SqlPreprocessor: correctly escapes scalars when parameters are not used

Author: dg

src/Database/SqlPreprocessor.php

@@ -137,10 +137,17 @@ private function formatValue($value, string $mode = null): string
 				if ($this->useParams) {
 					$this->remaining[] = $value;
 					return '?';
+
+				} elseif (is_int($value) || is_bool($value)) {
+					return (string) (int) $value;
+
+				} elseif (is_float($value)) {
+					return rtrim(rtrim(number_format($value, 10, '.', ''), '0'), '.');
+
+				} elseif (is_resource($value)) {
+					return $this->connection->quote(stream_get_contents($value));
+
 				} else {
-					if (is_resource($value)) {
-						$value = stream_get_contents($value);
-					}
 					return $this->connection->quote((string) $value);
 				}
 

tests/Database/SqlPreprocessor.phpt

@@ -22,6 +22,13 @@ test(function () use ($preprocessor) { // basic
 });
 
 
+test(function () use ($preprocessor) { // no parameters
+	[$sql, $params] = $preprocessor->process(['UNKNOWN a = ?, b = ?, c = ?, d = ?, e = ?', 123, 'abc', true, false, null]);
+	Assert::same("UNKNOWN a = 123, b = 'abc', c = 1, d = 0, e = NULL", $sql);
+	Assert::same([], $params);
+});
+
+
 test(function () use ($preprocessor) { // arg without placeholder
 	[$sql, $params] = $preprocessor->process(['SELECT id FROM author WHERE id =', 11]);
 	Assert::same('SELECT id FROM author WHERE id = ?', $sql);