Merge pull request #1312 from franzliedke/patch-53

DB::escape()

Merge pull request #1312 from franzliedke/patch-53
DB::escape()
d0890461 · Taylor Otwell · 62b55ff7 · d7dfd4f9 · d0890461 · d0890461
Commit d0890461 authored Jan 05, 2013 by Taylor Otwell
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 1 deletion

database.php laravel/database.php +13 -0

profiler.php laravel/profiling/profiler.php +1 -1

No files found.
--- a/laravel/database.php
+++ b/laravel/database.php
@@ -124,6 +124,19 @@ class Database {
 	{
 		return new Expression($value);
 	}
+	/**
+	 * Escape a string for usage in a query.
+	 *
+	 * This uses the correct quoting mechanism for the default database connection.
+	 *
+	 * @param  string      $value
+	 * @return string
+	 */
+	public static function escape($value)
+	{
+		return static::connection()->pdo->quote($value);
+	}
 	/**
 	 * Get the profiling data for all queries.

--- a/laravel/profiling/profiler.php
+++ b/laravel/profiling/profiler.php
@@ -145,7 +145,7 @@ class Profiler {
 	{
 		foreach ($bindings as $binding)
 		{
-			$binding = Database::connection()->pdo->quote($binding);
+			$binding = Database::escape($binding);
 			$sql = preg_replace('/\?/', $binding, $sql, 1);
 			$sql = htmlspecialchars($sql);