[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/pdo pdo_sql_parser.c pdo_sql_parser.re

Mon, 05 Mar 2007 16:53:09 -0800 

iliaa           Tue Mar  6 00:52:55 2007 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src/ext/pdo    pdo_sql_parser.c pdo_sql_parser.re 
    /php-src    NEWS 
  Log:
  
  Fixed bug #40417 (Allow multiple instances of the same named PDO token in
  prepared statement emulation code).
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/pdo/pdo_sql_parser.c?r1=1.35.2.6.2.10&r2=1.35.2.6.2.11&diff_format=u
Index: php-src/ext/pdo/pdo_sql_parser.c
diff -u php-src/ext/pdo/pdo_sql_parser.c:1.35.2.6.2.10 
php-src/ext/pdo/pdo_sql_parser.c:1.35.2.6.2.11
--- php-src/ext/pdo/pdo_sql_parser.c:1.35.2.6.2.10      Fri Feb  2 00:03:33 2007
+++ php-src/ext/pdo/pdo_sql_parser.c    Tue Mar  6 00:52:55 2007
@@ -1,4 +1,4 @@
-/* Generated by re2c 0.11.0 on Thu Feb  1 19:01:11 2007 */
+/* Generated by re2c 0.11.0 on Mon Mar  5 19:42:28 2007 */
 #line 1 "ext/pdo/pdo_sql_parser.re"
 /*
   +----------------------------------------------------------------------+
@@ -18,7 +18,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: pdo_sql_parser.c,v 1.35.2.6.2.10 2007/02/02 00:03:33 iliaa Exp $ */
+/* $Id: pdo_sql_parser.c,v 1.35.2.6.2.11 2007/03/06 00:52:55 iliaa Exp $ */
 
 #include "php.h"
 #include "php_pdo_driver.h"
@@ -280,13 +280,25 @@
        }
 
        if (params && bindno != zend_hash_num_elements(params) && 
stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
+               /* extra bit of validation for instances when same params are 
bound more then once */
+               if (query_type != PDO_PLACEHOLDER_POSITIONAL && bindno > 
zend_hash_num_elements(params)) {
+                       int ok = 1;
+                       for (plc = placeholders; plc; plc = plc->next) {
+                               if (zend_hash_find(params, plc->pos, plc->len, 
(void**) &param) == FAILURE) {
+                                       ok = 0;
+                                       break;
+                               }
+                       }
+                       if (ok) {
+                               goto safe;
+                       }
+               }
                pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "number of bound 
variables does not match number of tokens" TSRMLS_CC);
                ret = -1;
                goto clean_up;
        }
-
+safe:
        /* what are we going to do ? */
-       
        if (stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
                /* query generation */
 
http://cvs.php.net/viewvc.cgi/php-src/ext/pdo/pdo_sql_parser.re?r1=1.28.2.4.2.7&r2=1.28.2.4.2.8&diff_format=u
Index: php-src/ext/pdo/pdo_sql_parser.re
diff -u php-src/ext/pdo/pdo_sql_parser.re:1.28.2.4.2.7 
php-src/ext/pdo/pdo_sql_parser.re:1.28.2.4.2.8
--- php-src/ext/pdo/pdo_sql_parser.re:1.28.2.4.2.7      Thu Feb  1 00:12:39 2007
+++ php-src/ext/pdo/pdo_sql_parser.re   Tue Mar  6 00:52:55 2007
@@ -16,7 +16,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: pdo_sql_parser.re,v 1.28.2.4.2.7 2007/02/01 00:12:39 iliaa Exp $ */
+/* $Id: pdo_sql_parser.re,v 1.28.2.4.2.8 2007/03/06 00:52:55 iliaa Exp $ */
 
 #include "php.h"
 #include "php_pdo_driver.h"
@@ -155,13 +155,25 @@
        }
 
        if (params && bindno != zend_hash_num_elements(params) && 
stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
+               /* extra bit of validation for instances when same params are 
bound more then once */
+               if (query_type != PDO_PLACEHOLDER_POSITIONAL && bindno > 
zend_hash_num_elements(params)) {
+                       int ok = 1;
+                       for (plc = placeholders; plc; plc = plc->next) {
+                               if (zend_hash_find(params, plc->pos, plc->len, 
(void**) &param) == FAILURE) {
+                                       ok = 0;
+                                       break;
+                               }
+                       }
+                       if (ok) {
+                               goto safe;
+                       }
+               }
                pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "number of bound 
variables does not match number of tokens" TSRMLS_CC);
                ret = -1;
                goto clean_up;
        }
-
+safe:
        /* what are we going to do ? */
-       
        if (stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
                /* query generation */
 
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.574&r2=1.2027.2.547.2.575&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.574 php-src/NEWS:1.2027.2.547.2.575
--- php-src/NEWS:1.2027.2.547.2.574     Mon Mar  5 15:49:00 2007
+++ php-src/NEWS        Tue Mar  6 00:52:55 2007
@@ -52,6 +52,8 @@
 - Fixed bug #40451 (addAttribute() may crash when used with non-existent child 
   node). (Tony)
 - Fixed bug #40428 (imagepstext() doesn't accept optional parameter). (Pierre)
+- Fixed bug #40417 (Allow multiple instances of the same named PDO token in
+  prepared statement emulation code). (Ilia)
 - Fixed bug #40414 (possible endless fork() loop when running fastcgi).
   (Dmitry)
 - Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to