Firebird PDO preprocessing sql

[sim1984]

This patch fixes some problems with preprocessing SQL queries.

1. The new algorithm takes into account single-line and multi-line comments and ignores the ":" and "?" Parameter markers in them.
2. The algorithm allows the EXECUTE BLOCK statement to be processed correctly. For this statement, it is necessary to search for parameter markers between EXECUTE BLOCK and AS, the rest should be left as is.

These problems are also described in https://bugs.php.net/bug.php?id=64937

The code below clearly shows the problems described.

<?php

$sqls = [
    [
	[
	'sql' => '
select 1 as n
-- :f
from rdb$database 
where 1=:d and 2=:e /* and 3=:c */
',
    'params' => ['d' => 1, 'e' => 2]
	],

	[
	'sql' => '
execute block (a int = :e, b int = :d)
returns (n int)
as
declare z int;
begin
  select 10
  from rdb$database
  into :z;
  
  n = a + b + z;
  suspend;
end
',

    'params' => ['d' => 1, 'e' => 2]
	]	
];

try {
	$dsn = 'firebird:dbname=localhost:test';
	$user = 'SYSDBA';
	$password = 'masterkey';
	$att = new \PDO($dsn, $user, $password, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
	
	foreach($sqls as $info) {
	   $sql = $info['sql'];
	   $query = $att->prepare($sql);
	   $query->execute($info['params']);	
	
	
	   $rows = $query->fetchAll(\PDO::FETCH_OBJ);
	   $json = json_encode($rows, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT | JSON_THROW_ON_ERROR);
	   echo "<pre>$json</pre>";
	}
}
catch(\Throwable $e) {
	echo $e->getMessage() . '<br>';
	echo '<pre>' . $e->getTraceAsString() . '</pre>';
}

The SQL preprocessing code has been ported from Firebird to handle EXECUTE STATEMENT. See Statement::preprocess() and getToken() https://github.com/FirebirdSQL/firebird/blob/master/src/jrd/extds/ExtDS.cpp#L1928 to 2166

[sim1984]

Can’t anyone check this code? This is a very nasty mistake. It really prevents you from switching to pdo-firebird from ibase extension. As it turned out, the error also manifests itself in the {CREATE [OR ALTER] | ALTER} {PROCEDURE | FUNCTION | PACKAGE | TRIGGER} if they contain marked variables (and they are there at every step).

[madorin]

@cmb69 , @weltling Can you merge this request please?
It's a highly expected feature for Firebird developers.
Thanks!

[cmb69]

Thanks for the PR! It looks basically good to me, but I'm unsure regarding the ported code from the Firebird code base. The respective file is covered by the Initial Developer's Public License Version 1.0, and I'm not sure if we're allowed to use that ported code. Could someone please clarify?

[sim1984]

The source code has been significantly redesigned. The fact is that this piece of code was originally written in C ++. Here I had to rewrite it in C.

However, I will clarify this question with the Firebird developers.

[cmb69]

Any news here? PHP 8.0.0RC1 is going to be tagged in a week, and it would be good to merge this before that tag.

[sim1984]

You can read a discussion of this topic here.
https://www.mail-archive.com/[email protected]/msg19100.html

[cmb69]

https://www.mail-archive.com/[email protected]/msg19101.html# looks good enough to me. I'll merge this PR ASAP, if nobody beats me to it. Thanks again!

[cmb69]

Thank you very much, @sim1984!