mirror of
https://github.com/dg/dibi.git
synced 2025-08-12 00:54:11 +02:00
- DibiDriver::format splitted into escape() & unescape()
- added DibiConnection::unescape - DibiPostgreDriver support escaping & unescaping BYTEA type
This commit is contained in:
David Grudl
@@ -372,15 +372,30 @@ class DibiConnection extends /*Nette::*/Object
|
||||
|
||||
|
||||
/**
|
||||
* Escapes the string.
|
||||
* Encodes data for use in an SQL statement.
|
||||
*
|
||||
* @param string unescaped string
|
||||
* @return string escaped and optionally quoted string
|
||||
* @param string type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
|
||||
* @return string escaped and quoted string
|
||||
*/
|
||||
public function escape($value)
|
||||
public function escape($value, $type = dibi::FIELD_TEXT)
|
||||
{
|
||||
$this->connect(); // MySQL & PDO require connection
|
||||
return $this->driver->format($value, dibi::FIELD_TEXT);
|
||||
return $this->driver->escape($value, $type);
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Decodes data from resultset.
|
||||
*
|
||||
* @param string value
|
||||
* @param string type (dibi::FIELD_BINARY)
|
||||
* @return string decoded value
|
||||
*/
|
||||
public function unescape($value, $type = dibi::FIELD_BINARY)
|
||||
{
|
||||
return $this->driver->unescape($value, $type);
|
||||
}
|
||||
|
||||
|
||||
@@ -393,7 +408,7 @@ class DibiConnection extends /*Nette::*/Object
|
||||
*/
|
||||
public function delimite($value)
|
||||
{
|
||||
return $this->driver->format($value, dibi::IDENTIFIER);
|
||||
return $this->driver->escape($value, dibi::IDENTIFIER);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -81,16 +81,6 @@ class DibiResult extends /*Nette::*/Object implements IDataSource
|
||||
|
||||
|
||||
|
||||
private static $types = array(
|
||||
dibi::FIELD_TEXT => 'string',
|
||||
dibi::FIELD_BINARY => 'string',
|
||||
dibi::FIELD_INTEGER => 'int',
|
||||
dibi::FIELD_FLOAT => 'float',
|
||||
dibi::FIELD_COUNTER => 'int',
|
||||
);
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* @param IDibiDriver
|
||||
* @param array
|
||||
@@ -542,20 +532,30 @@ class DibiResult extends /*Nette::*/Object implements IDataSource
|
||||
return $value;
|
||||
}
|
||||
|
||||
if (isset(self::$types[$type])) {
|
||||
settype($value, self::$types[$type]);
|
||||
switch ($type) {
|
||||
case dibi::FIELD_TEXT:
|
||||
return (string) $value;
|
||||
|
||||
case dibi::FIELD_BINARY:
|
||||
return $this->getDriver()->unescape($value, $type);
|
||||
|
||||
case dibi::FIELD_INTEGER:
|
||||
return (int) $value;
|
||||
|
||||
case dibi::FIELD_FLOAT:
|
||||
return (float) $value;
|
||||
|
||||
case dibi::FIELD_DATE:
|
||||
case dibi::FIELD_DATETIME:
|
||||
$value = strtotime($value);
|
||||
return $format === NULL ? $value : date($format, $value);
|
||||
|
||||
case dibi::FIELD_BOOL:
|
||||
return ((bool) $value) && $value !== 'f' && $value !== 'F';
|
||||
|
||||
default:
|
||||
return $value;
|
||||
}
|
||||
|
||||
if ($type === dibi::FIELD_DATE || $type === dibi::FIELD_DATETIME) {
|
||||
return $format === NULL ? strtotime($value) : date($format, strtotime($value));
|
||||
}
|
||||
|
||||
if ($type === dibi::FIELD_BOOL) {
|
||||
return ((bool) $value) && $value !== 'f' && $value !== 'F';
|
||||
}
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -261,13 +261,12 @@ final class DibiTranslator extends /*Nette::*/Object
|
||||
|
||||
switch ($modifier) {
|
||||
case 's': // string
|
||||
return $this->driver->format($value, dibi::FIELD_TEXT);
|
||||
case 'bin':// binary
|
||||
case 'b': // boolean
|
||||
return $this->driver->escape($value, $modifier);
|
||||
|
||||
case 'sn': // string or NULL
|
||||
return $value == '' ? 'NULL' : $this->driver->format($value, dibi::FIELD_TEXT); // notice two equal signs
|
||||
|
||||
case 'b': // boolean
|
||||
return $this->driver->format($value, dibi::FIELD_BOOL);
|
||||
return $value == '' ? 'NULL' : $this->driver->escape($value, dibi::FIELD_TEXT); // notice two equal signs
|
||||
|
||||
case 'i': // signed int
|
||||
case 'u': // unsigned int, ignored
|
||||
@@ -285,10 +284,8 @@ final class DibiTranslator extends /*Nette::*/Object
|
||||
return (string) ($value + 0);
|
||||
|
||||
case 'd': // date
|
||||
return $this->driver->format(is_string($value) ? strtotime($value) : $value, dibi::FIELD_DATE);
|
||||
|
||||
case 't': // datetime
|
||||
return $this->driver->format(is_string($value) ? strtotime($value) : $value, dibi::FIELD_DATETIME);
|
||||
return $this->driver->escape(is_string($value) ? strtotime($value) : $value, $modifier);
|
||||
|
||||
case 'n': // identifier name
|
||||
return $this->delimite($value);
|
||||
@@ -307,7 +304,10 @@ final class DibiTranslator extends /*Nette::*/Object
|
||||
);
|
||||
}
|
||||
|
||||
case 'and':
|
||||
case 'or':
|
||||
case 'a':
|
||||
case 'l':
|
||||
case 'v':
|
||||
$this->hasError = TRUE;
|
||||
return '**Unexpected type ' . gettype($value) . '**';
|
||||
@@ -321,13 +321,13 @@ final class DibiTranslator extends /*Nette::*/Object
|
||||
|
||||
// without modifier procession
|
||||
if (is_string($value))
|
||||
return $this->driver->format($value, dibi::FIELD_TEXT);
|
||||
return $this->driver->escape($value, dibi::FIELD_TEXT);
|
||||
|
||||
if (is_int($value) || is_float($value))
|
||||
return (string) $value; // something like -9E-005 is accepted by SQL
|
||||
|
||||
if (is_bool($value))
|
||||
return $this->driver->format($value, dibi::FIELD_BOOL);
|
||||
return $this->driver->escape($value, dibi::FIELD_BOOL);
|
||||
|
||||
if ($value === NULL)
|
||||
return 'NULL';
|
||||
@@ -427,10 +427,10 @@ final class DibiTranslator extends /*Nette::*/Object
|
||||
return $this->delimite($matches[2]);
|
||||
|
||||
if ($matches[3]) // SQL strings: '...'
|
||||
return $this->driver->format( str_replace("''", "'", $matches[4]), dibi::FIELD_TEXT);
|
||||
return $this->driver->escape( str_replace("''", "'", $matches[4]), dibi::FIELD_TEXT);
|
||||
|
||||
if ($matches[5]) // SQL strings: "..."
|
||||
return $this->driver->format( str_replace('""', '"', $matches[6]), dibi::FIELD_TEXT);
|
||||
return $this->driver->escape( str_replace('""', '"', $matches[6]), dibi::FIELD_TEXT);
|
||||
|
||||
if ($matches[7]) { // string quote
|
||||
$this->hasError = TRUE;
|
||||
@@ -453,7 +453,7 @@ final class DibiTranslator extends /*Nette::*/Object
|
||||
if (strpos($value, ':') !== FALSE) {
|
||||
$value = strtr($value, dibi::getSubst());
|
||||
}
|
||||
return $this->driver->format($value, dibi::IDENTIFIER);
|
||||
return $this->driver->escape($value, dibi::IDENTIFIER);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -142,13 +142,27 @@ interface IDibiDriver
|
||||
|
||||
|
||||
/**
|
||||
* Format to SQL command.
|
||||
* Encodes data for use in an SQL statement.
|
||||
*
|
||||
* @param string value
|
||||
* @param string type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, dibi::FIELD_DATE, dibi::FIELD_DATETIME, dibi::IDENTIFIER)
|
||||
* @return string formatted value
|
||||
* @param string type (dibi::FIELD_TEXT, dibi::FIELD_BOOL, ...)
|
||||
* @return string encoded value
|
||||
* @throws InvalidArgumentException
|
||||
*/
|
||||
function format($value, $type);
|
||||
function escape($value, $type);
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Decodes data from resultset.
|
||||
*
|
||||
* @param string value
|
||||
* @param string type (dibi::FIELD_BINARY)
|
||||
* @return string decoded value
|
||||
* @throws InvalidArgumentException
|
||||
*/
|
||||
function unescape($value, $type);
|
||||
|
||||
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user