From a9afe1e3970d7a820fcff7abedd1acc8180fa603 Mon Sep 17 00:00:00 2001 From: David Grudl Date: Mon, 16 Mar 2009 05:47:20 +0000 Subject: [PATCH] - improved binary escaping --- dibi/drivers/mysql.php | 4 +++- dibi/drivers/mysqli.php | 4 +++- dibi/drivers/sqlite.php | 10 ++++++++++ dibi/libs/DibiDataSource.php | 2 +- 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/dibi/drivers/mysql.php b/dibi/drivers/mysql.php index 65e0709d..79b1f05e 100644 --- a/dibi/drivers/mysql.php +++ b/dibi/drivers/mysql.php @@ -281,9 +281,11 @@ class DibiMySqlDriver extends DibiObject implements IDibiDriver { switch ($type) { case dibi::FIELD_TEXT: - case dibi::FIELD_BINARY: return "'" . mysql_real_escape_string($value, $this->connection) . "'"; + case dibi::FIELD_BINARY: + return "_binary'" . mysql_real_escape_string($value, $this->connection) . "'"; + case dibi::IDENTIFIER: // @see http://dev.mysql.com/doc/refman/5.0/en/identifiers.html $value = str_replace('`', '``', $value); diff --git a/dibi/drivers/mysqli.php b/dibi/drivers/mysqli.php index b0fa1043..a9bdfbec 100644 --- a/dibi/drivers/mysqli.php +++ b/dibi/drivers/mysqli.php @@ -265,9 +265,11 @@ class DibiMySqliDriver extends DibiObject implements IDibiDriver { switch ($type) { case dibi::FIELD_TEXT: - case dibi::FIELD_BINARY: return "'" . mysqli_real_escape_string($this->connection, $value) . "'"; + case dibi::FIELD_BINARY: + return "_binary'" . mysqli_real_escape_string($this->connection, $value) . "'"; + case dibi::IDENTIFIER: $value = str_replace('`', '``', $value); return '`' . str_replace('.', '`.`', $value) . '`'; diff --git a/dibi/drivers/sqlite.php b/dibi/drivers/sqlite.php index cbe7006b..df567fc6 100644 --- a/dibi/drivers/sqlite.php +++ b/dibi/drivers/sqlite.php @@ -231,6 +231,16 @@ class DibiSqliteDriver extends DibiObject implements IDibiDriver case dibi::FIELD_BINARY: return "'" . sqlite_escape_string($value) . "'"; + /*case dibi::FIELD_BINARY: // SQLite 3 + static $hex = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'); + $value = (string) $value; + $len = strlen($value); + $res = "X'"; + for ($i = 0; $i < $len; $i++) { + $res .= $hex[ord($value[$i]) >> 4] . $hex[ord($value[$i]) & 15]; + } + return $res . "'";*/ + case dibi::IDENTIFIER: return '[' . str_replace('.', '].[', strtr($value, '[]', ' ')) . ']'; diff --git a/dibi/libs/DibiDataSource.php b/dibi/libs/DibiDataSource.php index 213dd867..6a81733a 100644 --- a/dibi/libs/DibiDataSource.php +++ b/dibi/libs/DibiDataSource.php @@ -293,7 +293,7 @@ class DibiDataSource extends DibiObject implements IDataSource return $this->connection->sql(' SELECT %n', (empty($this->cols) ? '*' : $this->cols), ' FROM %SQL', $this->sql, ' - WHERE %and', $this->conds, ' + %ex', $this->conds ? array('WHERE %and', $this->conds) : NULL, ' %ex', $this->sorting ? array('ORDER BY %by', $this->sorting) : NULL, ' %ofs %lmt', $this->offset, $this->limit );