|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
namespace Doctrine\DBAL; |
|
6
|
|
|
|
|
7
|
|
|
use const PREG_OFFSET_CAPTURE; |
|
8
|
|
|
use function array_fill; |
|
9
|
|
|
use function array_key_exists; |
|
10
|
|
|
use function array_merge; |
|
11
|
|
|
use function array_slice; |
|
12
|
|
|
use function array_values; |
|
13
|
|
|
use function count; |
|
14
|
|
|
use function implode; |
|
15
|
|
|
use function is_int; |
|
16
|
|
|
use function key; |
|
17
|
|
|
use function ksort; |
|
18
|
|
|
use function preg_match_all; |
|
19
|
|
|
use function sprintf; |
|
20
|
|
|
use function strlen; |
|
21
|
|
|
use function strpos; |
|
22
|
|
|
use function substr; |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* Utility class that parses sql statements with regard to types and parameters. |
|
26
|
|
|
*/ |
|
27
|
|
|
class SQLParserUtils |
|
28
|
|
|
{ |
|
29
|
|
|
private const POSITIONAL_TOKEN = '\?'; |
|
30
|
|
|
private const NAMED_TOKEN = '(?<!:):[a-zA-Z_][a-zA-Z0-9_]*'; |
|
31
|
|
|
|
|
32
|
|
|
// Quote characters within string literals can be preceded by a backslash. |
|
33
|
|
|
public const ESCAPED_SINGLE_QUOTED_TEXT = "(?:'(?:\\\\\\\\)+'|'(?:[^'\\\\]|\\\\'?|'')*')"; |
|
34
|
|
|
public const ESCAPED_DOUBLE_QUOTED_TEXT = '(?:"(?:\\\\\\\\)+"|"(?:[^"\\\\]|\\\\"?)*")'; |
|
35
|
|
|
public const ESCAPED_BACKTICK_QUOTED_TEXT = '(?:`(?:\\\\\\\\)+`|`(?:[^`\\\\]|\\\\`?)*`)'; |
|
36
|
|
|
private const ESCAPED_BRACKET_QUOTED_TEXT = '(?<!\b(?i:ARRAY))\[(?:[^\]])*\]'; |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* Returns a zero-indexed list of placeholder position. |
|
40
|
|
|
* |
|
41
|
|
|
* @return int[] |
|
42
|
|
|
*/ |
|
43
|
3846 |
|
private static function getPositionalPlaceholderPositions(string $statement) : array |
|
44
|
|
|
{ |
|
45
|
3846 |
|
return self::collectPlaceholders( |
|
46
|
|
|
$statement, |
|
47
|
3846 |
|
'?', |
|
48
|
3846 |
|
self::POSITIONAL_TOKEN, |
|
49
|
|
|
static function (string $_, int $placeholderPosition, int $fragmentPosition, array &$carry) : void { |
|
50
|
3846 |
|
$carry[] = $placeholderPosition + $fragmentPosition; |
|
51
|
3846 |
|
} |
|
52
|
|
|
); |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
/** |
|
56
|
|
|
* Returns a map of placeholder positions to their parameter names. |
|
57
|
|
|
* |
|
58
|
|
|
* @return string[] |
|
59
|
|
|
*/ |
|
60
|
3160 |
|
private static function getNamedPlaceholderPositions(string $statement) : array |
|
61
|
|
|
{ |
|
62
|
3160 |
|
return self::collectPlaceholders( |
|
63
|
|
|
$statement, |
|
64
|
3160 |
|
':', |
|
65
|
3160 |
|
self::NAMED_TOKEN, |
|
66
|
|
|
static function (string $placeholder, int $placeholderPosition, int $fragmentPosition, array &$carry) : void { |
|
67
|
3160 |
|
$carry[$placeholderPosition + $fragmentPosition] = substr($placeholder, 1); |
|
68
|
3160 |
|
} |
|
69
|
|
|
); |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
|
|
/** |
|
73
|
|
|
* @return mixed[] |
|
74
|
|
|
*/ |
|
75
|
3846 |
|
private static function collectPlaceholders(string $statement, string $match, string $token, callable $collector) : array |
|
76
|
|
|
{ |
|
77
|
3846 |
|
if (strpos($statement, $match) === false) { |
|
78
|
1633 |
|
return []; |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
3846 |
|
$carry = []; |
|
82
|
|
|
|
|
83
|
3846 |
|
foreach (self::getUnquotedStatementFragments($statement) as $fragment) { |
|
84
|
3846 |
|
preg_match_all('/' . $token . '/', $fragment[0], $matches, PREG_OFFSET_CAPTURE); |
|
85
|
3846 |
|
foreach ($matches[0] as $placeholder) { |
|
86
|
3846 |
|
$collector($placeholder[0], $placeholder[1], $fragment[1], $carry); |
|
87
|
|
|
} |
|
88
|
|
|
} |
|
89
|
|
|
|
|
90
|
3846 |
|
return $carry; |
|
91
|
|
|
} |
|
92
|
|
|
|
|
93
|
|
|
/** |
|
94
|
|
|
* For a positional query this method can rewrite the sql statement with regard to array parameters. |
|
95
|
|
|
* |
|
96
|
|
|
* @param string $query The SQL query to execute. |
|
97
|
|
|
* @param mixed[] $params The parameters to bind to the query. |
|
98
|
|
|
* @param int[]|string[] $types The types the previous parameters are in. |
|
99
|
|
|
* |
|
100
|
|
|
* @return mixed[] |
|
101
|
|
|
* |
|
102
|
|
|
* @throws SQLParserUtilsException |
|
103
|
|
|
*/ |
|
104
|
4388 |
|
public static function expandListParameters($query, $params, $types) |
|
105
|
|
|
{ |
|
106
|
4388 |
|
$isPositional = is_int(key($params)); |
|
107
|
4388 |
|
$arrayPositions = []; |
|
108
|
4388 |
|
$bindIndex = -1; |
|
109
|
|
|
|
|
110
|
4388 |
|
if ($isPositional) { |
|
111
|
4388 |
|
ksort($params); |
|
112
|
4388 |
|
ksort($types); |
|
113
|
|
|
} |
|
114
|
|
|
|
|
115
|
4388 |
|
foreach ($types as $name => $type) { |
|
116
|
4319 |
|
++$bindIndex; |
|
117
|
|
|
|
|
118
|
4319 |
|
if ($type !== Connection::PARAM_INT_ARRAY && $type !== Connection::PARAM_STR_ARRAY) { |
|
119
|
4319 |
|
continue; |
|
120
|
|
|
} |
|
121
|
|
|
|
|
122
|
3846 |
|
if ($isPositional) { |
|
123
|
3846 |
|
$name = $bindIndex; |
|
124
|
|
|
} |
|
125
|
|
|
|
|
126
|
3846 |
|
$arrayPositions[$name] = false; |
|
127
|
|
|
} |
|
128
|
|
|
|
|
129
|
4388 |
|
if (( ! $arrayPositions && $isPositional)) { |
|
130
|
4388 |
|
return [$query, $params, $types]; |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
3846 |
|
if ($isPositional) { |
|
134
|
3846 |
|
$paramOffset = 0; |
|
135
|
3846 |
|
$queryOffset = 0; |
|
136
|
3846 |
|
$params = array_values($params); |
|
137
|
3846 |
|
$types = array_values($types); |
|
138
|
|
|
|
|
139
|
3846 |
|
$paramPos = self::getPositionalPlaceholderPositions($query); |
|
140
|
|
|
|
|
141
|
3846 |
|
foreach ($paramPos as $needle => $needlePos) { |
|
142
|
3846 |
|
if (! isset($arrayPositions[$needle])) { |
|
143
|
805 |
|
continue; |
|
144
|
|
|
} |
|
145
|
|
|
|
|
146
|
3846 |
|
$needle += $paramOffset; |
|
147
|
3846 |
|
$needlePos += $queryOffset; |
|
148
|
3846 |
|
$count = count($params[$needle]); |
|
149
|
|
|
|
|
150
|
3846 |
|
$params = array_merge( |
|
151
|
3846 |
|
array_slice($params, 0, $needle), |
|
152
|
3846 |
|
$params[$needle], |
|
153
|
3846 |
|
array_slice($params, $needle + 1) |
|
154
|
|
|
); |
|
155
|
|
|
|
|
156
|
3846 |
|
$types = array_merge( |
|
157
|
3846 |
|
array_slice($types, 0, $needle), |
|
158
|
3846 |
|
$count ? |
|
159
|
|
|
// array needles are at {@link \Doctrine\DBAL\ParameterType} constants |
|
160
|
|
|
// + {@link Doctrine\DBAL\Connection::ARRAY_PARAM_OFFSET} |
|
161
|
3846 |
|
array_fill(0, $count, $types[$needle] - Connection::ARRAY_PARAM_OFFSET) : |
|
162
|
3846 |
|
[], |
|
163
|
3846 |
|
array_slice($types, $needle + 1) |
|
164
|
|
|
); |
|
165
|
|
|
|
|
166
|
3846 |
|
$expandStr = $count ? implode(', ', array_fill(0, $count, '?')) : 'NULL'; |
|
167
|
3846 |
|
$query = substr($query, 0, $needlePos) . $expandStr . substr($query, $needlePos + 1); |
|
168
|
|
|
|
|
169
|
3846 |
|
$paramOffset += ($count - 1); // Grows larger by number of parameters minus the replaced needle. |
|
170
|
3846 |
|
$queryOffset += (strlen($expandStr) - 1); |
|
171
|
|
|
} |
|
172
|
|
|
|
|
173
|
3846 |
|
return [$query, $params, $types]; |
|
174
|
|
|
} |
|
175
|
|
|
|
|
176
|
3160 |
|
$queryOffset = 0; |
|
177
|
3160 |
|
$typesOrd = []; |
|
178
|
3160 |
|
$paramsOrd = []; |
|
179
|
|
|
|
|
180
|
3160 |
|
$paramPos = self::getNamedPlaceholderPositions($query); |
|
181
|
|
|
|
|
182
|
3160 |
|
foreach ($paramPos as $pos => $paramName) { |
|
183
|
3160 |
|
$paramLen = strlen($paramName) + 1; |
|
184
|
3160 |
|
$value = static::extractParam($paramName, $params, true); |
|
185
|
|
|
|
|
186
|
3160 |
|
if (! isset($arrayPositions[$paramName]) && ! isset($arrayPositions[':' . $paramName])) { |
|
187
|
3160 |
|
$pos += $queryOffset; |
|
188
|
3160 |
|
$queryOffset -= ($paramLen - 1); |
|
189
|
3160 |
|
$paramsOrd[] = $value; |
|
190
|
3160 |
|
$typesOrd[] = static::extractParam($paramName, $types, false, ParameterType::STRING); |
|
191
|
3160 |
|
$query = substr($query, 0, $pos) . '?' . substr($query, ($pos + $paramLen)); |
|
192
|
|
|
|
|
193
|
3160 |
|
continue; |
|
194
|
|
|
} |
|
195
|
|
|
|
|
196
|
3160 |
|
$count = count($value); |
|
197
|
3160 |
|
$expandStr = $count > 0 ? implode(', ', array_fill(0, $count, '?')) : 'NULL'; |
|
198
|
|
|
|
|
199
|
3160 |
|
foreach ($value as $val) { |
|
200
|
3160 |
|
$paramsOrd[] = $val; |
|
201
|
3160 |
|
$typesOrd[] = static::extractParam($paramName, $types, false) - Connection::ARRAY_PARAM_OFFSET; |
|
202
|
|
|
} |
|
203
|
|
|
|
|
204
|
3160 |
|
$pos += $queryOffset; |
|
205
|
3160 |
|
$queryOffset += (strlen($expandStr) - $paramLen); |
|
206
|
3160 |
|
$query = substr($query, 0, $pos) . $expandStr . substr($query, ($pos + $paramLen)); |
|
207
|
|
|
} |
|
208
|
|
|
|
|
209
|
3160 |
|
return [$query, $paramsOrd, $typesOrd]; |
|
210
|
|
|
} |
|
211
|
|
|
|
|
212
|
|
|
/** |
|
213
|
|
|
* Slice the SQL statement around pairs of quotes and |
|
214
|
|
|
* return string fragments of SQL outside of quoted literals. |
|
215
|
|
|
* Each fragment is captured as a 2-element array: |
|
216
|
|
|
* |
|
217
|
|
|
* 0 => matched fragment string, |
|
218
|
|
|
* 1 => offset of fragment in $statement |
|
219
|
|
|
* |
|
220
|
|
|
* @param string $statement |
|
221
|
|
|
* |
|
222
|
|
|
* @return mixed[][] |
|
223
|
|
|
*/ |
|
224
|
3846 |
|
private static function getUnquotedStatementFragments($statement) |
|
225
|
|
|
{ |
|
226
|
3846 |
|
$literal = self::ESCAPED_SINGLE_QUOTED_TEXT . '|' . |
|
227
|
3846 |
|
self::ESCAPED_DOUBLE_QUOTED_TEXT . '|' . |
|
228
|
3846 |
|
self::ESCAPED_BACKTICK_QUOTED_TEXT . '|' . |
|
229
|
3846 |
|
self::ESCAPED_BRACKET_QUOTED_TEXT; |
|
230
|
3846 |
|
$expression = sprintf('/((.+(?i:ARRAY)\\[.+\\])|([^\'"`\\[]+))(?:%s)?/s', $literal); |
|
231
|
|
|
|
|
232
|
3846 |
|
preg_match_all($expression, $statement, $fragments, PREG_OFFSET_CAPTURE); |
|
233
|
|
|
|
|
234
|
3846 |
|
return $fragments[1]; |
|
235
|
|
|
} |
|
236
|
|
|
|
|
237
|
|
|
/** |
|
238
|
|
|
* @param string $paramName The name of the parameter (without a colon in front) |
|
239
|
|
|
* @param mixed $paramsOrTypes A hash of parameters or types |
|
240
|
|
|
* @param bool $isParam |
|
241
|
|
|
* @param mixed $defaultValue An optional default value. If omitted, an exception is thrown |
|
242
|
|
|
* |
|
243
|
|
|
* @return mixed |
|
244
|
|
|
* |
|
245
|
|
|
* @throws SQLParserUtilsException |
|
246
|
|
|
*/ |
|
247
|
3160 |
|
private static function extractParam($paramName, $paramsOrTypes, $isParam, $defaultValue = null) |
|
248
|
|
|
{ |
|
249
|
3160 |
|
if (array_key_exists($paramName, $paramsOrTypes)) { |
|
250
|
3160 |
|
return $paramsOrTypes[$paramName]; |
|
251
|
|
|
} |
|
252
|
|
|
|
|
253
|
|
|
// Hash keys can be prefixed with a colon for compatibility |
|
254
|
368 |
|
if (array_key_exists(':' . $paramName, $paramsOrTypes)) { |
|
255
|
322 |
|
return $paramsOrTypes[':' . $paramName]; |
|
256
|
|
|
} |
|
257
|
|
|
|
|
258
|
368 |
|
if ($defaultValue !== null) { |
|
259
|
368 |
|
return $defaultValue; |
|
260
|
|
|
} |
|
261
|
|
|
|
|
262
|
161 |
|
if ($isParam) { |
|
263
|
161 |
|
throw SQLParserUtilsException::missingParam($paramName); |
|
264
|
|
|
} |
|
265
|
|
|
|
|
266
|
|
|
throw SQLParserUtilsException::missingType($paramName); |
|
267
|
|
|
} |
|
268
|
|
|
} |
|
269
|
|
|
|
Majkl578 /
doctrine-dbal
