rfc:debugging_pdo_prepared_statement_emulation
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
rfc:debugging_pdo_prepared_statement_emulation [2016/10/17 19:16] – created adambaratz | rfc:debugging_pdo_prepared_statement_emulation [2016/11/17 16:27] – old revision restored (2016/11/15 23:48) adambaratz | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== PHP RFC: Debugging PDO Prepared Statement Emulation ====== | ====== PHP RFC: Debugging PDO Prepared Statement Emulation ====== | ||
- | * Version: 0.1 | + | * Version: 0.3 |
* Date: 2016-10-17 | * Date: 2016-10-17 | ||
* Author: Adam Baratz adambaratz@php.net | * Author: Adam Baratz adambaratz@php.net | ||
- | * Status: | + | * Status: |
* First Published at: https:// | * First Published at: https:// | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | PDO is built on the concept of prepared statements. It expects individual database drivers to manage statement execution, but also allows prepared statements to be emulated. Emulation means that the pdo extension, using no third-party code, generates a query string for literal execution by the driver. It identifies parameters within the statement string and interpolates escaped values. | + | PDO is built on the concept of prepared statements. It expects individual database drivers to manage statement execution, but also allows prepared statements to be emulated. Emulation means that the pdo extension, using no third-party code, generates a query string for literal execution by the driver. It identifies parameters within the statement string and interpolates escaped values. |
- | ===== Proposal ===== | + | If you're a PHP developer, this can add time to the development process. Depending on the environment, |
- | People who use emulated | + | |
- | ==== Consistency Between Prepared Statement Emulation And PDO:: | + | If you're a PHP internals developer, this prevents you from writing good .phpt tests against pdo_sql_parser.re. Without being able to inspect the raw query string, you can only test the effects of the queries it generates. For example, you might want to verify an int is quoted as 1 and not '1'. A database might cast the string |
- | The piece of functionality that usually needs to be debugged is how values are escaped. There is already a method, '' | + | |
- | <code php> | + | ===== Proposal ===== |
- | $db = new PDO(...); | + | People who use emulated prepared statements |
- | + | ||
- | $stmt = $db-> | + | |
- | $stmt-> | + | |
- | $stmt-> | + | |
- | + | ||
- | $stmt = $db-> | + | |
- | $stmt-> | + | |
- | </ | + | |
- | + | ||
- | I say typically, because the behavior of PDO:: | + | |
- | + | ||
- | Currently, the prepared statement emulator escapes values like [[https:// | + | |
- | * Bool, int, and null values are handled | + | |
- | * Other values have their zvals cast to a string, which is passed to the driver' | + | |
- | + | ||
- | This logic could be moved to a common | + | |
- | + | ||
- | This approach doesn' | + | |
- | + | ||
- | ==== PDO:: | + | |
- | Since prepared statements are only mandatory for pdo_dblib, a driver-specific attribute could produce the parsed query: | + | |
- | + | ||
- | <code php> | + | |
- | $db = new PDO(...); | + | |
- | + | ||
- | // works with statements without bound values | + | |
- | $stmt = $db-> | + | |
- | var_dump($stmt-> | + | |
- | + | ||
- | $stmt = $db-> | + | |
- | $stmt-> | + | |
- | + | ||
- | // returns unparsed query before execution | + | |
- | var_dump($stmt-> | + | |
- | + | ||
- | // returns parsed query after execution | + | |
- | $stmt-> | + | |
- | var_dump($stmt-> | + | |
- | </ | + | |
- | + | ||
- | Since this would be a debug tool, the attribute shouldn' | + | |
- | + | ||
- | This is a slightly awkward use of an attribute -- the existing debug hook, '' | + | |
- | + | ||
- | ==== PDOStatement:: | + | |
- | Similar to the above, but as an API addition: | + | |
<code php> | <code php> | ||
Line 82: | Line 34: | ||
</ | </ | ||
- | This feels like the least disruptive solution to this problem. | + | Since this would be a debug tool, the method shouldn' |
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
- | The first proposal could introduce functionality changes, but they would be in the interest of more consistent behavior across PDO. | + | N/A |
===== Proposed PHP Version(s) ===== | ===== Proposed PHP Version(s) ===== | ||
Next PHP 7.x. | Next PHP 7.x. | ||
- | |||
- | ===== RFC Impact ===== | ||
- | The second proposal would introduce a new constant. | ||
===== Future Scope ===== | ===== Future Scope ===== | ||
- | It's been suggested that PDO shouldn' | + | It's been suggested that PDO shouldn' |
+ | |||
+ | It's been suggested that this change would turn PDO into a leaky (or leakier) abstraction. I'd counter that this is strictly a tool that allows tests to expand their code coverage. If emulated prepared statements are being kept in PDO, we should | ||
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== | ||
This project requires a 50%+1 majority. | This project requires a 50%+1 majority. | ||
+ | |||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
===== Patches and Tests ===== | ===== Patches and Tests ===== | ||
- | A working implementation, with tests, of the third proposal: https:// | + | A working implementation with tests: https:// |
- | + | ||
- | If one of the other proposals is accepted, I could do the implementation myself. | + | |
===== References ===== | ===== References ===== | ||
Initial discussion of this proposal on the internals mailing list: http:// | Initial discussion of this proposal on the internals mailing list: http:// | ||
+ | |||
+ | ===== Implementation ===== | ||
+ | This feature was implemented in PHP 7.2 ([[https:// |
rfc/debugging_pdo_prepared_statement_emulation.txt · Last modified: 2018/03/01 23:27 by carusogabriel