diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 89c682b6c13..18398b64b74 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -339,6 +339,20 @@ abstract class CI_DB_driver { */ protected $_like_escape_chr = '!'; + /** + * RegExp used to escape identifiers + * + * @var array + */ + protected $_preg_escape_char = array(); + + /** + * RegExp used to get operators + * + * @var string[] + */ + protected $_preg_operators = array(); + /** * ORDER BY random keyword * @@ -1415,13 +1429,11 @@ public function escape_identifiers($item) return $item; } - static $preg_ec = array(); - - if (empty($preg_ec)) + if (empty($this->_preg_escape_char)) { if (is_array($this->_escape_char)) { - $preg_ec = array( + $this->_preg_escape_char = array( preg_quote($this->_escape_char[0], '/'), preg_quote($this->_escape_char[1], '/'), $this->_escape_char[0], @@ -1430,8 +1442,8 @@ public function escape_identifiers($item) } else { - $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char, '/'); - $preg_ec[2] = $preg_ec[3] = $this->_escape_char; + $this->_preg_escape_char[0] = $this->_preg_escape_char[1] = preg_quote($this->_escape_char, '/'); + $this->_preg_escape_char[2] = $this->_preg_escape_char[3] = $this->_escape_char; } } @@ -1439,11 +1451,11 @@ public function escape_identifiers($item) { if (strpos($item, '.'.$id) !== FALSE) { - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); + return preg_replace('/'.$this->_preg_escape_char[0].'?([^'.$this->_preg_escape_char[1].'\.]+)'.$this->_preg_escape_char[1].'?\./i', $this->_preg_escape_char[2].'$1'.$this->_preg_escape_char[3].'.', $item); } } - return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); + return preg_replace('/'.$this->_preg_escape_char[0].'?([^'.$this->_preg_escape_char[1].'\.]+)'.$this->_preg_escape_char[1].'?(\.)?/i', $this->_preg_escape_char[2].'$1'.$this->_preg_escape_char[3].'$2', $item); } // -------------------------------------------------------------------- @@ -1562,14 +1574,12 @@ protected function _has_operator($str) */ protected function _get_operator($str) { - static $_operators; - - if (empty($_operators)) + if (empty($this->_preg_operators)) { $_les = ($this->_like_escape_str !== '') ? '\s+'.preg_quote(trim(sprintf($this->_like_escape_str, $this->_like_escape_chr)), '/') : ''; - $_operators = array( + $this->_preg_operators = array( '\s*(?:<|>|!)?=\s*', // =, <=, >=, != '\s*<>?\s*', // <, <> '\s*>\s*', // > @@ -1587,7 +1597,7 @@ protected function _get_operator($str) } - return preg_match('/'.implode('|', $_operators).'/i', $str, $match) + return preg_match('/'.implode('|', $this->_preg_operators).'/i', $str, $match) ? $match[0] : FALSE; } diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index cc0e073437a..3ff7f40c991 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -271,6 +271,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected $qb_cache_no_escape = array(); + /** + * Strings that determine if a string represents a literal value or a field name + * + * @var string[] + */ + protected $is_literal_str = array(); + // -------------------------------------------------------------------- /** @@ -2715,15 +2722,13 @@ protected function _is_literal($str) return TRUE; } - static $_str; - - if (empty($_str)) + if (empty($this->is_literal_str)) { - $_str = ($this->_escape_char !== '"') + $this->is_literal_str = ($this->_escape_char !== '"') ? array('"', "'") : array("'"); } - return in_array($str[0], $_str, TRUE); + return in_array($str[0], $this->is_literal_str, TRUE); } // --------------------------------------------------------------------