From d1f181da08cbb747a7353bf84fbaa5d1ab82bd02 Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Thu, 12 Mar 2009 03:20:13 +0000
Subject: Attempt to reduce the chance of replacing text in sql statements that
 is not a table name (but contained in braces) with the database prefix by
 building and maintaining a cache of database tables and prefixes.

---
 core/libraries/MY_Database.php | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

(limited to 'core/libraries')

diff --git a/core/libraries/MY_Database.php b/core/libraries/MY_Database.php
index be0c2ec3..d54ac82b 100644
--- a/core/libraries/MY_Database.php
+++ b/core/libraries/MY_Database.php
@@ -18,6 +18,8 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class Database extends Database_Core {
+  protected $_table_names;
+  
   public function open_paren() {
     $this->where[] = "(";
     return $this;
@@ -56,6 +58,30 @@ class Database extends Database_Core {
 
   public function add_table_prefixes($sql) {
     $prefix = $this->config["table_prefix"];
-    return preg_replace("#{([a-zA-Z0-9_]+)}#", "{$prefix}$1", $sql);
+    if (strpos($sql, "SHOW TABLES") === 0) {
+      /*
+       * Don't ignore "show tables", otherwise we could have a infinite
+       * @todo this may have to be changed if we support more than mysql
+       */
+      return $sql;
+    } else if (strpos($sql, "CREATE TABLE") === 0) {
+      // Creating a new table add it to the table cache.
+      $open_brace = strpos($sql, "{") + 1;
+      $close_brace = strpos($sql, "}", $open_brace);
+      $name = substr($sql, $open_brace, $close_brace - $open_brace);
+      $this->_table_names["{{$name}}"] = "{$prefix}$name";
+    }
+
+    if (!isset($this->_table_names)) {
+      // This should only run once on the first query
+      $this->_table_names =array();
+      $len = strlen($prefix);
+      foreach($this->list_tables() as $table_name) {
+        $naked_name = strpos($table_name, $prefix) !== 0 ? $table_name : substr($table_name, $len);
+        $this->_table_names["{{$naked_name}}"] = $table_name;
+      }
+    }
+    
+    return empty($this->_table_names) ? $sql : strtr($sql, $this->_table_names);
   }
 }
\ No newline at end of file
-- 
cgit v1.2.3