SqlsrvDriver: workaround for "Driver's SQLSetConnectAttr failed on ODBC <=13" bug

Released version 4.0.3
SqliteResult: workaround for PHP bug 79414
2025-09-04 03:35:26 +02:00 · 2021-03-10 16:43:12 +01:00 · 2020-03-26 03:54:02 +01:00 · 2020-03-26 03:54:02 +01:00 · 2020-03-26 03:54:02 +01:00 · 2020-03-26 03:54:02 +01:00
10 changed files with 38 additions and 16 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,6 +3,11 @@ php:
    - 7.1
    - 7.2
    - 7.3
+    - 7.4
+
+services:
+    - mysql
+    - postgresql

 before_install:
    # turn off XDebug
--- a/readme.md
+++ b/readme.md
@@ -26,7 +26,7 @@ Install Dibi via Composer:
 composer require dibi/dibi
 ```

-The Dibi 4.0 requires PHP version 7.1 and supports PHP up to 7.2. Older Dibi 3.x requires PHP 5.4 and supports PHP up to 7.2.
+The Dibi 4.0 requires PHP version 7.1 and supports PHP up to 7.4.


 Usage
@@ -110,7 +110,7 @@ $ids = [10, 20, 30];
 $result = $database->query('SELECT * FROM users WHERE id IN (?)', $ids);
 ```

-**WARNING, never concencate parameters to SQL, the vulnerability would arise [SQL injection](https://en.wikipedia.org/wiki/SQL_injection)**
+**WARNING: Never concatenate parameters to SQL. It would create a [SQL injection](https://en.wikipedia.org/wiki/SQL_injection)** vulnerability.
 ```
 $result = $database->query('SELECT * FROM users WHERE id = ' . $id); // BAD!!!
 ```
@@ -147,7 +147,7 @@ $name = $database->fetchSingle('SELECT name FROM users WHERE id = ?', $id);

 ### Modifiers

-In addition to the `?` wild char, we can also use modifiers:
+In addition to the `?` wildcard char, we can also use modifiers:

 | modifier | description
 |----------|-----
@@ -161,6 +161,7 @@ In addition to the `?` wild char, we can also use modifiers:
 | %d | date (accepts DateTime, string or UNIX timestamp)
 | %dt | datetime (accepts DateTime, string or UNIX timestamp)
 | %n | identifier, ie the name of the table or column
+| %N | identifier, treats period as a common character, ie alias or a database name (`%n AS %N` or `DROP DATABASE %N`)
 | %SQL | SQL - directly inserts into SQL (the alternative is Dibi\Literal)
 | %ex | SQL expression or array of expressions
 | %lmt | special - adds LIMIT to the query
--- a/src/Dibi/Connection.php
+++ b/src/Dibi/Connection.php
@@ -119,6 +119,7 @@ class Connection implements IConnection
 	{
 		if ($this->config['driver'] instanceof Driver) {
 			$this->driver = $this->config['driver'];
+			$this->translator = new Translator($this);
 			return;

 		} elseif (is_subclass_of($this->config['driver'], Driver::class)) {
@@ -135,6 +136,8 @@ class Connection implements IConnection
 		$event = $this->onEvent ? new Event($this, Event::CONNECT) : null;
 		try {
 			$this->driver = new $class($this->config);
+			$this->translator = new Translator($this);
+
 			if ($event) {
 				$this->onEvent($event->done());
 			}
@@ -160,7 +163,7 @@ class Connection implements IConnection
 	{
 		if ($this->driver) {
 			$this->driver->disconnect();
-			$this->driver = null;
+			$this->driver = $this->translator = null;
 		}
 	}

@@ -261,11 +264,7 @@ class Connection implements IConnection
 		if (!$this->driver) {
 			$this->connect();
 		}
-		if (!$this->translator) {
-			$this->translator = new Translator($this);
-		}
-		$translator = clone $this->translator;
-		return $translator->translate($args);
+		return (clone $this->translator)->translate($args);
 	}


--- a/src/Dibi/Drivers/MySqliDriver.php
+++ b/src/Dibi/Drivers/MySqliDriver.php
@@ -93,7 +93,7 @@ class MySqliDriver implements Dibi\Driver
 			@$this->connection->real_connect( // intentionally @
 				(empty($config['persistent']) ? '' : 'p:') . $config['host'],
 				$config['username'],
-				$config['password'],
+				$config['password'] ?? '',
 				$config['database'] ?? '',
 				$config['port'] ?? 0,
 				$config['socket'],
--- a/src/Dibi/Drivers/SqliteResult.php
+++ b/src/Dibi/Drivers/SqliteResult.php
@@ -96,7 +96,7 @@ class SqliteResult implements Dibi\ResultDriver
 				'name' => $this->resultSet->columnName($i),
 				'table' => null,
 				'fullname' => $this->resultSet->columnName($i),
-				'nativetype' => $types[$this->resultSet->columnType($i)],
+				'nativetype' => $types[$this->resultSet->columnType($i)] ?? null, // buggy in PHP 7.4.4 & 7.3.16, bug 79414
 			];
 		}
 		return $columns;
--- a/src/Dibi/Drivers/SqlsrvDriver.php
+++ b/src/Dibi/Drivers/SqlsrvDriver.php
@@ -65,11 +65,13 @@ class SqlsrvDriver implements Dibi\Driver
 			$options['UID'] = (string) $options['UID'];
 			$options['Database'] = (string) $options['Database'];

+			sqlsrv_configure('WarningsReturnAsErrors', 0);
 			$this->connection = sqlsrv_connect($config['host'], $options);
+			sqlsrv_configure('WarningsReturnAsErrors', 1);
 		}

 		if (!is_resource($this->connection)) {
-			$info = sqlsrv_errors();
+			$info = sqlsrv_errors(SQLSRV_ERR_ERRORS);
 			throw new Dibi\DriverException($info[0]['message'], $info[0]['code']);
 		}
 		$this->version = sqlsrv_server_info($this->connection)['SQLServerVersion'];
--- a/src/Dibi/Fluent.php
+++ b/src/Dibi/Fluent.php
@@ -423,7 +423,7 @@ class Fluent implements IDataSource
 		if ($clause === null) {
 			$data = $this->clauses;
 			if ($this->command === 'SELECT' && ($data['LIMIT'] || $data['OFFSET'])) {
-				$args = array_merge(['%lmt %ofs', $data['LIMIT'][0], $data['OFFSET'][0]], $args);
+				$args = array_merge(['%lmt %ofs', $data['LIMIT'][0] ?? null, $data['OFFSET'][0] ?? null], $args);
 				unset($data['LIMIT'], $data['OFFSET']);
 			}

--- a/src/Dibi/Result.php
+++ b/src/Dibi/Result.php
@@ -282,7 +282,7 @@ class Result implements IDataSource
 					}

 				} elseif ($as !== '|') { // associative-array node
-					$x = &$x[$row->$as];
+					$x = &$x[(string) $row->$as];
 				}
 			}

@@ -350,7 +350,7 @@ class Result implements IDataSource
 					}

 				} else { // associative-array node
-					$x = &$x[$row->$as];
+					$x = &$x[(string) $row->$as];
 				}
 			}

@@ -452,6 +452,7 @@ class Result implements IDataSource
 				continue;
 			}
 			$value = $row[$key];
+
 			if ($type === Type::TEXT) {
 				$row[$key] = (string) $value;

@@ -497,6 +498,9 @@ class Result implements IDataSource

 			} elseif ($type === Type::JSON) {
 				$row[$key] = json_decode($value, true);
+
+			} else {
+				$row[$key] = $value;
 			}
 		}
 	}
--- a/src/Dibi/dibi.php
+++ b/src/Dibi/dibi.php
@@ -44,7 +44,7 @@ class dibi

 	/** version */
 	public const
-		VERSION = '4.0.2';
+		VERSION = '4.0.3';

 	/** sorting order */
 	public const
--- a/tests/dibi/Connection.connect.phpt
+++ b/tests/dibi/Connection.connect.phpt
@@ -52,6 +52,17 @@ test(function () use ($config) {
 });


+test(function () use ($config) {
+	$conn = new Connection($config);
+	Assert::equal('hello', $conn->query('SELECT %s', 'hello')->fetchSingle());
+
+	$conn->disconnect();
+
+	$conn->connect();
+	Assert::equal('hello', $conn->query('SELECT %s', 'hello')->fetchSingle());
+});
+
+
 test(function () use ($config) {
 	Assert::exception(function () use ($config) {
 		new Connection($config + ['onConnect' => '']);
Author	SHA1	Message	Date
David Grudl	fc5e7db484	SqlsrvDriver: workaround for "Driver's SQLSetConnectAttr failed on ODBC <=13" bug	2021-03-10 16:43:12 +01:00
David Grudl	44b420f70d	Released version 4.0.3	2020-03-26 03:54:02 +01:00
David Grudl	4689101b88	SqliteResult: workaround for PHP bug 79414	2020-03-26 03:54:02 +01:00
David Grudl	db16b9e87a	Result: does not drop the value if detection fails	2020-03-26 03:54:02 +01:00
Adam Klvač	803c9d539c	MySqliDriver: coalesced password to an empty string (#360 ) mysqli::real_connect() expects parameter 3 to be string, yields an error on NULL.	2020-03-26 03:54:02 +01:00
David Grudl	e137dfa28b	Result::fetchAssoc() DateTime in key is converted to string [Closes #359 ]	2020-03-26 03:54:02 +01:00
Milan Pála	9651835f5b	tests: added reconnect test (#352 )	2020-03-26 03:54:02 +01:00
David Grudl	2cbebc02c4	Connection: translator is created/destructed in connect/disconnect [Closes #352 ][Closes #354 ]	2020-03-26 03:54:02 +01:00
David Grudl	4d647c2aed	travis: fixed databases	2020-03-26 03:51:13 +01:00
David Grudl	5c5838aee4	travis: added PHP 7.4	2020-03-26 03:47:28 +01:00
David Grudl	7df72fd6cf	fixes for PHP 7.4	2020-03-26 03:45:50 +01:00
magikstm	219882a962	readme: some minor corrections (#331 )	2019-05-29 13:44:50 +02:00
Jiří Zralý	7e127f5914	Documentation: Added %N identifier (#330 )	2019-04-16 21:50:55 +02:00