Remove usage of SET NAMES and the deprecated mysql_escape_string() from MySQL/MySQLi drivers
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index 7f4a4f2..0ca8413 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -149,9 +149,7 @@
*/
protected function _db_set_charset($charset, $collation)
{
- return function_exists('mysql_set_charset')
- ? @mysql_set_charset($charset, $this->conn_id)
- : @mysql_query("SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'", $this->conn_id);
+ return @mysql_set_charset($charset, $this->conn_id)
}
// --------------------------------------------------------------------
@@ -289,18 +287,7 @@
return $str;
}
- if (function_exists('mysql_real_escape_string') && is_resource($this->conn_id))
- {
- $str = mysql_real_escape_string($str, $this->conn_id);
- }
- elseif (function_exists('mysql_escape_string'))
- {
- $str = mysql_escape_string($str);
- }
- else
- {
- $str = addslashes($str);
- }
+ $str = is_resource($this->conn_id) ? mysql_real_escape_string($str, $this->conn_id) : addslashes($str);
// escape LIKE condition wildcards
if ($like === TRUE)
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 846ec03..a965e61 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -149,9 +149,7 @@
*/
protected function _db_set_charset($charset, $collation)
{
- return function_exists('mysqli_set_charset')
- ? @mysqli_set_charset($this->conn_id, $charset)
- : @mysqli_query($this->conn_id, "SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'");
+ return @mysqli_set_charset($this->conn_id, $charset)
}
// --------------------------------------------------------------------
@@ -289,18 +287,7 @@
return $str;
}
- if (function_exists('mysqli_real_escape_string') && is_object($this->conn_id))
- {
- $str = mysqli_real_escape_string($this->conn_id, $str);
- }
- elseif (function_exists('mysql_escape_string'))
- {
- $str = mysql_escape_string($str);
- }
- else
- {
- $str = addslashes($str);
- }
+ $str = is_object($this->conn_id) ? mysqli_real_escape_string($this->conn_id, $str) : addslashes($str);
// escape LIKE condition wildcards
if ($like === TRUE)