Fix #3279
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 8d21c5a..fc2d590 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -1733,7 +1733,7 @@
return FALSE;
}
- $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set);
+ $sql = $this->_update($this->qb_from[0], $this->qb_set);
if ($reset === TRUE)
{
@@ -1781,7 +1781,7 @@
$this->limit($limit);
}
- $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set);
+ $sql = $this->_update($this->qb_from[0], $this->qb_set);
$this->_reset_write();
return $this->query($sql);
}
@@ -1798,7 +1798,7 @@
* @param string the table to update data on
* @return bool
*/
- protected function _validate_update($table = '')
+ protected function _validate_update($table)
{
if (count($this->qb_set) === 0)
{
@@ -1807,7 +1807,7 @@
if ($table !== '')
{
- $this->qb_from[0] = $table;
+ $this->qb_from = array($this->protect_identifiers($table, TRUE, NULL, FALSE));
}
elseif ( ! isset($this->qb_from[0]))
{
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 85bf800..22243cf 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -68,6 +68,7 @@
- Fixed a bug (#3778) - :doc:`Download Helper <helpers/download_helper>` function :php:func:`force_download()` incorrectly sent a *Pragma* response header.
- Fixed a bug (#3752) - ``$routing['directory']`` overrides were not properly handled and always resulted in a 404 "Not Found" error.
- Fixed an internal bug in :doc:`Query Builder <database/query_builder>` escaping logic where if field name escaping is force-disabled, methods ``where()`` and ``having()`` will also treat values as fields.
+- Fixed a bug (#3279) - :doc:`Query Builder <database/query_builder>` methods ``update()`` and ``get_compiled_update()`` did double escaping on the table name if it was provided via ``from()``.
Version 3.0.0
=============