From 3f6b2adefd3fe5c0ffc13656befb24305203e450 Mon Sep 17 00:00:00 2001
From: Alexander Demidov <dimti@bk.ru>
Date: Thu, 26 Sep 2013 10:46:30 +0400
Subject: [PATCH] SqlDbDriver quote identifier - add checking for string as
 placeholder.

---
 model/SqlDbDriver.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/model/SqlDbDriver.php b/model/SqlDbDriver.php
index d45119a..e555c19 100644
--- a/model/SqlDbDriver.php
+++ b/model/SqlDbDriver.php
@@ -110,7 +110,9 @@ abstract class SqlDbDriver extends DbDriver
     {
         $ident = explode('.', $ident);
         foreach ($ident as &$segment) {
-            $segment = $this->identifier_quote . $segment . $this->identifier_quote;
+            if (!preg_match('/(\?|:[A-z0-9_]+)/u', $segment)) {
+                $segment = $this->identifier_quote . $segment . $this->identifier_quote;
+            }
         }
         return implode('.', $ident);
     }
@@ -141,7 +143,7 @@ abstract class SqlDbDriver extends DbDriver
         foreach ($where as $cond => &$term) {
             if (is_int($cond)) {
                 if (is_int($term)) {
-                    throw new ErrorException('Condition in where expression as integer. Dangerous. ' . $term);
+                    throw new ErrorException('Condition in where expression as integer. ' . $term);
                 }
                 if ($term instanceof DbExpr) {
                     $term = (string) $term;