Merge pull request #5883 from derrabus/sa/pdo

derrabus · web-flow · commit 8ec4dd6fc679 · 2023-01-30T11:53:12.000+01:00
Make sure only PDO parameter types are passed to PDO methods
diff --git a/src/Driver/PDO/Connection.php b/src/Driver/PDO/Connection.php
@@ -80,7 +80,7 @@ public function query(string $sql): ResultInterface
      */
     public function quote($value, $type = ParameterType::STRING)
     {
-        return $this->connection->quote($value, $type);
+        return $this->connection->quote($value, ParameterTypeMap::convertParamType($type));
     }
 
     /**
diff --git a/src/Driver/PDO/ParameterTypeMap.php b/src/Driver/PDO/ParameterTypeMap.php
@@ -0,0 +1,47 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Doctrine\DBAL\Driver\PDO;
+
+use Doctrine\DBAL\Driver\Exception\UnknownParameterType;
+use Doctrine\DBAL\ParameterType;
+use PDO;
+
+/** @internal */
+final class ParameterTypeMap
+{
+    private const PARAM_TYPE_MAP = [
+        ParameterType::NULL => PDO::PARAM_NULL,
+        ParameterType::INTEGER => PDO::PARAM_INT,
+        ParameterType::STRING => PDO::PARAM_STR,
+        ParameterType::ASCII => PDO::PARAM_STR,
+        ParameterType::BINARY => PDO::PARAM_LOB,
+        ParameterType::LARGE_OBJECT => PDO::PARAM_LOB,
+        ParameterType::BOOLEAN => PDO::PARAM_BOOL,
+    ];
+
+    /**
+     * Converts DBAL parameter type to PDO parameter type
+     *
+     * @psalm-return PDO::PARAM_*
+     *
+     * @throws UnknownParameterType
+     */
+    public static function convertParamType(int $type): int
+    {
+        if (! isset(self::PARAM_TYPE_MAP[$type])) {
+            throw UnknownParameterType::new($type);
+        }
+
+        return self::PARAM_TYPE_MAP[$type];
+    }
+
+    private function __construct()
+    {
+    }
+
+    private function __clone()
+    {
+    }
+}
diff --git a/src/Driver/PDO/Result.php b/src/Driver/PDO/Result.php
@@ -91,7 +91,9 @@ public function free(): void
     }
 
     /**
-     * @return mixed|false
+     * @psalm-param PDO::FETCH_* $mode
+     *
+     * @return mixed
      *
      * @throws Exception
      */
@@ -105,6 +107,8 @@ private function fetch(int $mode)
     }
 
     /**
+     * @psalm-param PDO::FETCH_* $mode
+     *
      * @return list<mixed>
      *
      * @throws Exception
diff --git a/src/Driver/PDO/Statement.php b/src/Driver/PDO/Statement.php
@@ -2,13 +2,10 @@
 
 namespace Doctrine\DBAL\Driver\PDO;
 
-use Doctrine\DBAL\Driver\Exception as ExceptionInterface;
-use Doctrine\DBAL\Driver\Exception\UnknownParameterType;
 use Doctrine\DBAL\Driver\Result as ResultInterface;
 use Doctrine\DBAL\Driver\Statement as StatementInterface;
 use Doctrine\DBAL\ParameterType;
 use Doctrine\Deprecations\Deprecation;
-use PDO;
 use PDOException;
 use PDOStatement;
 
@@ -18,16 +15,6 @@
 
 final class Statement implements StatementInterface
 {
-    private const PARAM_TYPE_MAP = [
-        ParameterType::NULL => PDO::PARAM_NULL,
-        ParameterType::INTEGER => PDO::PARAM_INT,
-        ParameterType::STRING => PDO::PARAM_STR,
-        ParameterType::ASCII => PDO::PARAM_STR,
-        ParameterType::BINARY => PDO::PARAM_LOB,
-        ParameterType::LARGE_OBJECT => PDO::PARAM_LOB,
-        ParameterType::BOOLEAN => PDO::PARAM_BOOL,
-    ];
-
     private PDOStatement $stmt;
 
     /** @internal The statement can be only instantiated by its driver connection. */
@@ -50,10 +37,10 @@ public function bindValue($param, $value, $type = ParameterType::STRING)
             );
         }
 
-        $type = $this->convertParamType($type);
+        $pdoType = ParameterTypeMap::convertParamType($type);
 
         try {
-            return $this->stmt->bindValue($param, $value, $type);
+            return $this->stmt->bindValue($param, $value, $pdoType);
         } catch (PDOException $exception) {
             throw Exception::new($exception);
         }
@@ -101,13 +88,13 @@ public function bindParam(
             );
         }
 
-        $type = $this->convertParamType($type);
+        $pdoType = ParameterTypeMap::convertParamType($type);
 
         try {
             return $this->stmt->bindParam(
                 $param,
                 $variable,
-                $type,
+                $pdoType,
                 $length ?? 0,
                 ...array_slice(func_get_args(), 4),
             );
@@ -138,20 +125,4 @@ public function execute($params = null): ResultInterface
 
         return new Result($this->stmt);
     }
-
-    /**
-     * Converts DBAL parameter type to PDO parameter type
-     *
-     * @param int $type Parameter type
-     *
-     * @throws ExceptionInterface
-     */
-    private function convertParamType(int $type): int
-    {
-        if (! isset(self::PARAM_TYPE_MAP[$type])) {
-            throw UnknownParameterType::new($type);
-        }
-
-        return self::PARAM_TYPE_MAP[$type];
-    }
 }

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,7 @@ public function query(string $sql): ResultInterface`
`80`	`80`	`*/`
`81`	`81`	`public function quote($value, $type = ParameterType::STRING)`
`82`	`82`	`{`
`83`		`- return $this->connection->quote($value, $type);`
	`83`	`+ return $this->connection->quote($value, ParameterTypeMap::convertParamType($type));`
`84`	`84`	`}`
`85`	`85`
`86`	`86`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -91,7 +91,9 @@ public function free(): void`
`91`	`91`	`}`
`92`	`92`
`93`	`93`	`/**`
`94`		`- * @return mixed\|false`
	`94`	`+ * @psalm-param PDO::FETCH_* $mode`
	`95`	`+ *`
	`96`	`+ * @return mixed`
`95`	`97`	`*`
`96`	`98`	`* @throws Exception`
`97`	`99`	`*/`
`@@ -105,6 +107,8 @@ private function fetch(int $mode)`
`105`	`107`	`}`
`106`	`108`
`107`	`109`	`/**`
	`110`	`+ * @psalm-param PDO::FETCH_* $mode`
	`111`	`+ *`
`108`	`112`	`* @return list<mixed>`
`109`	`113`	`*`
`110`	`114`	`* @throws Exception`