From: Christopher Jones Date: Tue, 3 Jul 2007 05:47:53 +0000 (+0000) Subject: MFB: Basic PDO->quote() for PDO_OCI X-Git-Tag: BEFORE_IMPORT_OF_MYSQLND~329 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=25ce6d9580466170fe1e92933125f6362b5f3b39;p=php MFB: Basic PDO->quote() for PDO_OCI --- diff --git a/ext/pdo_oci/oci_driver.c b/ext/pdo_oci/oci_driver.c index 8c33d28fb3..d4d154244c 100755 --- a/ext/pdo_oci/oci_driver.c +++ b/ext/pdo_oci/oci_driver.c @@ -350,7 +350,39 @@ static long oci_handle_doer(pdo_dbh_t *dbh, const char *sql, long sql_len TSRMLS static int oci_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, int unquotedlen, char **quoted, int *quotedlen, enum pdo_param_type paramtype TSRMLS_DC) /* {{{ */ { - return 0; + int qcount = 0; + char const *cu, *l, *r; + char *c; + + if (!unquotedlen) { + *quotedlen = 2; + *quoted = emalloc(*quotedlen+1); + strcpy(*quoted, "''"); + return 1; + } + + /* count single quotes */ + for (cu = unquoted; (cu = strchr(cu,'\'')); qcount++, cu++) + ; /* empty loop */ + + *quotedlen = unquotedlen + qcount + 2; + *quoted = c = emalloc(*quotedlen+1); + *c++ = '\''; + + /* foreach (chunk that ends in a quote) */ + for (l = unquoted; (r = strchr(l,'\'')); l = r+1) { + strncpy(c, l, r-l+1); + c += (r-l+1); + *c++ = '\''; /* add second quote */ + } + + /* Copy remainder and add enclosing quote */ + strncpy(c, l, *quotedlen-(c-*quoted)-1); + (*quoted)[*quotedlen-1] = '\''; + (*quoted)[*quotedlen] = '\0'; + + return 1; + } /* }}} */ diff --git a/ext/pdo_oci/tests/pdo_oci_quote1.phpt b/ext/pdo_oci/tests/pdo_oci_quote1.phpt new file mode 100644 index 0000000000..f76b6cd5ef --- /dev/null +++ b/ext/pdo_oci/tests/pdo_oci_quote1.phpt @@ -0,0 +1,286 @@ +--TEST-- +Test PDO->quote() for PDO_OCI +--SKIPIF-- + +--FILE-- +exec("drop table poq_tab"); +$db->query("create table poq_tab (t varchar2(100))"); +$stmt = $db->prepare('select * from poq_tab'); + +// The intent is that the fetched data be identical to the unquoted string. +// Remember!: use bind variables instead of PDO->quote() + +$a = array(null, "", "a", "ab", "abc", "ab'cd", "a\b\n", "'", "''", "a'", "'z", "a''b", '"'); +foreach ($a as $u) { + $q = $db->quote($u); + echo "Unquoted : "; + var_dump($u); + echo "Quoted : "; + var_dump($q); + + $db->exec("delete from poq_tab"); + + $db->query("insert into poq_tab (t) values($q)"); + $stmt->execute(); + var_dump($stmt->fetchAll(PDO::FETCH_ASSOC)); +} + +echo "Done\n"; + +@$db->exec("drop table poq_tab"); + +?> +--EXPECTF-- +Unquoted : NULL +Quoted : string(2) "''" +array(1) { + [0]=> + array(1) { + ["t"]=> + NULL + } +} +Unquoted : string(0) "" +Quoted : string(2) "''" +array(1) { + [0]=> + array(1) { + ["t"]=> + NULL + } +} +Unquoted : string(1) "a" +Quoted : string(3) "'a'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(1) "a" + } +} +Unquoted : string(2) "ab" +Quoted : string(4) "'ab'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(2) "ab" + } +} +Unquoted : string(3) "abc" +Quoted : string(5) "'abc'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(3) "abc" + } +} +Unquoted : string(5) "ab'cd" +Quoted : string(8) "'ab''cd'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(5) "ab'cd" + } +} +Unquoted : string(4) "a\b +" +Quoted : string(6) "'a\b +'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(4) "a\b +" + } +} +Unquoted : string(1) "'" +Quoted : string(4) "''''" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(1) "'" + } +} +Unquoted : string(2) "''" +Quoted : string(6) "''''''" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(2) "''" + } +} +Unquoted : string(2) "a'" +Quoted : string(5) "'a'''" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(2) "a'" + } +} +Unquoted : string(2) "'z" +Quoted : string(5) "'''z'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(2) "'z" + } +} +Unquoted : string(4) "a''b" +Quoted : string(8) "'a''''b'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(4) "a''b" + } +} +Unquoted : string(1) """ +Quoted : string(3) "'"'" +array(1) { + [0]=> + array(1) { + ["t"]=> + string(1) """ + } +} +Done +--UEXPECTF-- +Unquoted : NULL +Quoted : unicode(2) "''" +array(1) { + [0]=> + array(1) { + ["t"]=> + NULL + } +} +Unquoted : unicode(0) "" +Quoted : unicode(2) "''" +array(1) { + [0]=> + array(1) { + ["t"]=> + NULL + } +} +Unquoted : unicode(1) "a" +Quoted : unicode(3) "'a'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(1) "a" + } +} +Unquoted : unicode(2) "ab" +Quoted : unicode(4) "'ab'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(2) "ab" + } +} +Unquoted : unicode(3) "abc" +Quoted : unicode(5) "'abc'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(3) "abc" + } +} +Unquoted : unicode(5) "ab'cd" +Quoted : unicode(8) "'ab''cd'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(5) "ab'cd" + } +} +Unquoted : unicode(4) "a\b +" +Quoted : unicode(6) "'a\b +'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(4) "a\b +" + } +} +Unquoted : unicode(1) "'" +Quoted : unicode(4) "''''" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(1) "'" + } +} +Unquoted : unicode(2) "''" +Quoted : unicode(6) "''''''" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(2) "''" + } +} +Unquoted : unicode(2) "a'" +Quoted : unicode(5) "'a'''" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(2) "a'" + } +} +Unquoted : unicode(2) "'z" +Quoted : unicode(5) "'''z'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(2) "'z" + } +} +Unquoted : unicode(4) "a''b" +Quoted : unicode(8) "'a''''b'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(4) "a''b" + } +} +Unquoted : unicode(1) """ +Quoted : unicode(3) "'"'" +array(1) { + [0]=> + array(1) { + ["t"]=> + unicode(1) """ + } +} +Done