/** * Prepares SQL query by moving to bind all special parameters that can be confused with bind placeholders * (e.g. "foo:bar"). And also changes named bind to positional one, because underlying library has problems * with named binds. * * @param Zend_Db_Select|string $sql * @param mixed $bind * @return Varien_Db_Adapter_Pdo_Mysql */ protected function _prepareQuery(&$sql, &$bind = array()) { $sql = (string) $sql; if (!is_array($bind)) { $bind = array($bind); } // Mixed bind is not supported - so remember whether it is named bind, to normalize later if required $isNamedBind = false; if ($bind) { foreach ($bind as $k => $v) { if (!is_int($k)) { $isNamedBind = true; if ($k[0] != ':') { $bind[":{$k}"] = $v; unset($bind[$k]); } } } } if (strpos($sql, ':') !== false || strpos($sql, '?') !== false) { $before = count($bind); $this->_bindParams = $bind; // Used by callback $sql = preg_replace_callback('#(([\'"])((\\2)|((.*?[^\\\\])\\2)))#', array($this, 'proccessBindCallback'), $sql); Varien_Exception::processPcreError(); $bind = $this->_bindParams; // If _processBindCallbacks() has added named entries to positional bind - normalize it to positional if (!$isNamedBind && $before && count($bind) != $before) { $this->_convertMixedBind($sql, $bind); } } // Special query hook if ($this->_queryHook) { $object = $this->_queryHook['object']; $method = $this->_queryHook['method']; $object->{$method}($sql, $bind); } return $this; }
/** * Special handling for PDO query(). * All bind parameter names must begin with ':' * * @param string|Zend_Db_Select $sql The SQL statement with placeholders. * @param array $bind An array of data to bind to the placeholders. * @return Zend_Db_Pdo_Statement * @throws Zend_Db_Adapter_Exception To re-throw PDOException. */ public function query($sql, $bind = array()) { $this->_debugTimer(); try { $sql = (string) $sql; if (strpos($sql, ':') !== false || strpos($sql, '?') !== false) { $this->_bindParams = $bind; $sql = preg_replace_callback('#(([\'"])((\\2)|((.*?[^\\\\])\\2)))#', array($this, 'proccessBindCallback'), $sql); Varien_Exception::processPcreError(); $bind = $this->_bindParams; } $result = parent::query($sql, $bind); } catch (Exception $e) { $this->_debugStat(self::DEBUG_QUERY, $sql, $bind); $this->_debugException($e); } $this->_debugStat(self::DEBUG_QUERY, $sql, $bind, $result); return $result; }