/** * @covers Zend\Db\Adapter\Platform\Mysql::quoteTrustedValue */ public function testQuoteTrustedValue() { $this->assertEquals("'value'", $this->platform->quoteTrustedValue('value')); $this->assertEquals("'Foo O\\'Bar'", $this->platform->quoteTrustedValue("Foo O'Bar")); $this->assertEquals('\'\\\'; DELETE FROM some_table; -- \'', $this->platform->quoteTrustedValue('\'; DELETE FROM some_table; -- ')); // '\\\'; DELETE FROM some_table; -- ' <- actual below $this->assertEquals("'\\\\\\'; DELETE FROM some_table; -- '", $this->platform->quoteTrustedValue('\\\'; DELETE FROM some_table; -- ')); }
/** * Quotes trusted value * * The ability to quote values without notices * * @param $value * @return string */ public function quoteTrustedValue($value) { if (is_int($value)) { return (string) $value; } elseif (is_float($value)) { return $this->floatConversion ? $this->toFloatSinglePrecision($value) : (string) $value; } elseif (is_null($value)) { return 'NULL'; // Not supported by SphinxQL, but included for consistency with prepared statement behavior } return parent::quoteTrustedValue($value); }