diff options
| -rw-r--r-- | README.markdown | 1 | ||||
| -rw-r--r-- | idiorm.php | 7 | ||||
| -rwxr-xr-x | test/test_queries.php | 6 |
3 files changed, 13 insertions, 1 deletions
diff --git a/README.markdown b/README.markdown index 4a361ba..119a540 100644 --- a/README.markdown +++ b/README.markdown @@ -46,6 +46,7 @@ Changelog * Fix last insert ID for PostgreSQL using RETURNING - closes issues #62 and #89 [[laacz](https://github.com/laacz)] * Add `get_last_statement()` - closes issue #84 [[tag](https://github.com/tag)] * Fix when using `set_expr` alone it doesn't trigger query creation - closes issue #90 +* Escape quote symbols in "_quote_identifier_part" - close issue #74 #### 1.2.3 - release 2012-11-28 @@ -1143,7 +1143,12 @@ return $part; } $quote_character = self::$_config['identifier_quote_character']; - return $quote_character . $part . $quote_character; + // double up any identifier quotes to escape them + return $quote_character . + str_replace($quote_character, + $quote_character . $quote_character, + $part + ) . $quote_character; } /** diff --git a/test/test_queries.php b/test/test_queries.php index d30a49f..2a55702 100755 --- a/test/test_queries.php +++ b/test/test_queries.php @@ -327,6 +327,12 @@ Tester::check_equal('Issue #57 - _log_query method raises a warning when query contains "?"', $expected); $widget = ORM::for_table('widget')->find_one(1); + $widget->set('ad`ded', '2013-01-04'); + $widget->save(); + $expected = "UPDATE `widget` SET `ad``ded` = '2013-01-04' WHERE `id` = '1'"; + Tester::check_equal('Issue #74 - escaping quote symbols in "_quote_identifier_part"', $expected); + + $widget = ORM::for_table('widget')->find_one(1); $widget->set_expr('added', 'NOW()'); $widget->save(); $expected = "UPDATE `widget` SET `added` = NOW() WHERE `id` = '1'"; |