[eluser]adamp1[/eluser]
I just tried to pass the following into a query
Code:
$this->db->update('Users',array('group'=>1),array('active'=>NULL));
Now this looks all good to me, but when I looked at the query which was being run I got this:
Code:
UPDATE `Users` SET `group` = `1` WHERE active IS NULL
The problem was
active wasn't escaped. I then replaced it for `active` manually and it worked fine.
So looking into the active record code for _where I found the following lines
Code:
if ( ! is_null($v))
{
if ($escape === TRUE)
{
// exception for "field<=" keys
if ($this->_has_operator($k))
{
$k = preg_replace("/([A-Za-z_0-9]+)/", $this->_protect_identifiers('$1'), $k);
}
else
{
$k = $this->_protect_identifiers($k);
}
}
if ( ! $this->_has_operator($k))
{
$k .= ' =';
}
$v = ' '.$this->escape($v);
}
So as you can see only if the value is not NULL will it escape the column name.