12470250846

Committed 23 Dec 2024 04:59PM UTC coverage: 84.424% (+0.02%) from 84.404%

Build # 12470250846

Build Type

Pull #9337

github

Committed by

web-flow

Commit Message

Merge ab919366a into cc1b8f285

Pull Request Pull Request #9337: fix: handling binary data for prepared statement

Run Details

37 of 37 new or added lines in 9 files covered. (100.0%)

2 existing lines in 1 file now uncovered.

20434 of 24204 relevant lines covered (84.42%)

189.68 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

82.14

/system/Database/OCI8/PreparedQuery.php

<?php

declare(strict_types=1);

/**
 * This file is part of CodeIgniter 4 framework.
 *
 * (c) CodeIgniter Foundation <admin@codeigniter.com>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace CodeIgniter\Database\OCI8;

use BadMethodCallException;
use CodeIgniter\Database\BasePreparedQuery;
use CodeIgniter\Database\Exceptions\DatabaseException;

/**
 * Prepared query for OCI8
 *
 * @extends BasePreparedQuery<resource, resource, resource>
 */
class PreparedQuery extends BasePreparedQuery
{
    /**
     * A reference to the db connection to use.
     *
     * @var Connection
     */
    protected $db;

    /**
     * Latest inserted table name.
     */
    private ?string $lastInsertTableName = null;

    /**
     * Prepares the query against the database, and saves the connection
     * info necessary to execute the query later.
     *
     * NOTE: This version is based on SQL code. Child classes should
     * override this method.
     *
     * @param array $options Passed to the connection's prepare statement.
     *                       Unused in the OCI8 driver.
     */
    public function _prepare(string $sql, array $options = []): PreparedQuery
    {
        if (! $this->statement = oci_parse($this->db->connID, $this->parameterize($sql))) {
            $error             = oci_error($this->db->connID);
            $this->errorCode   = $error['code'] ?? 0;
            $this->errorString = $error['message'] ?? '';

            if ($this->db->DBDebug) {
                throw new DatabaseException($this->errorString . ' code: ' . $this->errorCode);
            }
        }

        $this->lastInsertTableName = $this->db->parseInsertTableName($sql);

        return $this;
    }

    /**
     * Takes a new set of data and runs it against the currently
     * prepared query. Upon success, will return a Results object.
     */
    public function _execute(array $data): bool
    {
        if (! isset($this->statement)) {
            throw new BadMethodCallException('You must call prepare before trying to execute a prepared statement.');
        }

        foreach (array_keys($data) as $key) {
            if (is_string($data[$key]) && $this->isBinary($data[$key])) {
                $binaryData = oci_new_descriptor($this->db->connID, OCI_D_LOB);
                $binaryData->writeTemporary($data[$key], OCI_TEMP_BLOB);
                oci_bind_by_name($this->statement, ':' . $key, $binaryData, -1, OCI_B_BLOB);
            } else {
                oci_bind_by_name($this->statement, ':' . $key, $data[$key]);
            }
        }

        $result = oci_execute($this->statement, $this->db->commitMode);

        if (isset($binaryData)) {
            $binaryData->free();
        }

        if ($result && $this->lastInsertTableName !== '') {
            $this->db->lastInsertedTableName = $this->lastInsertTableName;
        }

        return $result;
    }

    /**
     * Returns the statement resource for the prepared query or false when preparing failed.
     *
     * @return resource|null
     */
    public function _getResult()
    {
        return $this->statement;
    }

    /**
     * Deallocate prepared statements.
     */
    protected function _close(): bool
    {
        return oci_free_statement($this->statement);
    }

    /**
     * Replaces the ? placeholders with :0, :1, etc parameters for use
     * within the prepared query.
     */
    public function parameterize(string $sql): string
    {
        // Track our current value
        $count = 0;

        return preg_replace_callback('/\?/', static function ($matches) use (&$count): string {
            return ':' . ($count++);
        }, $sql);
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of CodeIgniter 4 framework.
7	*
8	* (c) CodeIgniter Foundation <admin@codeigniter.com>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace CodeIgniter\Database\OCI8;
15
16	use BadMethodCallException;
17	use CodeIgniter\Database\BasePreparedQuery;
18	use CodeIgniter\Database\Exceptions\DatabaseException;
19
20	/**
21	* Prepared query for OCI8
22	*
23	* @extends BasePreparedQuery<resource, resource, resource>
24	*/
25	class PreparedQuery extends BasePreparedQuery
26	{
27	/**
28	* A reference to the db connection to use.
29	*
30	* @var Connection
31	*/
32	protected $db;
33
34	/**
35	* Latest inserted table name.
36	*/
37	private ?string $lastInsertTableName = null;
38
39	/**
40	* Prepares the query against the database, and saves the connection
41	* info necessary to execute the query later.
42	*
43	* NOTE: This version is based on SQL code. Child classes should
44	* override this method.
45	*
46	* @param array $options Passed to the connection's prepare statement.
47	* Unused in the OCI8 driver.
48	*/
49	public function _prepare(string $sql, array $options = []): PreparedQuery
50	{
51	if (! $this->statement = oci_parse($this->db->connID, $this->parameterize($sql))) {	13✔
UNCOV 52	$error = oci_error($this->db->connID);	×
53	$this->errorCode = $error['code'] ?? 0;	×
54	$this->errorString = $error['message'] ?? '';	×
55
UNCOV 56	if ($this->db->DBDebug) {	×
57	throw new DatabaseException($this->errorString . ' code: ' . $this->errorCode);	×
58	}
59	}
60
61	$this->lastInsertTableName = $this->db->parseInsertTableName($sql);	13✔
62
63	return $this;	13✔
64	}
65
66	/**
67	* Takes a new set of data and runs it against the currently
68	* prepared query. Upon success, will return a Results object.
69	*/
70	public function _execute(array $data): bool
71	{
72	if (! isset($this->statement)) {	10✔
73	throw new BadMethodCallException('You must call prepare before trying to execute a prepared statement.');	1✔
74	}
75
76	foreach (array_keys($data) as $key) {	9✔
77	if (is_string($data[$key]) && $this->isBinary($data[$key])) {	9✔
78	$binaryData = oci_new_descriptor($this->db->connID, OCI_D_LOB);	1✔
79	$binaryData->writeTemporary($data[$key], OCI_TEMP_BLOB);	1✔
80	oci_bind_by_name($this->statement, ':' . $key, $binaryData, -1, OCI_B_BLOB);	1✔
81	} else {
82	oci_bind_by_name($this->statement, ':' . $key, $data[$key]);	8✔
83	}
84	}
85
86	$result = oci_execute($this->statement, $this->db->commitMode);	8✔
87
88	if (isset($binaryData)) {	8✔
89	$binaryData->free();	1✔
90	}
91
92	if ($result && $this->lastInsertTableName !== '') {	8✔
93	$this->db->lastInsertedTableName = $this->lastInsertTableName;	6✔
94	}
95
96	return $result;	8✔
97	}
98
99	/**
100	* Returns the statement resource for the prepared query or false when preparing failed.
101	*
102	* @return resource\|null
103	*/
104	public function _getResult()
105	{
106	return $this->statement;	2✔
107	}
108
109	/**
110	* Deallocate prepared statements.
111	*/
112	protected function _close(): bool
113	{
114	return oci_free_statement($this->statement);	12✔
115	}
116
117	/**
118	* Replaces the ? placeholders with :0, :1, etc parameters for use
119	* within the prepared query.
120	*/
121	public function parameterize(string $sql): string
122	{
123	// Track our current value
124	$count = 0;	13✔
125
126	return preg_replace_callback('/\?/', static function ($matches) use (&$count): string {	13✔
127	return ':' . ($count++);	13✔
128	}, $sql);	13✔
129	}
130	}

codeigniter4 / CodeIgniter4 / 12470250846

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous