Unify escape_str() array input and LIKE logic
Added protected method _escape_str() to deal with quote escaping.
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 8c98a87..1e5e8c6 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1004,12 +1004,46 @@
// --------------------------------------------------------------------
/**
+ * Escape String
+ *
+ * @param string $str
+ * @param bool $like Whether or not the string will be used in a LIKE condition
+ * @return string
+ */
+ public function escape_str($str, $like = FALSE)
+ {
+ if (is_array($str))
+ {
+ foreach ($str as $key => $val)
+ {
+ $str[$key] = $this->escape_str($val, $like);
+ }
+
+ return $str;
+ }
+
+ $str = $this->_escape_str($str);
+
+ // escape LIKE condition wildcards
+ if ($like === TRUE)
+ {
+ return str_replace(array($this->_like_escape_chr, '%', '_'),
+ array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
+ $str);
+ }
+
+ return $str;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Escape LIKE String
*
* Calls the individual driver for platform
* specific escaping for LIKE conditions
*
- * @param string
+ * @param string|string[]
* @return mixed
*/
public function escape_like_str($str)
@@ -1020,6 +1054,19 @@
// --------------------------------------------------------------------
/**
+ * Platform-dependant string escape
+ *
+ * @param string
+ * @return string
+ */
+ protected function _escape_str($str)
+ {
+ return str_replace("'", "''", remove_invisible_characters($str));
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Primary
*
* Retrieves the primary key. It assumes that the row in the first