Welcome Guest, Not a member yet? Register   Sign In
Active Record - having not applying quotes to strings properly
#1

[eluser]darkhouse[/eluser]
I was having an issue with $this->db->having() not setting quotes to a string properly. I was doing:

Code:
$this->db->having('end_date >=', date('Y-m-d'));

And it would write the sql without quotes around the date, like

HAVING `end_date` >= 2010-10-14

which obviously doesn't work (doesn't throw an error, just doesn't do what you want).

Since the having and where functions of active record are quite similar, I decided to see what was causing the problem. I noticed that in DB_active_rec.php the _where method was using
Code:
$v = ' '.$this->escape($v);
but the _having method was using
Code:
$v = ' '.$this->escape_str($v);

The escape method (in DB_driver.php) checks to see if the data passed to it is a string, and if so calls escape_str(). I'm not sure why _having was set to use escape_str instead of escape, but I changed it to be the same as _where and it works how I intended so I thought I'd share.

Happy coding.
#2

[eluser]PV-Patrick[/eluser]
Has this been fixed or acknowledged as a bug/issue by CI? This is still an issue in 2.0.2 as far as I can see, is the above fix the correct way?
#3

[eluser]darkhouse[/eluser]
I haven't looked into it since. I think the reason it's not done that way is due to the fact that HAVING statements often use aggregates. There is an easy way around it though without modifying the source. Just throw a FALSE in the 3rd paramater of $this->db->having('end_date >=', "'".date('Y-m-d).'", FALSE); and that will give you the quotes around your date and not escape them.

Maybe I'll follow up with Phil and see what he thinks about the initial issue.
#4

[eluser]darkhouse[/eluser]
i have submitted a pull request for this. We'll see what happens.




Theme © iAndrew 2016 - Forum software by © MyBB