr

#1
I think I have discovered a bug and am looking for a way to fix this.

I am using CI 3.0.1. The problem happens when I have a space in my search parameter for a like query. This causes `items.name` to NOT have a prefix in the where clause.  (It should be `phppos_items`.`name`)

Is this considered a bug or is there a workaround?

ACTIVE RECORD CODE: (Notice search = 'test')

   $search = 'test';
   $this->db->select("items.*,categories.name as category");
   $this->db->from('items');
   $this->db->join('categories', 'categories.id = items.category_id','left');
   $this->db->where('items.deleted',0);
   $this->db->like('items.name', $search);
   $this->db->limit($limit);
   $by_name = $this->db->get();
   
   echo $this->db->last_query();

QUERY RESULT:

   SELECT `phppos_items`.*, `phppos_categories`.`name` as `category`
   FROM `phppos_items`
   LEFT JOIN `phppos_categories` ON `phppos_categories`.`id` = `phppos_items`.`category_id`
   WHERE `phppos_items`.`deleted` =0 AND `phppos_items`.`name` LIKE '%test%' ESCAPE '!' LIMIT 100


ACTIVE RECORD CODE: (notice search is test 2)

   $search = 'test 2';
   $this->db->select("items.*,categories.name as category");
   $this->db->from('items');
   $this->db->join('categories', 'categories.id = items.category_id','left');
   $this->db->where('items.deleted',0);
   $this->db->like('items.name', $search);
   $this->db->limit($limit);
   $by_name = $this->db->get();

Query Result

   SELECT `phppos_items`.*, `phppos_categories`.`name` as `category`
   FROM `phppos_items`
   LEFT JOIN `phppos_categories` ON `phppos_categories`.`id` = `phppos_items`.`category_id`
   WHERE `phppos_items`.`deleted` =0 AND items.name LIKE '%test 2%' ESCAPE '!' LIMIT 100
Reply

#2
Did you try this?

PHP Code:
$this->db->select()

accepts an optional second parameter. If you set it to FALSECodeIgniter will not try to protect your field or table namesThis is useful if you need a compound select statement where automatic escaping of fields may break them
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#3
https://github.com/bcit-ci/CodeIgniter/issues/4086
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.