- DibiDriver::format splitted into escape() & unescape()

- added DibiConnection::unescape
- DibiPostgreDriver support escaping & unescaping BYTEA type

dibi/drivers/mssql.php

@@ -186,21 +186,50 @@ class DibiMsSqlDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return "'" . str_replace("'", "''", $value) . "'";
-		if ($type === dibi::IDENTIFIER) return '[' . str_replace('.', '].[', $value) . ']';
-		if ($type === dibi::FIELD_BOOL) return $value ? -1 : 0;
-		if ($type === dibi::FIELD_DATE) return date("'Y-m-d'", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("'Y-m-d H:i:s'", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+		case dibi::FIELD_BINARY:
+			return "'" . str_replace("'", "''", $value) . "'";
+
+		case dibi::IDENTIFIER:
+			return '[' . str_replace('.', '].[', $value) . ']';
+
+		case dibi::FIELD_BOOL:
+			return $value ? -1 : 0;
+
+		case dibi::FIELD_DATE:
+			return date("'Y-m-d'", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("'Y-m-d H:i:s'", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}
 
 

dibi/drivers/mysql.php

@@ -239,21 +239,50 @@ class DibiMySqlDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return "'" . mysql_real_escape_string($value, $this->connection) . "'";
-		if ($type === dibi::IDENTIFIER) return '`' . str_replace('.', '`.`', $value) . '`';
-		if ($type === dibi::FIELD_BOOL) return $value ? 1 : 0;
-		if ($type === dibi::FIELD_DATE) return date("'Y-m-d'", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("'Y-m-d H:i:s'", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+		case dibi::FIELD_BINARY:
+			return "'" . mysql_real_escape_string($value, $this->connection) . "'";
+
+		case dibi::IDENTIFIER:
+			return '`' . str_replace('.', '`.`', $value) . '`';
+
+		case dibi::FIELD_BOOL:
+			return $value ? 1 : 0;
+
+		case dibi::FIELD_DATE:
+			return date("'Y-m-d'", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("'Y-m-d H:i:s'", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}
 
 

dibi/drivers/mysqli.php

@@ -219,21 +219,50 @@ class DibiMySqliDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return "'" . mysqli_real_escape_string($this->connection, $value) . "'";
-		if ($type === dibi::IDENTIFIER) return '`' . str_replace('.', '`.`', $value) . '`';
-		if ($type === dibi::FIELD_BOOL) return $value ? 1 : 0;
-		if ($type === dibi::FIELD_DATE) return date("'Y-m-d'", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("'Y-m-d H:i:s'", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+		case dibi::FIELD_BINARY:
+			return "'" . mysqli_real_escape_string($this->connection, $value) . "'";
+
+		case dibi::IDENTIFIER:
+			return '`' . str_replace('.', '`.`', $value) . '`';
+
+		case dibi::FIELD_BOOL:
+			return $value ? 1 : 0;
+
+		case dibi::FIELD_DATE:
+			return date("'Y-m-d'", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("'Y-m-d H:i:s'", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}
 
 

dibi/drivers/odbc.php

@@ -200,21 +200,50 @@ class DibiOdbcDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return "'" . str_replace("'", "''", $value) . "'";
-		if ($type === dibi::IDENTIFIER) return '[' . str_replace('.', '].[', $value) . ']';
-		if ($type === dibi::FIELD_BOOL) return $value ? -1 : 0;
-		if ($type === dibi::FIELD_DATE) return date("#m/d/Y#", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("#m/d/Y H:i:s#", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+		case dibi::FIELD_BINARY:
+			return "'" . str_replace("'", "''", $value) . "'";
+
+		case dibi::IDENTIFIER:
+			return '[' . str_replace('.', '].[', $value) . ']';
+
+		case dibi::FIELD_BOOL:
+			return $value ? -1 : 0;
+
+		case dibi::FIELD_DATE:
+			return date("#m/d/Y#", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("#m/d/Y H:i:s#", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}
 
 

dibi/drivers/oracle.php

@@ -197,21 +197,50 @@ class DibiOracleDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return "'" . str_replace("'", "''", $value) . "'"; // TODO: not tested
-		if ($type === dibi::IDENTIFIER) return '[' . str_replace('.', '].[', $value) . ']';  // TODO: not tested
-		if ($type === dibi::FIELD_BOOL) return $value ? 1 : 0;
-		if ($type === dibi::FIELD_DATE) return date("U", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("U", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+		case dibi::FIELD_BINARY:
+			return "'" . str_replace("'", "''", $value) . "'"; // TODO: not tested
+
+		case dibi::IDENTIFIER:
+			return '[' . str_replace('.', '].[', $value) . ']';  // TODO: not tested
+
+		case dibi::FIELD_BOOL:
+			return $value ? 1 : 0;
+
+		case dibi::FIELD_DATE:
+			return date("U", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("U", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}
 
 

dibi/drivers/pdo.php

@@ -218,21 +218,52 @@ class DibiPdoDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return $this->connection->quote($value);
-		if ($type === dibi::IDENTIFIER) return $value; // quoting is not supported by PDO
-		if ($type === dibi::FIELD_BOOL) return $value ? 1 : 0;
-		if ($type === dibi::FIELD_DATE) return date("'Y-m-d'", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("'Y-m-d H:i:s'", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+			return $this->connection->quote($value, PDO::PARAM_STR);
+
+		case dibi::FIELD_BINARY:
+			return $this->connection->quote($value, PDO::PARAM_LOB);
+
+		case dibi::IDENTIFIER:
+			return $value; // quoting is not supported by PDO
+
+		case dibi::FIELD_BOOL:
+			return $this->connection->quote($value, PDO::PARAM_BOOL);
+
+		case dibi::FIELD_DATE:
+			return date("'Y-m-d'", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("'Y-m-d H:i:s'", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}
 
 

dibi/drivers/postgre.php

@@ -224,31 +224,69 @@ class DibiPostgreDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) {
-			if ($this->escMethod) return "'" . pg_escape_string($this->connection, $value) . "'";
-			return "'" . pg_escape_string($value) . "'";
-		}
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+			if ($this->escMethod) {
+				return "'" . pg_escape_string($this->connection, $value) . "'";
+			} else {
+				return "'" . pg_escape_string($value) . "'";
+			}
 
-		if ($type === dibi::IDENTIFIER) {
+		case dibi::FIELD_BINARY:
+			if ($this->escMethod) {
+				return "'" . pg_escape_bytea($this->connection, $value) . "'";
+			} else {
+				return "'" . pg_escape_bytea($value) . "'";
+			}
+
+		case dibi::IDENTIFIER:
 			$a = strrpos($value, '.');
 			if ($a === FALSE) return '"' . str_replace('"', '""', $value) . '"';
 			// table.col delimite as table."col"
 			return substr($value, 0, $a) . '."' . str_replace('"', '""', substr($value, $a + 1)) . '"';
-		}
 
-		if ($type === dibi::FIELD_BOOL) return $value ? 'TRUE' : 'FALSE';
-		if ($type === dibi::FIELD_DATE) return date("'Y-m-d'", $value);
-		if ($type === dibi::FIELD_DATETIME) return date("'Y-m-d H:i:s'", $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		case dibi::FIELD_BOOL:
+			return $value ? 'TRUE' : 'FALSE';
+
+		case dibi::FIELD_DATE:
+			return date("'Y-m-d'", $value);
+
+		case dibi::FIELD_DATETIME:
+			return date("'Y-m-d H:i:s'", $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		switch ($type) {
+		case dibi::FIELD_BINARY:
+			return pg_unescape_bytea($value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
 	}
 
 

dibi/drivers/sqlite.php

@@ -203,21 +203,50 @@ class DibiSqliteDriver extends /*Nette::*/Object implements IDibiDriver
 
 
 	/**
-	 * Format to SQL command.
+	 * Encodes data for use in an SQL statement.
 	 *
 	 * @param  string    value
-	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
-	 * @return string    formatted value
+	 * @param  string    type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
+	 * @return string    encoded value
 	 * @throws InvalidArgumentException
 	 */
-	public function format($value, $type)
+	public function escape($value, $type)
 	{
-		if ($type === dibi::FIELD_TEXT) return "'" . sqlite_escape_string($value) . "'";
-		if ($type === dibi::IDENTIFIER) return '[' . str_replace('.', '].[', $value) . ']';
-		if ($type === dibi::FIELD_BOOL) return $value ? 1 : 0;
-		if ($type === dibi::FIELD_DATE) return date($this->fmtDate, $value);
-		if ($type === dibi::FIELD_DATETIME) return date($this->fmtDateTime, $value);
-		throw new InvalidArgumentException('Unsupported formatting type.');
+		switch ($type) {
+		case dibi::FIELD_TEXT:
+		case dibi::FIELD_BINARY:
+			return "'" . sqlite_escape_string($value) . "'";
+
+		case dibi::IDENTIFIER:
+			return '[' . str_replace('.', '].[', $value) . ']';
+
+		case dibi::FIELD_BOOL:
+			return $value ? 1 : 0;
+
+		case dibi::FIELD_DATE:
+			return date($this->fmtDate, $value);
+
+		case dibi::FIELD_DATETIME:
+			return date($this->fmtDateTime, $value);
+
+		default:
+			throw new InvalidArgumentException('Unsupported type.');
+		}
+	}
+
+
+
+	/**
+	 * Decodes data from resultset.
+	 *
+	 * @param  string    value
+	 * @param  string    type (dibi::FIELD_BINARY)
+	 * @return string    decoded value
+	 * @throws InvalidArgumentException
+	 */
+	public function unescape($value, $type)
+	{
+		throw new InvalidArgumentException('Unsupported type.');
 	}