• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Backticks not added when using custom operator (v1.6.2)

#1
[eluser]Unknown[/eluser]
in my code (where CI is a codeigniter instance)

$this->CI->db->where("left >", (int)$record[$this->left_column]);

produces: ...WHERE left > 11...

$this->CI->db->where("left", (int)$record[$this->left_column]);

produces: ...WHERE `left` = 11...

In the former case, where I am using a custom operator the backticks are not produced and I have to insert them myself. This seems to be fairly inconsistent and inconvenient. Please consider fixing this.

Suggested fix:
change line 444 in DB_active_rec.php from
$k = preg_replace("/([A-Za-z_0-9]+)/", $this->_protect_identifiers('$1'), $k);
to
$k = preg_replace("/([A-Za-z_0-9]+)/e", '$this->_protect_identifiers("\\1")', $k);

#2
[eluser]adwin[/eluser]
i think backtick is okay with sql query. it can help you to solve some problem.

here is my example:
I have a table which has field called 'delete', it just a boolean to check whether the record deleted or not (not real delete record but delete by flag only). if you try to do this query : select * from mytable where delete = 'N' ; --> it will produce error .. but if the backtick used then it will the normal query.

#3
[eluser]Unknown[/eluser]
Right,
backticks are good
and the library DOES NOT ADD backticks when operators such as > or < are used. It is a problem causing inconsistencies in the formatting of queries when both custom operators and equality is mixed. Try doing something like $this->db->where('field1', $value)->where('field2 >', $value2); and it will add backticks to field1 but not field2 producing an illegal query.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.