From a4ad9166c79664b5428edb53136f3a74cf6f8370 Mon Sep 17 00:00:00 2001 From: Jamie Burchell Date: Thu, 16 May 2024 09:51:46 +0100 Subject: [PATCH] Fix usage of static variables --- system/database/DB_driver.php | 44 ++++++++++++++++++++-------- system/database/DB_query_builder.php | 15 ++++++---- 2 files changed, 41 insertions(+), 18 deletions(-) diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index de03a418567..743ab460a02 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -338,6 +338,20 @@ abstract class CI_DB_driver { */ protected $_like_escape_chr = '!'; + /** + * RegExp used to escape identifiers + * + * @var array + */ + protected $_preg_escape_char = array(); + + /** + * RegExp used to get operators + * + * @var string[] + */ + protected $_preg_operators = array(); + /** * ORDER BY random keyword * @@ -1353,13 +1367,11 @@ public function escape_identifiers($item, $split = TRUE) return $item; } - static $preg_ec; - - if (empty($preg_ec)) + if (empty($this->_preg_escape_char)) { if (is_array($this->_escape_char)) { - $preg_ec = array( + $this->_preg_escape_char = array( preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1]), $this->_escape_char[0], @@ -1368,8 +1380,8 @@ public function escape_identifiers($item, $split = TRUE) } else { - $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); - $preg_ec[2] = $preg_ec[3] = $this->_escape_char; + $this->_preg_escape_char[0] = $this->_preg_escape_char[1] = preg_quote($this->_escape_char); + $this->_preg_escape_char[2] = $this->_preg_escape_char[3] = $this->_escape_char; } } @@ -1377,13 +1389,21 @@ public function escape_identifiers($item, $split = TRUE) { if (strpos($item, '.'.$id) !== FALSE) { - return preg_replace('#'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\.#i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); + return preg_replace( + '#'.$this->_preg_escape_char[0].'?([^'.$this->_preg_escape_char[1].'\.]+)'.$this->_preg_escape_char[1].'?\.#i', + $this->_preg_escape_char[2].'$1'.$this->_preg_escape_char[3].'.', + $item + ); } } $dot = ($split !== FALSE) ? '\.' : ''; - return preg_replace('#'.$preg_ec[0].'?([^'.$preg_ec[1].$dot.']+)'.$preg_ec[1].'?(\.)?#i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); + return preg_replace( + '#'.$this->_preg_escape_char[0].'?([^'.$this->_preg_escape_char[1].$dot.']+)'.$this->_preg_escape_char[1].'?(\.)?#i', + $this->_preg_escape_char[2].'$1'.$this->_preg_escape_char[3].'$2', + $item + ); } // -------------------------------------------------------------------- @@ -1502,14 +1522,12 @@ protected function _has_operator($str) */ protected function _get_operator($str) { - static $_operators; - - if (empty($_operators)) + if (empty($this->_preg_operators)) { $_les = ($this->_like_escape_str !== '') ? '\s+'.preg_quote(trim(sprintf($this->_like_escape_str, $this->_like_escape_chr)), '/') : ''; - $_operators = array( + $this->_preg_operators = array( '\s*(?:<|>|!)?=\s*', // =, <=, >=, != '\s*<>?\s*', // <, <> '\s*>\s*', // > @@ -1527,7 +1545,7 @@ protected function _get_operator($str) } - return preg_match('/'.implode('|', $_operators).'/i', $str, $match) + return preg_match('/'.implode('|', $this->_preg_operators).'/i', $str, $match) ? $match[0] : FALSE; } diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index e57333ff963..6bf3b7f13bc 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -271,6 +271,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected $qb_cache_no_escape = array(); + /** + * Strings that determine if a string represents a literal value or a field name + * + * @var string[] + */ + protected $is_literal_str = array(); + // -------------------------------------------------------------------- /** @@ -2787,15 +2794,13 @@ protected function _is_literal($str) return TRUE; } - static $_str; - - if (empty($_str)) + if (empty($this->is_literal_str)) { - $_str = ($this->_escape_char !== '"') + $this->is_literal_str = ($this->_escape_char !== '"') ? array('"', "'") : array("'"); } - return in_array($str[0], $_str, TRUE); + return in_array($str[0], $this->is_literal_str, TRUE); } // --------------------------------------------------------------------