/** * Escapes the supplied value. * * @param mixed $value * @param string $type (one of 'i', 'b', 's', 'd') * * @return array 0 => "$value" escaped and 1 => "$valueForSqlWithBoundParameters" for insertion into the interpolated * query string */ private function _prepareValue(&$value, $type) { /** @noinspection ReferenceMismatchInspection */ $value = $this->_db->escape($value); if ('s' === $type) { $valueForSqlWithBoundParameters = "'" . $value . "'"; } else { $valueForSqlWithBoundParameters = $value; } return array($value, $valueForSqlWithBoundParameters); }
public function testUtf8Query() { $sql = "INSERT INTO " . $this->tableName . "\n SET\n page_template = '" . $this->db->escape(UTF8::urldecode('D%26%23xFC%3Bsseldorf')) . "',\n page_type = '" . UTF8::urldecode('Düsseldorf') . "'\n "; $return = $this->db->execSQL($sql); self::assertEquals(true, is_int($return)); self::assertEquals(true, $return > 0); $data = $this->db->select($this->tableName, 'page_id=' . (int) $return); $dataArray = $data->fetchArray(); self::assertEquals('Düsseldorf', $dataArray['page_template']); self::assertEquals('Düsseldorf', $dataArray['page_type']); }
/** * Custom write() function * * @param string $session_id * @param string $session_data * * @return bool|string */ public function write($session_id, $session_data) { $hash = md5(($this->lock_to_user_agent && isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '') . ($this->lock_to_ip && isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '') . $this->security_code); /* @noinspection PhpWrongStringConcatenationInspection */ $query = 'INSERT INTO ' . $this->table_name . "\n (\n session_id,\n hash,\n session_data,\n session_expire\n )\n VALUES\n (\n '" . $this->db->escape($session_id) . "',\n '" . $this->db->escape($hash) . "',\n '" . $this->db->escape($session_data) . "',\n '" . $this->db->escape(time() + $this->session_lifetime) . "'\n )\n ON DUPLICATE KEY UPDATE\n session_data = '" . $this->db->escape($session_data) . "',\n session_expire = '" . $this->db->escape(time() + $this->session_lifetime) . "'\n "; // insert OR update session's data $result = $this->db->query($query); if ($result !== false) { return true; } else { return false; } }