Skip to content

Commit

Permalink
Add an optional escape parameter to insert() and insert_batch()
Browse files Browse the repository at this point in the history
"Fixes" #1895
  • Loading branch information
narfbg committed Nov 6, 2012
1 parent a7ddd2d commit bdd9c11
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 7 deletions.
14 changes: 8 additions & 6 deletions system/database/DB_query_builder.php
Original file line number Diff line number Diff line change
Expand Up @@ -1403,13 +1403,14 @@ public function get_where($table = '', $where = NULL, $limit = NULL, $offset = N
*
* @param string $table Table to insert into
* @param array $set An associative array of insert values
* @param bool $escape Whether to escape values and identifiers
* @return int Number of rows inserted or FALSE on failure
*/
public function insert_batch($table = '', $set = NULL)
public function insert_batch($table = '', $set = NULL, $escape = NULL)
{
if ( ! is_null($set))
{
$this->set_insert_batch($set);
$this->set_insert_batch($set, '', $escape);
}

if (count($this->qb_set) === 0)
Expand All @@ -1432,7 +1433,7 @@ public function insert_batch($table = '', $set = NULL)
$affected_rows = 0;
for ($i = 0, $total = count($this->qb_set); $i < $total; $i += 100)
{
$this->query($this->_insert_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), $this->qb_keys, array_slice($this->qb_set, $i, 100)));
$this->query($this->_insert_batch($this->protect_identifiers($table, TRUE, $escape, FALSE), $this->qb_keys, array_slice($this->qb_set, $i, 100)));
$affected_rows += $this->affected_rows();
}

Expand Down Expand Up @@ -1558,13 +1559,14 @@ public function get_compiled_insert($table = '', $reset = TRUE)
*
* @param string the table to insert data into
* @param array an associative array of insert values
* @param bool $escape Whether to escape values and identifiers
* @return object
*/
public function insert($table = '', $set = NULL)
public function insert($table = '', $set = NULL, $escape = NULL)
{
if ( ! is_null($set))
{
$this->set($set);
$this->set($set, '', $escape);
}

if ($this->_validate_insert($table) === FALSE)
Expand All @@ -1574,7 +1576,7 @@ public function insert($table = '', $set = NULL)

$sql = $this->_insert(
$this->protect_identifiers(
$this->qb_from[0], TRUE, NULL, FALSE
$this->qb_from[0], TRUE, $escape, FALSE
),
array_keys($this->qb_set),
array_values($this->qb_set)
Expand Down
2 changes: 1 addition & 1 deletion user_guide_src/source/changelog.rst
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ Release Date: Not Released
- Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern.
- Added the ability to insert objects with ``insert_batch()``.
- Added new methods that return the SQL string of queries without executing them: ``get_compiled_select()``, ``get_compiled_insert()``, ``get_compiled_update()``, ``get_compiled_delete()``.
- Added an optional parameter that allows to disable escaping (useful for custom fields) for methods ``join()``, ``order_by()``, ``where_in()``, ``or_where_in()``, ``where_not_in()``, ``or_where_not_in()``.
- Added an optional parameter that allows to disable escaping (useful for custom fields) for methods ``join()``, ``order_by()``, ``where_in()``, ``or_where_in()``, ``where_not_in()``, ``or_where_not_in()``, ``insert()``, ``insert_batch()``.
- Added support for ``join()`` with multiple conditions.
- Added support for *USING* in ``join()``.
- Changed ``limit()`` to ignore NULL values instead of always casting to integer.
Expand Down

0 comments on commit bdd9c11

Please sign in to comment.