diff options
| author | Noah Heck <noahheck@users.noreply.github.com> | 2016-11-08 17:22:32 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-11-08 17:22:32 -0700 |
| commit | 9bbe64f734f7d0e0dcc21b561460781250cee0bc (patch) | |
| tree | ba17a5712f025b3be511eebb1c76cf5ca9c60b02 | |
| parent | 53ae8de56bd076b3bcbec2bd62ebe04e990c3407 (diff) | |
| parent | 9de40727d5daa7a640fa9f78d7b7deb7de939f21 (diff) | |
| download | E_PDOStatement-9bbe64f734f7d0e0dcc21b561460781250cee0bc.zip E_PDOStatement-9bbe64f734f7d0e0dcc21b561460781250cee0bc.tar.gz E_PDOStatement-9bbe64f734f7d0e0dcc21b561460781250cee0bc.tar.bz2 | |
Merge pull request #10 from noahheck/SubstringReplacement
Add proper substring parameter replacement
| -rw-r--r-- | src/EPDOStatement.php | 7 | ||||
| -rw-r--r-- | tests/src/EPDOStatementTest.php | 58 |
2 files changed, 61 insertions, 4 deletions
diff --git a/src/EPDOStatement.php b/src/EPDOStatement.php index 351c07a..78d43d3 100644 --- a/src/EPDOStatement.php +++ b/src/EPDOStatement.php @@ -137,7 +137,7 @@ class EPDOStatement extends PDOStatement $marker = (preg_match("/^:/", $marker)) ? $marker : ":" . $marker; } - $testParam = "/" . $marker . "(?!\w)/"; + $testParam = "/({$marker}(?!\w))(?=(?:[^\"']|[\"'][^\"']*[\"'])*$)/"; return preg_replace($testParam, $replValue, $queryString, 1); } @@ -169,11 +169,10 @@ class EPDOStatement extends PDOStatement */ private function prepareValue($value) { - if ($value['value'] === NULL) - { + if ($value['value'] === NULL) { return 'NULL'; } - + if (!$this->_pdo) { return "'" . addslashes($value['value']) . "'"; } diff --git a/tests/src/EPDOStatementTest.php b/tests/src/EPDOStatementTest.php index 10eb84c..c1f2f7a 100644 --- a/tests/src/EPDOStatementTest.php +++ b/tests/src/EPDOStatementTest.php @@ -170,6 +170,44 @@ class EPDOStatementTest extends PHPUnit_Framework_TestCase $this->assertTrue(false == preg_match("/\?/", $result)); } + public function testValuesGetInterpolatedIntoQueryEvenWhenReplacementValueContainsAPlaceholderUsingUnnamedParameters() + { + $pdo = $this->getPdo(); + + $query = "UPDATE logs SET logContent = ?, summary = ?"; + $stmt = $pdo->prepare($query); + + $parameters = array( + "String contains a ?" + , "Some other value" + ); + + $result = $stmt->interpolateQuery($parameters); + + $expected = "UPDATE logs SET logContent = 'String contains a ?', summary = 'Some other value'"; + + $this->assertEquals($expected, $result); + } + + public function testValuesGetInterpolatedIntoQueryEvenWhenReplacementValueContainsAPlaceholderUsingNamedParameters() + { + $pdo = $this->getPdo(); + + $query = "UPDATE logs SET logContent = :logContent, summary = :summary"; + $stmt = $pdo->prepare($query); + + $parameters = array( + ":logContent" => "String contains :summary" + , ":summary" => "Some other value" + ); + + $result = $stmt->interpolateQuery($parameters); + + $expected = "UPDATE logs SET logContent = 'String contains :summary', summary = 'Some other value'"; + + $this->assertEquals($expected, $result); + } + public function testValuesGetInterpolatedCorrectlyWhenSimilarlyNamedPlaceholdersAreUsed() { $pdo = $this->getPdo(); @@ -198,6 +236,26 @@ class EPDOStatementTest extends PHPUnit_Framework_TestCase $this->assertTrue(false == preg_match("/:log/", $result)); } + public function testNullValuesAreInterpolatedCorrectlyAsDbNullValues() + { + $pdo = $this->getPdo(); + + $query = "UPDATE logs SET logContent = :logContent WHERE log = :log"; + $stmt = $pdo->prepare($query); + + $logContent = null; + $log = 123; + + $stmt->bindParam(":logContent", $logContent, PDO::PARAM_STR); + $stmt->bindParam(":log" , $log , PDO::PARAM_INT); + + $expected = "UPDATE logs SET logContent = NULL WHERE log = 123"; + + $result = $stmt->interpolateQuery(); + + $this->assertEquals($expected, $result); + } + public function testInterpolationAllowsSuccessfulExecutionOfQueries() { $pdo = $this->getPdo(); |