The prepared statement emulator (pdo_sql_parser.*) figures out how to quote
each query parameter. The intended type is specified by the PDO::PARAM_*
consts, but this direction wasn't always followed. In practice, queries could
work as expected, but subtle errors could result. For example, a numeric string
bound as PDO::PARAM_INT would be sent to a driver's quote function. While these
functions are told which type is expected, they generally assume values are
being quoted as strings. This can result in implicit casts, which are bad for
performance.
This commit includes the following changes:
- Cast values marked as bool/int/null to the appropriate type and bypass the
driver's quote function.
- Save some memory by dropping the temporary zval used for casting.
- Avoid a memory leak if the driver's quote function produces an error.
- Appropriate test suite updates.
* PHP-5.6:
Fixed bug #71447 (Quotes inside comments not properly handled)
Fixed a few PDO tests to conform to PDO Common standards
news entry #69537Fix#69537: __debugInfo with empty string for key gives error
Conflicts:
Zend/zend_compile.c
* master: (41 commits)
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
NEWS
Fix Request #67453 Allow to unserialize empty data.
Update copyright year to 2014
Update copyright year for re2c generated files
Update copyright year to 2014
Update copyright year for re2c files as well
Fix patch for bug #67436
fix failed test
Fix test on modern distro where old unsecure algo are disabled in openssl config. Testing recent algo should be enough to check this function.
Added tests for bug 67436
Fixed wrong XFAIL test - already fixed
Fix typo in Bug #67406 NEWS entry
Fix typo in Bug #67406 NEWS entry
...
Conflicts:
Zend/zend_compile.c
ext/session/session.c
ext/standard/array.c
ext/standard/http_fopen_wrapper.c
tests/classes/bug63462.phpt
- Fixed bug #44251 (Question mark and an escaped singel quote lead to an exception)
- Fixed bug #41125 (PDO mysql + quote() + prepare() can result in seg fault)
Patch by: tsteiner at nerdclub dot net
