SqlPreprocessor: recoginzes (SELECT) UNION (SELECT) as parameteric command [Closes #248]

Author: dg

src/Database/SqlPreprocessor.php

@@ -96,7 +96,7 @@ public function process(array $params, bool $useParams = false): array
 				$this->arrayMode = null;
 				$res[] = Nette\Utils\Strings::replace(
 					$param,
-					'~\'[^\']*+\'|"[^"]*+"|\?[a-z]*|^\s*+(?:SELECT|INSERT|UPDATE|DELETE|REPLACE|EXPLAIN)\b|\b(?:SET|WHERE|HAVING|ORDER BY|GROUP BY|KEY UPDATE)(?=\s*$|\s*\?)|/\*.*?\*/|--[^\n]*~Dsi',
+					'~\'[^\']*+\'|"[^"]*+"|\?[a-z]*|^\s*+(?:\(?\s*SELECT|INSERT|UPDATE|DELETE|REPLACE|EXPLAIN)\b|\b(?:SET|WHERE|HAVING|ORDER BY|GROUP BY|KEY UPDATE)(?=\s*$|\s*\?)|/\*.*?\*/|--[^\n]*~Dsi',
 					[$this, 'callback']
 				);
 			} else {
@@ -122,7 +122,7 @@ public function callback(array $m): string
 			return $m;
 
 		} else { // command
-			$cmd = ltrim(strtoupper($m));
+			$cmd = ltrim(strtoupper($m), "\t\n\r (");
 			$this->arrayMode = self::ARRAY_MODES[$cmd] ?? null;
 			$this->useParams = isset(self::PARAMETRIC_COMMANDS[$cmd]) || $this->useParams;
 			return $m;

tests/Database/SqlPreprocessor.phpt

@@ -29,6 +29,13 @@ test(function () use ($preprocessor) { // no parameters
 });
 
 
+test(function () use ($preprocessor) { // recognizes command in braces
+	[$sql, $params] = $preprocessor->process(['(SELECT ?) UNION (SELECT ?)', 1, 2]);
+	Assert::same('(SELECT ?) UNION (SELECT ?)', $sql);
+	Assert::same([1, 2], $params);
+});
+
+
 test(function () use ($preprocessor) { // arg without placeholder
 	[$sql, $params] = $preprocessor->process(['SELECT id FROM author WHERE id =', 11]);
 	Assert::same('SELECT id FROM author WHERE id = ?', $sql);