• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
sql is not compiled properly

#11
another error I found.

sending in this code results in
PHP Code:
$this->db->select_sum('amount * quantity''amount'); 

results as
Code:
SUM(`amount *` `quantity`) AS `amount`

the code responsible for the false quotes is

PHP Code:
public function protect_identifiers($item$prefix_single FALSE$protect_identifiers NULL$field_exists TRUE)
.......
 elseif (
$offset strrpos($item' '))
 {
 
$alias = ($protect_identifiers)
 ? 
' '.$this->escape_identifiers(substr($item$offset 1))
 : 
substr($item$offset);
 
$item substr($item0$offset);
 } 

another issue I found that
PHP Code:
public function select_sum($select ''$alias ''
and
PHP Code:
protected function _max_min_avg_sum($select ''$alias ''$type 'MAX'

do not take protect_identifiers as a parameter like many other db functions do but just use the global

$this->_protect_identifiers

Honestly the database layer is need of a general overhaul. I have been looking into this only for 30 minutes and found 3 errors.
In general I must say that the database layer is inconsistent and badly programmed.
Reply

#12
and the solution to the problem with

PHP Code:
$this->db->select_sum('amount * quantity''amount'); 

is change DB_query_builder.php

in function from this
PHP Code:
protected function _max_min_avg_sum($select ''$alias ''$type 'MAX')
{
..... 
 
                $sql 
$type.'('.$this->protect_identifiers(trim($select)).') AS '.$this->escape_identifiers(trim($alias));
.....


to this

PHP Code:
protected function _max_min_avg_sum($select ''$alias ''$type 'MAX')
{
..... 
 
                
//operators such as * will be ignored and not escaped by escape_identifiers function
 
               $sql $type.'(';
 
               foreach(explode(' '$select) as $selNode){
 
                   $sql .= $this->protect_identifiers(trim($selNode));
 
               }
 
               $sql .= ') AS '.$this->escape_identifiers(trim($alias));
.....

Reply

#13
I tested this in CI 3.1.2 and this problem seems to have vanished and is solved now.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.