Merge pull request #264 from avbdr/master

fixes

Author: avbdr

MysqliDb.php

@@ -285,9 +285,6 @@ public function rawQuery ($query, $bindParams = null, $sanitize = true)
     {
         $params = array(''); // Create the empty 0 index
         $this->_query = $query;
-        if ($sanitize)
-            $this->_query = filter_var ($query, FILTER_SANITIZE_STRING,
-                                    FILTER_FLAG_NO_ENCODE_QUOTES);
         $stmt = $this->_prepareQuery();
 
         if (is_array($bindParams) === true) {
@@ -921,21 +918,18 @@ protected function _buildTableData ($tableData) {
         if (!is_array ($tableData))
             return;
 
-        $isInsert = strpos ($this->_query, 'INSERT');
-        $isUpdate = strpos ($this->_query, 'UPDATE');
-
-        if ($isInsert !== false) {
-            $this->_query .= ' (`' . implode(array_keys($tableData), '`, `') . '`)';
-            $this->_query .= ' VALUES (';
-        } else
+        $isInsert = preg_match ('/^[INSERT|REPLACE]/', $this->_query);
+        if ($isInsert)
+            $this->_query .= ' (`' . implode(array_keys($tableData), '`, `') . '`)  VALUES (';
+        else
             $this->_query .= " SET ";
 
         foreach ($tableData as $column => $value) {
-            if ($isUpdate !== false)
+            if (!$isInsert)
                 $this->_query .= "`" . $column . "` = ";
 
             // Subquery value
-            if (is_object ($value)) {
+            if ($value instanceof MysqliDb) {
                 $this->_query .= $this->_buildPair ("", $value) . ", ";
                 continue;
             }
@@ -969,8 +963,8 @@ protected function _buildTableData ($tableData) {
                     die ("Wrong operation");
             }
         }
-        $this->_query = rtrim($this->_query, ', ');
-        if ($isInsert !== false)
+        $this->_query = rtrim ($this->_query, ', ');
+        if ($isInsert)
             $this->_query .= ')';
     }