From 6a6b3f90f36293a40cba091c3ac387abb64f3c1a Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Mon, 14 May 2012 21:54:41 -0700
Subject: Verify that where() clauses are well formed.  Fixes #1865.

---
 system/libraries/Database_Builder.php | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'system')

diff --git a/system/libraries/Database_Builder.php b/system/libraries/Database_Builder.php
index e86ce379..553ffd98 100644
--- a/system/libraries/Database_Builder.php
+++ b/system/libraries/Database_Builder.php
@@ -190,6 +190,8 @@ class Database_Builder_Core {
 		{
 			foreach ($columns as $column)
 			{
+                                if (count($column) != 3)
+                                        throw new Database_Exception('Column triplets require a column, op and value');
 				$this->where[] = array('AND' => $column);
 			}
 		}
@@ -216,6 +218,8 @@ class Database_Builder_Core {
 		{
 			foreach ($columns as $column)
 			{
+                                if (count($column) != 3)
+                                        throw new Database_Exception('Column triplets require a column, op and value');
 				$this->where[] = array('OR' => $column);
 			}
 		}
@@ -422,6 +426,8 @@ class Database_Builder_Core {
 		{
 			foreach ($columns as $column)
 			{
+                                if (count($column) != 3)
+                                        throw new Database_Exception('Column triplets require a column, op and value');
 				$this->having[] = array('AND' => $column);
 			}
 		}
@@ -447,6 +453,8 @@ class Database_Builder_Core {
 		{
 			foreach ($columns as $column)
 			{
+                                if (count($column) != 3)
+                                        throw new Database_Exception('Column triplets require a column, op and value');
 				$this->having[] = array('OR' => $column);
 			}
 		}
-- 
cgit v1.2.3