Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / fa2a0c58eb0f6421e3819df8a8873b5a5e4ebb58^! / .
commitfa2a0c58eb0f6421e3819df8a8873b5a5e4ebb58[log] [tgz]
authorAndrey Andreev <narf@devilix.net>Fri Oct 13 17:04:35 2017 +0300
committerAndrey Andreev <narf@devilix.net>Fri Oct 13 17:04:35 2017 +0300
tree2f14da1862f0f4a30796f5c8d72b3caf1669f776
parentc54fd9116d49714390aa109cead0545c80ebb057 [diff]
Fix #5297

diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 0b13a2f..c18701d 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php

@@ -1926,15 +1926,19 @@
 					$i++;
 				}
 
+				// dbprefix may've already been applied, with or without the identifier escaped
+				$ec = '(?<ec>'.preg_quote(is_array($this->_escape_char) ? $this->_escape_char[0] : $this->_escape_char).')?';
+				isset($ec[0]) && $ec .= '?'; // Just in case someone has disabled escaping by forcing an empty escape character
+
 				// Verify table prefix and replace if necessary
-				if ($this->swap_pre !== '' && strpos($parts[$i], $this->swap_pre) === 0)
+				if ($this->swap_pre !== '' && preg_match('#^'.$ec.preg_quote($this->swap_pre).'#', $parts[$i]))
 				{
-					$parts[$i] = preg_replace('/^'.$this->swap_pre.'(\S+?)/', $this->dbprefix.'\\1', $parts[$i]);
+					$parts[$i] = preg_replace('#^'.$ec.preg_quote($this->swap_pre).'(\S+?)#', '\\1'.$this->dbprefix.'\\2', $parts[$i]);
 				}
 				// We only add the table prefix if it does not already exist
-				elseif (strpos($parts[$i], $this->dbprefix) !== 0)
+				else
 				{
-					$parts[$i] = $this->dbprefix.$parts[$i];
+					preg_match('#^'.$ec.preg_quote($this->dbprefix).'#', $parts[$i]) OR $parts[$i] = $this->dbprefix.$parts[$i];
 				}
 
 				// Put the parts back together

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index c762df7..d222e17 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst

@@ -14,6 +14,7 @@
 -  Fixed a regression where :doc:`Database Results <database/results>` method ``field_data()`` returned incorrect type names.
 -  Fixed a bug (#5278) - :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` didn't detect trailing slashes in URLs.
 -  Fixed a regression (#5282) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` breaks ``ORDER BY`` clauses for subsequent queries.
+-  Fixed a bug (#5279) - :doc:`Query Builder <database/query_builder>` didn't account for already escaped identifiers while applying database name prefixes.
 
 Version 3.1.6
 =============