This adds error checks for escape function is pgsql and pdo_pgsql
extensions. It prevents possibility of storing not properly escaped
data which could potentially lead to some security issues.
This adds error checks for escape function is pgsql and pdo_pgsql
extensions. It prevents possibility of storing not properly escaped
data which could potentially lead to some security issues.
up to postgresql 17, when done with a prepared statement, we could
release it with DEALLOCATE sql command which is fine ; until we want
to implement a cache solution based on statement ids.
Since PostgreSQL 17, PQclosePrepared uses internally the `close` protocol
allowing to reuse the statement name while still freeing it.
Since the close protocol implementation had been added on libpq within
this release, no way to reimplement it.
close GH-14584
simplifying the workflow by just using PQreset which force a new
connection internally, connection process ids ought to be different,
and let the existing checks do the rest.
* Include from build dir first
This fixes out of tree builds by ensuring that configure artifacts are included
from the build dir.
Before, out of tree builds would preferably include files from the src dir, as
the include path was defined as follows (ignoring includes from ext/ and sapi/) :
-I$(top_builddir)/main
-I$(top_srcdir)
-I$(top_builddir)/TSRM
-I$(top_builddir)/Zend
-I$(top_srcdir)/main
-I$(top_srcdir)/Zend
-I$(top_srcdir)/TSRM
-I$(top_builddir)/
As a result, an out of tree build would include configure artifacts such as
`main/php_config.h` from the src dir.
After this change, the include path is defined as follows:
-I$(top_builddir)/main
-I$(top_builddir)
-I$(top_srcdir)/main
-I$(top_srcdir)
-I$(top_builddir)/TSRM
-I$(top_builddir)/Zend
-I$(top_srcdir)/Zend
-I$(top_srcdir)/TSRM
* Fix extension include path for out of tree builds
* Include config.h with the brackets form
`#include "config.h"` searches in the directory containing the including-file
before any other include path. This can include the wrong config.h when building
out of tree and a config.h exists in the source tree.
Using `#include <config.h>` uses exclusively the include path, and gives
priority to the build dir.
This bumps the libpq client-side PostgreSQL library minimum required
version from 9.1 to 10.0.
- Sanity check: PQlibVersion -> PQencryptPasswordConn (available since
libpq 10.0)
- PQsetErrorContextVisibility (available since libpq 9.6)
- lo_truncate64 (available since libpq 9.3), if 32-bit system doesn't
support lo_*64 functions, error is returned and functions are always
available
Additionally, the conditional functions usages in pdo_pgsql and pgsql
extensions that got piled up are cleaned and synced:
- pg_prepare (PQprepare available since libpq 7.4)
- pg_query_params (PQexecParams available since libpq 7.4)
- pg_result_error_field (PQresultErrorField available since libpq 7.4)
- pg_send_prepare (PQsendPrepare available since libpq 7.4)
- pg_send_query_params (PQsendQueryParams available since libpq 7.4)
- pg_set_error_verbosity (PQsetErrorVerbosity available since libpq 7.4)
- pg_transaction_status (PQtransactionStatus available since libpq 7.4)
The Windows libpq version is currently at version 11.4:
https://github.com/winlibs/postgresql
Discussion: https://news-web.php.net/php.internals/123609
Follow-up of GH-14540
The pg_encoding_to_char is available in PostgreSQL since ~7.3 where also
the --enable-multibyte option was removed. PHP minimum PostgreSQL
version at this point is 9.1, which also has the pg_encoding_to_char
declaration in libpq-fe.h.
This removes conditional usage and the HAVE_PGSQL_WITH_MULTIBYTE_SUPPORT
symbol.
The PG_VERSION_NUM is not available in intended public PostgreSQL
headers unless the pg_config.h is included or the PostgreSQL server
development headers are installed separately. This instead resorts to
checking for the PGVerbosity enum value. The PQERRORS_SQLSTATE was added
to PostgreSQL 12.0. At the time of writing, on Windows, PostgreSQL is at 11.4 so
it is not defined there yet.
Using PQSocketPoll to poll on a connection's socket.
Returns immediatly is there no event expected on read and write.
Other than that, it is a thin wrapper on top of poll, thus reflecting
its return value.
close GH-14366
pg_put_copy_data allows to send COPY commands to the server.
pg_put_copy_end signals the end of the n commands.
Both return 3 states ; 1, 0 and -1 when 1 is success, 0 the buffer queue
is full then -1 for errors.
Close GH-14325
