Some fixes to the SQLSRV and MSSQL drivers
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 825c024..4fdc4aa 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -91,7 +91,7 @@
// Determine how identifiers are escaped
$query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi');
$query = $query->row_array();
- $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi;
+ $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi'];
$this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']');
return $conn_id;
@@ -284,7 +284,17 @@
*/
protected function _list_tables($prefix_limit = FALSE)
{
- return "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name";
+ $sql = 'SELECT '.$this->escape_identifiers('name')
+ .' FROM '.$this->escape_identifiers('sysobjects')
+ .' WHERE '.$this->escape_identifiers('type')." = 'U'";
+
+ if ($prefix_limit === TRUE && $this->dbprefix !== '')
+ {
+ $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' "
+ .sprintf($this->_escape_like_str, $this->_escape_like_chr);
+ }
+
+ return $sql.' ORDER BY '.$this->escape_identifiers('name');
}
// --------------------------------------------------------------------
@@ -314,7 +324,7 @@
*/
protected function _field_data($table)
{
- return 'SELECT TOP 1 * FROM '.$table;
+ return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table);
}
// --------------------------------------------------------------------