Check for floats and enable native prepares

[friendica.git] / include / dba.php

diff --git a/include/dba.php b/include/dba.php
index c0617af8e83524b74b7298ded87bbe68faac0c4d..847d1f0b5f6e192b49a0349ac17fc82465c38ce1 100644 (file)
--- a/include/dba.php
+++ b/include/dba.php
@@ -76,6 +76,8 @@ class dba {
                        }
                        try {
                                self::$db = @new PDO($connect, $user, $pass);
+                               self::$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
+                               self::$db->setAttribute(PDO::ATTR_STRINGIFY_FETCHES, false);
                                self::$connected = true;
                        } catch (PDOException $e) {
                        }
@@ -171,7 +173,7 @@ class dba {
         */
        public static function database_name() {
                $ret = self::p("SELECT DATABASE() AS `db`");
-                $data = self::inArray($ret);
+               $data = self::inArray($ret);
                return $data[0]['db'];
        }
 
@@ -427,7 +429,12 @@ class dba {
                                }
 
                                foreach ($args AS $param => $value) {
-                                       $stmt->bindParam($param, $args[$param]);
+                                       if (is_int($args[$param])) {
+                                               $data_type = PDO::PARAM_INT;
+                                       } else {
+                                               $data_type = PDO::PARAM_STR;
+                                       }
+                                       $stmt->bindParam($param, $args[$param], $data_type);
                                }
 
                                if (!$stmt->execute()) {
@@ -1291,6 +1298,39 @@ class dba {
                                                $condition_string .= " AND ";
                                        }
                                        if (is_array($value)) {
+                                               // Check if there are integer values in the parameters
+                                               $is_int = false;
+                                               $is_float = false;
+                                               $is_alpha = false;
+                                               foreach ($value as $single_value) {
+                                                       if (is_int($single_value)) {
+                                                               $is_int = true;
+                                                       }
+
+                                                       // To prevent to round floats we look for them
+                                                       if (is_float($single_value)) {
+                                                               $is_float = true;
+                                                       }
+
+                                                       // Is any non numeric value present?
+                                                       if (!is_numeric($single_value)) {
+                                                               $is_alpha = true;
+                                                       }
+                                               }
+
+                                               // Cast them all in an unique method
+                                               if ($is_int) {
+                                                       $casted = [];
+                                                       foreach ($value as $single_value) {
+                                                               if (!$is_alpha && !$is_float) {
+                                                                       $casted[] = (int)$single_value;
+                                                               } else {
+                                                                       $casted[] = (string)$single_value;
+                                                               }
+                                                       }
+                                                       $value = $casted;
+                                               }
+
                                                $new_values = array_merge($new_values, array_values($value));
                                                $placeholders = substr(str_repeat("?, ", count($value)), 0, -2);
                                                $condition_string .= "`" . $field . "` IN (" . $placeholders . ")";