Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #5 from Gasol/develop

fix PDO::quote
  • Loading branch information...
commit 7debd5bb2b9b698e22592ad84aab80d43b5a9996 2 parents 8ae48dd + dcab08c
Mikko Koppanen authored
Showing with 55 additions and 21 deletions.
  1. +36 −14 cassandra_driver.cpp
  2. +19 −7 tests/012-quoter.phpt
View
50 cassandra_driver.cpp
@@ -445,19 +445,41 @@ static long pdo_cassandra_handle_execute(pdo_dbh_t *dbh, const char *sql, long s
*/
static int pdo_cassandra_handle_quote(pdo_dbh_t *dbh, const char *unquoted, int unquotedlen, char **quoted, int *quotedlen, enum pdo_param_type paramtype TSRMLS_DC)
{
- char *escaped;
- int new_length;
-
- // const_cast should be fine here, php_addslashes shouldn't modify the data
- escaped = php_addslashes(const_cast <char *>(unquoted), unquotedlen, &new_length, 0 TSRMLS_CC);
-
- if (!escaped) {
- return 0;
- }
-
- *quotedlen = spprintf(quoted, 0, "'%s'", escaped);
- efree(escaped);
- return 1;
+ switch (PDO_PARAM_TYPE(paramtype)) {
+ case PDO_PARAM_INT:
+ long lval;
+ double dval;
+ switch (is_numeric_string(unquoted, unquotedlen, &lval, &dval, 0)) {
+ case IS_LONG:
+ *quoted = estrdup(unquoted);
+ *quotedlen = unquotedlen;
+ return 1;
+ case IS_DOUBLE:
+ default:
+ return 0;
+ }
+ break;
+ case PDO_PARAM_BOOL:
+ // XXX: never called so far, because pdo treat PDO_PARAM_BOOL as PDO_PARAM_STR
+ // TODO: consider to handle PDO::PARAM_BOOL
+ case PDO_PARAM_STR:
+ default:
+ char *escaped;
+ int new_length;
+ int replace_count;
+
+ // const_cast should be fine here, php_str_to_str_ex shouldn't modify the data
+ escaped = php_str_to_str_ex(const_cast <char *>(unquoted), unquotedlen, "'", 1, "''", 2, &new_length, 1, &replace_count);
+
+ if (!escaped) {
+ return 0;
+ }
+
+ *quotedlen = spprintf(quoted, 0, "'%s'", escaped);
+ efree(escaped);
+ return 1;
+ break;
+ }
}
/* }}} */
@@ -693,4 +715,4 @@ zend_module_entry pdo_cassandra_module_entry = {
#if defined(COMPILE_DL_PDO_CASSANDRA)
ZEND_GET_MODULE(pdo_cassandra)
-#endif
+#endif
View
26 tests/012-quoter.phpt
@@ -8,17 +8,29 @@ Test quoting values
require_once(dirname(__FILE__) . '/config.inc');
$db = new PDO($dsn);
+
var_dump ($db->quote ("'hello' 'world'"));
var_dump ($db->quote ("Co'mpl''ex \"st'\"ring"));
-var_dump ($db->quote ("'''''''''", PDO::PARAM_LOB));
var_dump ($db->quote ("test " . chr(0) . " value"));
-
+var_dump ($db->quote ("return false", PDO::PARAM_INT));
+var_dump ($db->quote (1234, PDO::PARAM_INT));
+var_dump ($db->quote ("4321", PDO::PARAM_INT)); // string represents an integer should be fine
+var_dump ($db->quote ("'''''''''", PDO::PARAM_LOB));
+var_dump ($db->quote ('true'));
+var_dump ($db->quote ('false'));
+//var_dump ($db->quote (true, PDO::PARAM_BOOL)); // broken
+//var_dump ($db->quote (false, PDO::PARAM_BOOL));
echo "OK";
?>
--EXPECT--
-string(21) "'\'hello\' \'world\''"
-string(28) "'Co\'mpl\'\'ex \"st\'\"ring'"
-string(20) "'\'\'\'\'\'\'\'\'\''"
-string(15) "'test \0 value'"
-OK
+string(21) "'''hello'' ''world'''"
+string(26) "'Co''mpl''''ex "st''"ring'"
+string(7) "'test '"
+bool(false)
+string(4) "1234"
+string(4) "4321"
+string(20) "''''''''''''''''''''"
+string(6) "'true'"
+string(7) "'false'"
+OK
Please sign in to comment.
Something went wrong with that request. Please try again.