Bug Report

Active Record ‘like’ functions should not add quotes.
Date:	10/13/2008	Severity:	Minor
Status:	Resolved	Reporter:	Pascal Kriete
Version:	1.7.0 SVN
Keywords:	Libraries, Database Class

Description

Relates to bug #4680.

The Active Record _like function was changed to use escape() instead of escape_str(), which will quote the string before adding the wildcard.

Code Sample


$this->db->like('m_path', '12.8.', 'after');

Expected Result

WHERE `m_path` LIKE ‘12.8.%’

Actual Result

WHERE `m_path` LIKE ‘‘12.8.’%’

Comment on Bug Report

Page 1 of 1 pages

Posted by: barbazul on 16 October 2008 12:25am

I confirm this one as a bug.
It happens whether you use “after”, “before” or “” as the third parameter.

The suggested solution seems to work fine, however, it looks as they’re deprecating the escape_str() function (at least it is no longer called anywhere in DB_active_rec.php so an alternative solution using escape() could be:

* Remove the current call to escape() in line 704
* Replace the if…elseif…else structure with:

if ($side == 'before')

{
    $v = $this->escape("%".$v);

    $like_statement = $prefix." $k $not LIKE {$v}";

}

elseif ($side == 'after')

{
    $v = $this->escape($v."%");

    $like_statement = $prefix." $k $not LIKE {$v}";

}

else

{
    $v = $this->escape("%".$v."%");

    $like_statement = $prefix." $k $not LIKE {$v}";

}