rfc:debugging_pdo_prepared_statement_emulation
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
rfc:debugging_pdo_prepared_statement_emulation [2016/10/17 19:16] – created adambaratz | rfc:debugging_pdo_prepared_statement_emulation [2016/11/16 23:03] – fix formatting around discussion links adambaratz | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== PHP RFC: Debugging PDO Prepared Statement Emulation ====== | ====== PHP RFC: Debugging PDO Prepared Statement Emulation ====== | ||
- | * Version: 0.1 | + | * Version: 0.4 |
* Date: 2016-10-17 | * Date: 2016-10-17 | ||
* Author: Adam Baratz adambaratz@php.net | * Author: Adam Baratz adambaratz@php.net | ||
- | * Status: | + | * Status: |
* First Published at: https:// | * First Published at: https:// | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | PDO is built on the concept of prepared statements. It expects individual database drivers to manage statement execution, but also allows prepared statements to be emulated. Emulation means that the pdo extension, using no third-party code, generates a query string for literal execution by the driver. It identifies parameters within the statement string and interpolates escaped values. | + | PDO is built on the concept of prepared statements. It expects individual database drivers to manage statement execution, but also allows prepared statements to be emulated. Emulation means that the pdo extension, using no third-party code, generates a query string for literal execution by the driver. It identifies parameters within the statement string and interpolates escaped values. |
- | ===== Proposal ===== | + | If you're a PHP developer, this can add time to the development process. Depending on the environment, |
- | People who use emulated | + | |
- | ==== Consistency Between Prepared Statement Emulation And PDO:: | + | If you're a PHP internals developer, this prevents you from writing good .phpt tests against pdo_sql_parser.re. Without being able to inspect the raw query string, you can only test the effects of the queries it generates. For example, you might want to verify an int is quoted as 1 and not '1'. A database might cast the string |
- | The piece of functionality that usually needs to be debugged is how values are escaped. There is already a method, '' | + | |
- | <code php> | + | ===== Proposal ===== |
- | $db = new PDO(...); | + | People who use emulated prepared statements |
- | + | ||
- | $stmt = $db-> | + | |
- | $stmt-> | + | |
- | $stmt-> | + | |
- | + | ||
- | $stmt = $db-> | + | |
- | $stmt-> | + | |
- | </ | + | |
- | + | ||
- | I say typically, because the behavior of PDO:: | + | |
- | + | ||
- | Currently, the prepared statement emulator escapes values like [[https:// | + | |
- | * Bool, int, and null values are handled | + | |
- | * Other values have their zvals cast to a string, which is passed to the driver' | + | |
- | + | ||
- | This logic could be moved to a common | + | |
- | + | ||
- | This approach doesn' | + | |
- | + | ||
- | ==== PDO:: | + | |
- | Since prepared statements are only mandatory for pdo_dblib, a driver-specific attribute could produce | + | |
<code php> | <code php> | ||
- | $db = new PDO(...); | + | /* Execute a prepared statement by binding PHP variables */ |
+ | $calories | ||
+ | $colour = ' | ||
- | // works with statements without bound values | + | $sth = $dbh->prepare(' |
- | $stmt = $db->query(' | + | FROM fruit |
- | var_dump($stmt->getAttribute(PDO::DBLIB_ATTR_ACTIVE_QUERY_STRING)); // => string(8) " | + | WHERE calories < ? AND colour = ?'); |
+ | $sth-> | ||
+ | $sth->bindValue(2, $colour, | ||
+ | $sth->execute(); | ||
- | $stmt = $db->prepare(' | + | $sth->debugDumpParams(); |
- | $stmt-> | + | |
- | // returns unparsed query before execution | + | /* |
- | var_dump($stmt-> | + | |
- | // returns parsed query after execution | + | Output: |
- | $stmt-> | + | |
- | var_dump($stmt-> | + | |
- | </ | + | |
- | + | ||
- | Since this would be a debug tool, the attribute shouldn' | + | |
- | + | ||
- | This is a slightly awkward use of an attribute -- the existing debug hook, '' | + | |
- | + | ||
- | ==== PDOStatement:: | + | |
- | Similar to the above, but as an API addition: | + | |
- | + | ||
- | <code php> | + | |
- | $db = new PDO(...); | + | |
- | + | ||
- | // works with statements without bound values | + | |
- | $stmt = $db-> | + | |
- | var_dump($stmt-> | + | |
- | + | ||
- | $stmt = $db-> | + | |
- | $stmt-> | + | |
- | // returns unparsed query before execution | + | SQL: [82] SELECT name, colour, calories |
- | var_dump($stmt-> | + | FROM fruit |
+ | WHERE calories < ? AND colour | ||
+ | Parsed SQL: [88] SELECT | ||
+ | FROM fruit | ||
+ | WHERE calories < 150 AND colour = ' | ||
+ | Params: 2 | ||
+ | Key: Position #0: | ||
+ | paramno=0 | ||
+ | name=[0] | ||
+ | is_param=1 | ||
+ | param_type=1 | ||
+ | Key: Position #1: | ||
+ | paramno=1 | ||
+ | name=[0] "" | ||
+ | is_param=1 | ||
+ | param_type=2 | ||
- | // returns parsed query after execution | + | */ |
- | $stmt-> | + | |
- | var_dump($stmt-> | + | |
</ | </ | ||
- | This feels like the least disruptive solution to this problem. | + | The " |
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
- | The first proposal could introduce functionality changes, but they would be in the interest of more consistent behavior across PDO. | + | N/A |
===== Proposed PHP Version(s) ===== | ===== Proposed PHP Version(s) ===== | ||
Next PHP 7.x. | Next PHP 7.x. | ||
- | |||
- | ===== RFC Impact ===== | ||
- | The second proposal would introduce a new constant. | ||
===== Future Scope ===== | ===== Future Scope ===== | ||
- | It's been suggested that PDO shouldn' | + | It's been suggested that PDO shouldn' |
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== | ||
This project requires a 50%+1 majority. | This project requires a 50%+1 majority. | ||
- | ===== Patches and Tests ===== | + | <doodle title=" |
- | A working implementation, | + | * Yes |
- | + | * No | |
- | If one of the other proposals is accepted, I could do the implementation myself. | + | </ |
===== References ===== | ===== References ===== | ||
- | Initial discussion of this proposal on the internals mailing list: http:// | + | Initial discussion of this proposal on the internals mailing list: |
+ | * http:// | ||
+ | * http:// | ||
+ | * http:// |
rfc/debugging_pdo_prepared_statement_emulation.txt · Last modified: 2018/03/01 23:27 by carusogabriel