Unify escape_str() array input and LIKE logic
Added protected method _escape_str() to deal with quote escaping.
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index be9176e..b64a7a2 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -289,35 +289,16 @@
// --------------------------------------------------------------------
/**
- * Escape String
+ * Platform-dependant string escape
*
- * @param string $str
- * @param bool $like Whether or not the string will be used in a LIKE condition
+ * @param string
* @return string
*/
- public function escape_str($str, $like = FALSE)
+ protected function _escape_str($str)
{
- if (is_array($str))
- {
- foreach ($str as $key => $val)
- {
- $str[$key] = $this->escape_str($val, $like);
- }
-
- return $str;
- }
-
- $str = is_object($this->conn_id) ? $this->conn_id->real_escape_string($str) : addslashes($str);
-
- // escape LIKE condition wildcards
- if ($like === TRUE)
- {
- return str_replace(array($this->_like_escape_chr, '%', '_'),
- array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'),
- $str);
- }
-
- return $str;
+ return is_object($this->conn_id)
+ ? $this->conn_id->real_escape_string($str)
+ : addslashes($str);
}
// --------------------------------------------------------------------