Ticket #451 (closed Bug: fixed)

Opened 9 months ago

Last modified 9 months ago

Small typo in database drivers

Reported by: alexsancho Owned by: zombor
Priority: major Milestone: 2.2
Component: Libraries:Database Version: SVN HEAD
Keywords: config,bug Cc:

Description

After last changeset some database drivers doesn't work (all except mysqli). The problem is on escape_str function, it references to $this->config variable and it should be $this->db_config.

Despite, after making this change, mysql driver fails when escape variable is set to false in config.

Change History

  Changed 9 months ago by zombor

  • milestone changed from 2.1.2 to 2.2

  Changed 9 months ago by zombor

  • status changed from new to closed
  • resolution set to fixed

Fixed in r2196. If you continue to have problems when escaping is turned off, it is probably due to reserved words being used as column names, such as order.

  Changed 9 months ago by zombor

In addition to the above comment, you will need to escape those columns manually:

$this->db->from('table')->where('order', 3)->get();

In short, don't turn escaping off unless you are prepared for the consequences.

follow-up: ↓ 5   Changed 9 months ago by zombor

well, it took my backticks out...there should be backticks surrounding table and order.

in reply to: ↑ 4 ; follow-up: ↓ 6   Changed 9 months ago by Shadowhand

Replying to zombor:

well, it took my backticks out...there should be backticks surrounding table and order.

Absolutely not. When escaping is off, it's OFF.

in reply to: ↑ 5   Changed 9 months ago by Shadowhand

Replying to Shadowhand:

Replying to zombor:

well, it took my backticks out...there should be backticks surrounding table and order.

Absolutely not. When escaping is off, it's OFF.

Sorry, I mis-read that. When escaping is off, you have to manually escape things. There is NO auto-escaping.

Note: See TracTickets for help on using tickets.