fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 19:51:42 +09:00
Code Issues Projects Releases Packages Wiki Activity

Issue 1819: CUBRID prepare statement error

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@10525 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ucorina 2012-04-02 15:36:50 +00:00
parent f0eecb4809
commit c2df2f3a45
10 changed files with 201 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

2
classes/db/DBCubrid.class.php
View file

@ -179,6 +179,8 @@
{
$value = $param->getUnescapedValue();
$type = $param->getType();
if($param->isColumnName()) continue;
switch($type)
{

25
classes/db/DBMssql.class.php
View file

@ -135,18 +135,19 @@
if(count($this->param)){
foreach($this->param as $k => $o){
if($o->getType() == 'number'){
$value = $o->getUnescapedValue();
if(is_array($value)) $_param = array_merge($_param, $value);
else $_param[] = $o->getUnescapedValue();
}else{
$value = $o->getUnescapedValue();
if(is_array($value)) {
foreach($value as $v)
$_param[] = array($v, SQLSRV_PARAM_IN, SQLSRV_PHPTYPE_STRING('utf-8'));
}
else $_param[] = array($value, SQLSRV_PARAM_IN, SQLSRV_PHPTYPE_STRING('utf-8'));
}
if($o->isColumnName()) continue;
if($o->getType() == 'number'){
$value = $o->getUnescapedValue();
if(is_array($value)) $_param = array_merge($_param, $value);
else $_param[] = $o->getUnescapedValue();
}else{
$value = $o->getUnescapedValue();
if(is_array($value)) {
foreach($value as $v)
$_param[] = array($v, SQLSRV_PARAM_IN, SQLSRV_PHPTYPE_STRING('utf-8'));
}
else $_param[] = array($value, SQLSRV_PARAM_IN, SQLSRV_PHPTYPE_STRING('utf-8'));
}
}
}

10
classes/db/DBMysqli.class.php
View file

@ -112,14 +112,16 @@
}
// 2. Bind parameters
call_user_func_array('mysqli_stmt_bind_param',$args);
$status = call_user_func_array('mysqli_stmt_bind_param',$args);
if(!$status)
$this->setError(-1, "Invalid arguments: $query" . mysqli_error($connection) . PHP_EOL . print_r($args, true));
}
// 3. Execute query
$status = mysqli_stmt_execute($stmt);
if(!$status)
$this->setError(-1, "Prepared statement failed: $query");
$this->setError(-1, "Prepared statement failed: $query" . mysqli_error($connection) . PHP_EOL . print_r($args, true));
// Return stmt for other processing - like retrieving resultset (_fetch)
return $stmt;
@ -146,6 +148,10 @@
foreach($this->param as $k => $o){
$value = $o->getUnescapedValue();
$type = $o->getType();
// Skip column names -> this should be concatenated to query string
if($o->isColumnName()) continue;
switch($type)
{
case 'number' :

54
classes/db/queryparts/Query.class.php
View file

@ -223,34 +223,36 @@
function getWhereString($with_values = true, $with_optimization = true){
$where = '';
$condition_count = 0;
foreach($this->conditions as $conditionGroup){
if($condition_count === 0){
$conditionGroup->setPipe("");
}
$condition_string = $conditionGroup->toString($with_values);
$where .= $condition_string;
$condition_count++;
}
if($with_optimization &&
(strstr($this->getOrderByString(), 'list_order') || strstr($this->getOrderByString(), 'update_order'))){
if($condition_count !== 0) $where = '(' . $where .') ';
foreach($this->orderby as $order){
$colName = $order->getColumnName();
if(strstr($colName, 'list_order') || strstr($colName, 'update_order')){
$opt_condition = new ConditionWithoutArgument($colName, 2100000000, 'less', 'and');
if ($condition_count === 0) $opt_condition->setPipe("");
$where .= $opt_condition->toString($with_values).' ';
$condition_count++;
$condition_count = 0;
foreach ($this->conditions as $conditionGroup) {
if ($condition_count === 0) {
$conditionGroup->setPipe("");
}
}
$condition_string = $conditionGroup->toString($with_values);
$where .= $condition_string;
$condition_count++;
}
return trim($where);
if ($with_optimization &&
(strstr($this->getOrderByString(), 'list_order') || strstr($this->getOrderByString(), 'update_order'))) {
if ($condition_count !== 0)
$where = '(' . $where . ') ';
foreach ($this->orderby as $order) {
$colName = $order->getColumnName();
if (strstr($colName, 'list_order') || strstr($colName, 'update_order')) {
$opt_condition = new ConditionWithoutArgument($colName, 2100000000, 'less', 'and');
if ($condition_count === 0)
$opt_condition->setPipe("");
$where .= $opt_condition->toString($with_values) . ' ';
$condition_count++;
}
}
}
return trim($where);
}
function getGroupByString(){

22
classes/db/queryparts/condition/Condition.class.php
View file

@ -24,13 +24,21 @@
}
function toString($withValue = true){
if(!isset($this->_value_to_string)){
if(!$this->show()) { $this->_value_to_string = ''; }
else if($withValue)
$this->_value_to_string = $this->toStringWithValue();
else $this->_value_to_string = $this->toStringWithoutValue();
}
return $this->_value_to_string;
if (!isset($this->_value_to_string)) {
if (!$this->show())
{
$this->_value_to_string = '';
}
else if ($withValue)
{
$this->_value_to_string = $this->toStringWithValue();
}
else
{
$this->_value_to_string = $this->toStringWithoutValue();
}
}
return $this->_value_to_string;
}
function toStringWithoutValue(){

29
classes/db/queryparts/condition/ConditionWithArgument.class.php
View file

@ -14,16 +14,27 @@
}
function toStringWithoutValue(){
$value = $this->argument->getUnescapedValue();
$value = $this->argument->getUnescapedValue();
if(is_array($value)){
$q = '';
foreach ($value as $v) $q .= '?,';
if($q !== '') $q = substr($q, 0, -1);
$q = '(' . $q . ')';
}
else $q = '?';
return $this->pipe . ' ' . $this->getConditionPart($q);
if(is_array($value)){
$q = '';
foreach ($value as $v) $q .= '?,';
if($q !== '') $q = substr($q, 0, -1);
$q = '(' . $q . ')';
}
else
{
// Prepared statements: column names should not be sent as query arguments, but instead concatenated to query string
if($this->argument->isColumnName())
{
$q = $value;
}
else
{
$q = '?';
}
}
return $this->pipe . ' ' . $this->getConditionPart($q);
}
function show(){

11
classes/xml/xmlquery/argument/Argument.class.php
View file

@ -20,7 +20,9 @@ class Argument {
function getType() {
if (isset($this->type))
{
return $this->type;
}
if (is_string($this->value))
return 'column_name';
return 'number';
@ -29,7 +31,7 @@ class Argument {
function setColumnType($value) {
$this->type = $value;
}
function setColumnOperation($operation) {
$this->column_operation = $operation;
}
@ -113,6 +115,13 @@ class Argument {
function isValid() {
return $this->isValid;
}
function isColumnName(){
$type = $this->getType();
if($type == 'column_name') return true;
if($type == 'number' && !is_numeric($this->value) && $this->uses_default_value) return true;
return false;
}
function getErrorMessage() {
return $this->errorMessage;

39
classes/xml/xmlquery/argument/ConditionArgument.class.php
View file

@ -63,22 +63,33 @@
}
}
/**
* Since ConditionArgument is used in WHERE clause,
* where the argument value is compared to a table column,
* it is assumed that all arguments have type. There are cases though
* where the column does not have any type - if it was removed from
* the XML schema for example - see the is_secret column in xe_documents table.
* In this case, the column type is retrieved according to argument
* value type (using the PHP function is_numeric).
*
* @return type string
*/
function getType(){
return $this->type ? $this->type : (!is_numeric($this->value) ? "varchar" : "");
/**
* Since ConditionArgument is used in WHERE clause,
* where the argument value is compared to a table column,
* it is assumed that all arguments have type. There are cases though
* where the column does not have any type - if it was removed from
* the XML schema for example - see the is_secret column in xe_documents table.
* In this case, the column type is retrieved according to argument
* value type (using the PHP function is_numeric).
*
* @return type string
*/
function getType(){
if($this->type)
{
return $this->type;
}
else if(!is_numeric($this->value))
{
return 'varchar';
}
else
{
return '';
}
}
function setColumnType($column_type){
function setColumnType($column_type){
if(!isset($this->value)) return;
if($column_type === '') return;