25637286072

Committed 10 May 2026 07:09PM UTC coverage: 88.366% (-0.05%) from 88.418%

Build # 25637286072

Build Type

Pull #10182

github

Committed by

web-flow

Commit Message

Merge 4a0b49c91 into df9f13771

Pull Request Pull Request #10182: fix(database): classify prepared query exceptions

Coverage Stats

77 of 108 new or added lines in 9 files covered. (71.3%)

1 existing line in 1 file now uncovered.

23911 of 27059 relevant lines covered (88.37%)

218.09 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

74.36

/system/Database/MySQLi/PreparedQuery.php

<?php

declare(strict_types=1);

/**
 * This file is part of CodeIgniter 4 framework.
 *
 * (c) CodeIgniter Foundation <admin@codeigniter.com>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace CodeIgniter\Database\MySQLi;

use CodeIgniter\Database\BasePreparedQuery;
use CodeIgniter\Exceptions\BadMethodCallException;
use mysqli;
use mysqli_result;
use mysqli_sql_exception;
use mysqli_stmt;

/**
 * Prepared query for MySQLi
 *
 * @extends BasePreparedQuery<mysqli, mysqli_stmt, mysqli_result>
 */
class PreparedQuery extends BasePreparedQuery
{
    /**
     * Prepares the query against the database, and saves the connection
     * info necessary to execute the query later.
     *
     * NOTE: This version is based on SQL code. Child classes should
     * override this method.
     *
     * @param array $options Passed to the connection's prepare statement.
     *                       Unused in the MySQLi driver.
     */
    public function _prepare(string $sql, array $options = []): PreparedQuery
    {
        // Mysqli driver doesn't like statements
        // with terminating semicolons.
        $sql = rtrim($sql, ';');

        if (! $this->statement = $this->db->mysqli->prepare($sql)) {
            $this->errorCode   = $this->db->mysqli->errno;
            $this->errorString = $this->db->mysqli->error;

            if ($this->db->DBDebug) {
                throw $this->db->createDatabaseException($this->errorString, $this->errorCode);
            }
        }

        return $this;
    }

    /**
     * Takes a new set of data and runs it against the currently
     * prepared query. Upon success, will return a Results object.
     */
    public function _execute(array $data): bool
    {
        if (! isset($this->statement)) {
            throw new BadMethodCallException('You must call prepare before trying to execute a prepared statement.');
        }

        // First off - bind the parameters
        $bindTypes  = '';
        $binaryData = [];

        // Determine the type string
        foreach ($data as $key => $item) {
            if (is_int($item)) {
                $bindTypes .= 'i';
            } elseif (is_numeric($item)) {
                $bindTypes .= 'd';
            } elseif (is_string($item) && $this->isBinary($item)) {
                $bindTypes .= 'b';
                $binaryData[$key] = $item;
            } else {
                $bindTypes .= 's';
            }
        }

        // Bind it
        $this->statement->bind_param($bindTypes, ...$data);

        // Stream binary data
        foreach ($binaryData as $key => $value) {
            $this->statement->send_long_data($key, $value);
        }

        try {
            $result = $this->statement->execute();
        } catch (mysqli_sql_exception $e) {
            $this->errorCode         = $e->getCode();
            $this->errorString       = $e->getMessage();
            $this->databaseException = $this->db->createDatabaseException($this->errorString, $this->errorCode, $e);

            if ($this->db->DBDebug) {
                throw $this->databaseException;
            }

            return false;
        }

        if ($result === false) {
            $this->errorCode   = $this->statement->errno;
            $this->errorString = $this->statement->error;

            if ($this->db->DBDebug) {
                throw $this->db->createDatabaseException($this->errorString, $this->errorCode);
            }
        }

        return $result;
    }

    /**
     * Returns the result object for the prepared query or false on failure.
     *
     * @return false|mysqli_result
     */
    public function _getResult()
    {
        return $this->statement->get_result();
    }

    /**
     * Deallocate prepared statements.
     */
    protected function _close(): bool
    {
        return $this->statement->close();
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of CodeIgniter 4 framework.
7	*
8	* (c) CodeIgniter Foundation <admin@codeigniter.com>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace CodeIgniter\Database\MySQLi;
15
16	use CodeIgniter\Database\BasePreparedQuery;
17	use CodeIgniter\Exceptions\BadMethodCallException;
18	use mysqli;
19	use mysqli_result;
20	use mysqli_sql_exception;
21	use mysqli_stmt;
22
23	/**
24	* Prepared query for MySQLi
25	*
26	* @extends BasePreparedQuery<mysqli, mysqli_stmt, mysqli_result>
27	*/
28	class PreparedQuery extends BasePreparedQuery
29	{
30	/**
31	* Prepares the query against the database, and saves the connection
32	* info necessary to execute the query later.
33	*
34	* NOTE: This version is based on SQL code. Child classes should
35	* override this method.
36	*
37	* @param array $options Passed to the connection's prepare statement.
38	* Unused in the MySQLi driver.
39	*/
40	public function _prepare(string $sql, array $options = []): PreparedQuery
41	{
42	// Mysqli driver doesn't like statements
43	// with terminating semicolons.
44	$sql = rtrim($sql, ';');	15✔
45
46	if (! $this->statement = $this->db->mysqli->prepare($sql)) {	15✔
47	$this->errorCode = $this->db->mysqli->errno;	×
48	$this->errorString = $this->db->mysqli->error;	×
49
50	if ($this->db->DBDebug) {	×
NEW 51	throw $this->db->createDatabaseException($this->errorString, $this->errorCode);	×
52	}
53	}
54
55	return $this;	15✔
56	}
57
58	/**
59	* Takes a new set of data and runs it against the currently
60	* prepared query. Upon success, will return a Results object.
61	*/
62	public function _execute(array $data): bool
63	{
64	if (! isset($this->statement)) {	12✔
65	throw new BadMethodCallException('You must call prepare before trying to execute a prepared statement.');	1✔
66	}
67
68	// First off - bind the parameters
69	$bindTypes = '';	11✔
70	$binaryData = [];	11✔
71
72	// Determine the type string
73	foreach ($data as $key => $item) {	11✔
74	if (is_int($item)) {	11✔
75	$bindTypes .= 'i';	×
76	} elseif (is_numeric($item)) {	11✔
77	$bindTypes .= 'd';	×
78	} elseif (is_string($item) && $this->isBinary($item)) {	11✔
79	$bindTypes .= 'b';	1✔
80	$binaryData[$key] = $item;	1✔
81	} else {
82	$bindTypes .= 's';	10✔
83	}
84	}
85
86	// Bind it
87	$this->statement->bind_param($bindTypes, ...$data);	11✔
88
89	// Stream binary data
90	foreach ($binaryData as $key => $value) {	10✔
91	$this->statement->send_long_data($key, $value);	1✔
92	}
93
94	try {
95	$result = $this->statement->execute();	10✔
96	} catch (mysqli_sql_exception $e) {	4✔
97	$this->errorCode = $e->getCode();	4✔
98	$this->errorString = $e->getMessage();	4✔
99	$this->databaseException = $this->db->createDatabaseException($this->errorString, $this->errorCode, $e);	4✔
100
101	if ($this->db->DBDebug) {	4✔
102	throw $this->databaseException;	1✔
103	}
104
105	return false;	3✔
106	}
107
108	if ($result === false) {	10✔
NEW 109	$this->errorCode = $this->statement->errno;	×
NEW 110	$this->errorString = $this->statement->error;	×
111
NEW 112	if ($this->db->DBDebug) {	×
NEW 113	throw $this->db->createDatabaseException($this->errorString, $this->errorCode);	×
114	}
115	}
116
117	return $result;	10✔
118	}
119
120	/**
121	* Returns the result object for the prepared query or false on failure.
122	*
123	* @return false\|mysqli_result
124	*/
125	public function _getResult()
126	{
127	return $this->statement->get_result();	3✔
128	}
129
130	/**
131	* Deallocate prepared statements.
132	*/
133	protected function _close(): bool
134	{
135	return $this->statement->close();	15✔
136	}
137	}

codeigniter4 / CodeIgniter4 / 25637286072

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous