1 /*
2   +----------------------------------------------------------------------+
3   | PHP Version 7                                                        |
4   +----------------------------------------------------------------------+
5   | Copyright (c) The PHP Group                                          |
6   +----------------------------------------------------------------------+
7   | This source file is subject to version 3.01 of the PHP license,      |
8   | that is bundled with this package in the file LICENSE, and is        |
9   | available through the world-wide-web at the following url:           |
10   | http://www.php.net/license/3_01.txt                                  |
11   | If you did not receive a copy of the PHP license and are unable to   |
12   | obtain it through the world-wide-web, please send a note to          |
13   | license@php.net so we can mail you a copy immediately.               |
14   +----------------------------------------------------------------------+
15   | Author: George Schlossnagle <george@omniti.com>                      |
16   |         Wez Furlong <wez@php.net>                                    |
17   |         Johannes Schlueter <johannes@mysql.com>                      |
18   +----------------------------------------------------------------------+
19 */
20 
21 #ifdef HAVE_CONFIG_H
22 #include "config.h"
23 #endif
24 
25 #include "php.h"
26 #include "php_ini.h"
27 #include "ext/standard/info.h"
28 #include "pdo/php_pdo.h"
29 #include "pdo/php_pdo_driver.h"
30 #include "php_pdo_mysql.h"
31 #include "php_pdo_mysql_int.h"
32 
33 #ifdef PDO_USE_MYSQLND
34 #	define pdo_mysql_stmt_execute_prepared(stmt) pdo_mysql_stmt_execute_prepared_mysqlnd(stmt)
35 #	define pdo_free_bound_result(res) zval_ptr_dtor(res.zv)
36 #	define pdo_mysql_stmt_close(stmt) mysqlnd_stmt_close(stmt, 0)
37 #else
38 #	define pdo_mysql_stmt_execute_prepared(stmt) pdo_mysql_stmt_execute_prepared_libmysql(stmt)
39 #	define pdo_free_bound_result(res) efree(res.buffer)
40 #	define pdo_mysql_stmt_close(stmt) mysql_stmt_close(stmt)
41 #endif
42 
43 
44 
pdo_mysql_stmt_dtor(pdo_stmt_t *stmt)45 static int pdo_mysql_stmt_dtor(pdo_stmt_t *stmt) /* {{{ */
46 {
47 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
48 
49 	PDO_DBG_ENTER("pdo_mysql_stmt_dtor");
50 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
51 	if (S->result) {
52 		/* free the resource */
53 		mysql_free_result(S->result);
54 		S->result = NULL;
55 	}
56 	if (S->einfo.errmsg) {
57 		pefree(S->einfo.errmsg, stmt->dbh->is_persistent);
58 		S->einfo.errmsg = NULL;
59 	}
60 	if (S->stmt) {
61 		pdo_mysql_stmt_close(S->stmt);
62 		S->stmt = NULL;
63 	}
64 
65 #ifndef PDO_USE_MYSQLND
66 	if (S->params) {
67 		efree(S->params);
68 	}
69 	if (S->in_null) {
70 		efree(S->in_null);
71 	}
72 	if (S->in_length) {
73 		efree(S->in_length);
74 	}
75 
76 	if (S->bound_result)
77 	{
78 		int i;
79 		for (i = 0; i < stmt->column_count; i++) {
80 			pdo_free_bound_result(S->bound_result[i]);
81 		}
82 
83 		efree(S->bound_result);
84 		efree(S->out_null);
85 		efree(S->out_length);
86 	}
87 #endif
88 
89 	if (!Z_ISUNDEF(stmt->database_object_handle)
90 		&& IS_OBJ_VALID(EG(objects_store).object_buckets[Z_OBJ_HANDLE(stmt->database_object_handle)])
91 		&& (!(OBJ_FLAGS(Z_OBJ(stmt->database_object_handle)) & IS_OBJ_FREE_CALLED))) {
92 		while (mysql_more_results(S->H->server)) {
93 			MYSQL_RES *res;
94 			if (mysql_next_result(S->H->server) != 0) {
95 				break;
96 			}
97 
98 			res = mysql_store_result(S->H->server);
99 			if (res) {
100 				mysql_free_result(res);
101 			}
102 		}
103 	}
104 
105 #if PDO_USE_MYSQLND
106 	if (!S->stmt && S->current_data) {
107 		mnd_free(S->current_data);
108 	}
109 #endif /* PDO_USE_MYSQLND */
110 
111 	efree(S);
112 	PDO_DBG_RETURN(1);
113 }
114 /* }}} */
115 
pdo_mysql_stmt_set_row_count(pdo_stmt_t *stmt)116 static void pdo_mysql_stmt_set_row_count(pdo_stmt_t *stmt) /* {{{ */
117 {
118 	zend_long row_count;
119 	pdo_mysql_stmt *S = stmt->driver_data;
120 	row_count = (zend_long) mysql_stmt_affected_rows(S->stmt);
121 	if (row_count != (zend_long)-1) {
122 		stmt->row_count = row_count;
123 	}
124 }
125 /* }}} */
126 
pdo_mysql_fill_stmt_from_result(pdo_stmt_t *stmt)127 static int pdo_mysql_fill_stmt_from_result(pdo_stmt_t *stmt) /* {{{ */
128 {
129 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
130 	pdo_mysql_db_handle *H = S->H;
131 	my_ulonglong row_count;
132 	PDO_DBG_ENTER("pdo_mysql_fill_stmt_from_result");
133 
134 	row_count = mysql_affected_rows(H->server);
135 	if (row_count == (my_ulonglong)-1) {
136 		/* we either have a query that returned a result set or an error occurred
137 		   lets see if we have access to a result set */
138 		if (!H->buffered) {
139 			S->result = mysql_use_result(H->server);
140 		} else {
141 			S->result = mysql_store_result(H->server);
142 		}
143 		if (NULL == S->result) {
144 			pdo_mysql_error_stmt(stmt);
145 			PDO_DBG_RETURN(0);
146 		}
147 
148 		stmt->row_count = (zend_long) mysql_num_rows(S->result);
149 		stmt->column_count = (int) mysql_num_fields(S->result);
150 		S->fields = mysql_fetch_fields(S->result);
151 	} else {
152 		/* this was a DML or DDL query (INSERT, UPDATE, DELETE, ... */
153 		stmt->row_count = (zend_long) row_count;
154 	}
155 
156 	PDO_DBG_RETURN(1);
157 }
158 /* }}} */
159 
160 #ifndef PDO_USE_MYSQLND
pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt)161 static int pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt) /* {{{ */
162 {
163 	pdo_mysql_stmt *S = stmt->driver_data;
164 	pdo_mysql_db_handle *H = S->H;
165 
166 	PDO_DBG_ENTER("pdo_mysql_stmt_execute_prepared_libmysql");
167 
168 	/* (re)bind the parameters */
169 	if (mysql_stmt_bind_param(S->stmt, S->params) || mysql_stmt_execute(S->stmt)) {
170 		if (S->params) {
171 			memset(S->params, 0, S->num_params * sizeof(MYSQL_BIND));
172 		}
173 		pdo_mysql_error_stmt(stmt);
174 		if (mysql_stmt_errno(S->stmt) == 2057) {
175 			/* CR_NEW_STMT_METADATA makes the statement unusable */
176 			S->stmt = NULL;
177 		}
178 		PDO_DBG_RETURN(0);
179 	}
180 
181 	if (!S->result) {
182 		int i;
183 
184 		/* figure out the result set format, if any */
185 		S->result = mysql_stmt_result_metadata(S->stmt);
186 		if (S->result) {
187 			int calc_max_length = H->buffered && S->max_length == 1;
188 			S->fields = mysql_fetch_fields(S->result);
189 			if (S->bound_result) {
190 				int i;
191 				for (i = 0; i < stmt->column_count; i++) {
192 					efree(S->bound_result[i].buffer);
193 				}
194 				efree(S->bound_result);
195 				efree(S->out_null);
196 				efree(S->out_length);
197 			}
198 
199 			stmt->column_count = (int)mysql_num_fields(S->result);
200 			S->bound_result = ecalloc(stmt->column_count, sizeof(MYSQL_BIND));
201 			S->out_null = ecalloc(stmt->column_count, sizeof(my_bool));
202 			S->out_length = ecalloc(stmt->column_count, sizeof(zend_ulong));
203 
204 			/* summon memory to hold the row */
205 			for (i = 0; i < stmt->column_count; i++) {
206 				if (calc_max_length && S->fields[i].type == FIELD_TYPE_BLOB) {
207 					my_bool on = 1;
208 					mysql_stmt_attr_set(S->stmt, STMT_ATTR_UPDATE_MAX_LENGTH, &on);
209 					calc_max_length = 0;
210 				}
211 				switch (S->fields[i].type) {
212 					case FIELD_TYPE_INT24:
213 						S->bound_result[i].buffer_length = MAX_MEDIUMINT_WIDTH + 1;
214 						break;
215 					case FIELD_TYPE_LONG:
216 						S->bound_result[i].buffer_length = MAX_INT_WIDTH + 1;
217 						break;
218 					case FIELD_TYPE_LONGLONG:
219 						S->bound_result[i].buffer_length = MAX_BIGINT_WIDTH + 1;
220 						break;
221 					case FIELD_TYPE_TINY:
222 						S->bound_result[i].buffer_length = MAX_TINYINT_WIDTH + 1;
223 						break;
224 					case FIELD_TYPE_SHORT:
225 						S->bound_result[i].buffer_length = MAX_SMALLINT_WIDTH + 1;
226 						break;
227 					default:
228 						S->bound_result[i].buffer_length =
229 							S->fields[i].max_length? S->fields[i].max_length:
230 							S->fields[i].length;
231 						/* work-around for longtext and alike */
232 						if (S->bound_result[i].buffer_length > H->max_buffer_size) {
233 							S->bound_result[i].buffer_length = H->max_buffer_size;
234 						}
235 				}
236 
237 				/* there are cases where the length reported by mysql is too short.
238 				 * eg: when describing a table that contains an enum column. Since
239 				 * we have no way of knowing the true length either, we'll bump up
240 				 * our buffer size to a reasonable size, just in case */
241 				if (S->fields[i].max_length == 0 && S->bound_result[i].buffer_length < 128 && MYSQL_TYPE_VAR_STRING) {
242 					S->bound_result[i].buffer_length = 128;
243 				}
244 
245 				S->out_length[i] = 0;
246 
247 				S->bound_result[i].buffer = emalloc(S->bound_result[i].buffer_length);
248 				S->bound_result[i].is_null = &S->out_null[i];
249 				S->bound_result[i].length = &S->out_length[i];
250 				S->bound_result[i].buffer_type = MYSQL_TYPE_STRING;
251 			}
252 
253 			if (mysql_stmt_bind_result(S->stmt, S->bound_result)) {
254 				pdo_mysql_error_stmt(stmt);
255 				PDO_DBG_RETURN(0);
256 			}
257 
258 			/* if buffered, pre-fetch all the data */
259 			if (H->buffered) {
260 				if (mysql_stmt_store_result(S->stmt)) {
261 					pdo_mysql_error_stmt(stmt);
262 					PDO_DBG_RETURN(0);
263 				}
264 			}
265 		}
266 	}
267 
268 	pdo_mysql_stmt_set_row_count(stmt);
269 	PDO_DBG_RETURN(1);
270 }
271 /* }}} */
272 #endif
273 
274 #ifdef PDO_USE_MYSQLND
pdo_mysql_stmt_execute_prepared_mysqlnd(pdo_stmt_t *stmt)275 static int pdo_mysql_stmt_execute_prepared_mysqlnd(pdo_stmt_t *stmt) /* {{{ */
276 {
277 	pdo_mysql_stmt *S = stmt->driver_data;
278 	pdo_mysql_db_handle *H = S->H;
279 	int i;
280 
281 	PDO_DBG_ENTER("pdo_mysql_stmt_execute_prepared_mysqlnd");
282 
283 	if (mysql_stmt_execute(S->stmt)) {
284 		pdo_mysql_error_stmt(stmt);
285 		PDO_DBG_RETURN(0);
286 	}
287 
288 	if (S->result) {
289 		/* TODO: add a test to check if we really have zvals here... */
290 		mysql_free_result(S->result);
291 		S->result = NULL;
292 	}
293 
294 	/* for SHOW/DESCRIBE and others the column/field count is not available before execute */
295 	stmt->column_count = mysql_stmt_field_count(S->stmt);
296 	for (i = 0; i < stmt->column_count; i++) {
297 		mysqlnd_stmt_bind_one_result(S->stmt, i);
298 	}
299 
300 	S->result = mysqlnd_stmt_result_metadata(S->stmt);
301 	if (S->result) {
302 		S->fields = mysql_fetch_fields(S->result);
303 		/* if buffered, pre-fetch all the data */
304 		if (H->buffered) {
305 			if (mysql_stmt_store_result(S->stmt)) {
306 				pdo_mysql_error_stmt(stmt);
307 				PDO_DBG_RETURN(0);
308 			}
309 		}
310 	}
311 
312 	pdo_mysql_stmt_set_row_count(stmt);
313 	PDO_DBG_RETURN(1);
314 }
315 /* }}} */
316 #endif
317 
pdo_mysql_stmt_execute(pdo_stmt_t *stmt)318 static int pdo_mysql_stmt_execute(pdo_stmt_t *stmt) /* {{{ */
319 {
320 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
321 	pdo_mysql_db_handle *H = S->H;
322 	PDO_DBG_ENTER("pdo_mysql_stmt_execute");
323 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
324 
325 	if (S->stmt) {
326 		PDO_DBG_RETURN(pdo_mysql_stmt_execute_prepared(stmt));
327 	}
328 
329 	/* ensure that we free any previous unfetched results */
330 	if (S->result) {
331 		mysql_free_result(S->result);
332 		S->result = NULL;
333 	}
334 
335 	if (mysql_real_query(H->server, stmt->active_query_string, stmt->active_query_stringlen) != 0) {
336 		pdo_mysql_error_stmt(stmt);
337 		PDO_DBG_RETURN(0);
338 	}
339 
340 	PDO_DBG_RETURN(pdo_mysql_fill_stmt_from_result(stmt));
341 }
342 /* }}} */
343 
pdo_mysql_stmt_next_rowset(pdo_stmt_t *stmt)344 static int pdo_mysql_stmt_next_rowset(pdo_stmt_t *stmt) /* {{{ */
345 {
346 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
347 	pdo_mysql_db_handle *H = S->H;
348 #if PDO_USE_MYSQLND
349 	zend_long row_count;
350 #endif
351 	PDO_DBG_ENTER("pdo_mysql_stmt_next_rowset");
352 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
353 
354 #if PDO_USE_MYSQLND
355 	if (!H->emulate_prepare) {
356 		if (!mysqlnd_stmt_more_results(S->stmt)) {
357 			PDO_DBG_RETURN(0);
358 		}
359 		if (mysqlnd_stmt_next_result(S->stmt)) {
360 			PDO_DBG_RETURN(0);
361 		}
362 
363 		if (!mysqlnd_stmt_more_results(S->stmt)) {
364 			/*
365 			MySQL gives us n + 1 result sets for
366 			CALL proc() and n result sets returned by the proc itself.
367 			Result set n + 1 is about the procedure call itself.
368 			As the PDO emulation does not return it, we skip it as well
369 			*/
370 			PDO_DBG_RETURN(0);
371 		}
372 
373 		/* TODO - this code is stolen from execute() - see above */
374 		if (S->result) {
375 			mysql_free_result(S->result);
376 			S->result = NULL;
377 		}
378 		{
379 			/* for SHOW/DESCRIBE and others the column/field count is not available before execute */
380 			int i;
381 
382 			stmt->column_count = mysql_stmt_field_count(S->stmt);
383 			for (i = 0; i < stmt->column_count; i++) {
384 				mysqlnd_stmt_bind_one_result(S->stmt, i);
385 			}
386 		}
387 
388 		S->result = mysqlnd_stmt_result_metadata(S->stmt);
389 		if (S->result) {
390 			S->fields = mysql_fetch_fields(S->result);
391 
392 			/* if buffered, pre-fetch all the data */
393 			if (H->buffered) {
394 				if (mysql_stmt_store_result(S->stmt)) {
395 					pdo_mysql_error_stmt(stmt);
396 					PDO_DBG_RETURN(0);
397 				}
398 			}
399 		}
400 		row_count = (zend_long) mysql_stmt_affected_rows(S->stmt);
401 		if (row_count != (zend_long)-1) {
402 			stmt->row_count = row_count;
403 		}
404 		PDO_DBG_RETURN(1);
405 	}
406 #endif
407 
408 /* ensure that we free any previous unfetched results */
409 #ifndef PDO_USE_MYSQLND
410 	if (S->stmt) {
411 		if (S->result) {
412 			stmt->column_count = (int)mysql_num_fields(S->result);
413 		}
414 		mysql_stmt_free_result(S->stmt);
415 	}
416 #endif
417 	if (S->result) {
418 		mysql_free_result(S->result);
419 		S->result = NULL;
420 	}
421 
422 	if (!mysql_more_results(H->server)) {
423 		/* No more results */
424 		PDO_DBG_RETURN(0);
425 	}
426 #if PDO_USE_MYSQLND
427 	if (mysql_next_result(H->server) == FAIL) {
428 		pdo_mysql_error_stmt(stmt);
429 		PDO_DBG_RETURN(0);
430 	} else {
431 		PDO_DBG_RETURN(pdo_mysql_fill_stmt_from_result(stmt));
432 	}
433 #else
434 	if (mysql_next_result(H->server) > 0) {
435 		pdo_mysql_error_stmt(stmt);
436 		PDO_DBG_RETURN(0);
437 	} else {
438 		PDO_DBG_RETURN(pdo_mysql_fill_stmt_from_result(stmt));
439 	}
440 #endif
441 }
442 /* }}} */
443 
444 
445 static const char * const pdo_param_event_names[] =
446 {
447 	"PDO_PARAM_EVT_ALLOC",
448 	"PDO_PARAM_EVT_FREE",
449 	"PDO_PARAM_EVT_EXEC_PRE",
450 	"PDO_PARAM_EVT_EXEC_POST",
451 	"PDO_PARAM_EVT_FETCH_PRE",
452 	"PDO_PARAM_EVT_FETCH_POST",
453 	"PDO_PARAM_EVT_NORMALIZE",
454 };
455 
456 
pdo_mysql_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data *param, enum pdo_param_event event_type)457 static int pdo_mysql_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data *param, enum pdo_param_event event_type) /* {{{ */
458 {
459 	zval *parameter;
460 #ifndef PDO_USE_MYSQLND
461 	PDO_MYSQL_PARAM_BIND *b;
462 #endif
463 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
464 
465 	PDO_DBG_ENTER("pdo_mysql_stmt_param_hook");
466 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
467 	PDO_DBG_INF_FMT("event = %s", pdo_param_event_names[event_type]);
468 	if (S->stmt && param->is_param) {
469 		switch (event_type) {
470 			case PDO_PARAM_EVT_ALLOC:
471 				/* sanity check parameter number range */
472 				if (param->paramno < 0 || param->paramno >= S->num_params) {
473 					strcpy(stmt->error_code, "HY093");
474 					PDO_DBG_RETURN(0);
475 				}
476 				S->params_given++;
477 
478 #ifndef PDO_USE_MYSQLND
479 				b = &S->params[param->paramno];
480 				param->driver_data = b;
481 				b->is_null = &S->in_null[param->paramno];
482 				b->length = &S->in_length[param->paramno];
483 				/* recall how many parameters have been provided */
484 #endif
485 				PDO_DBG_RETURN(1);
486 
487 			case PDO_PARAM_EVT_EXEC_PRE:
488 				if (S->params_given < (unsigned int) S->num_params) {
489 					/* too few parameter bound */
490 					PDO_DBG_ERR("too few parameters bound");
491 					strcpy(stmt->error_code, "HY093");
492 					PDO_DBG_RETURN(0);
493 				}
494 
495 				if (!Z_ISREF(param->parameter)) {
496 					parameter = &param->parameter;
497 				} else {
498 					parameter = Z_REFVAL(param->parameter);
499 				}
500 
501 #if PDO_USE_MYSQLND
502 				if (PDO_PARAM_TYPE(param->param_type) == PDO_PARAM_NULL || (Z_TYPE_P(parameter) == IS_NULL)) {
503 					mysqlnd_stmt_bind_one_param(S->stmt, param->paramno, parameter, MYSQL_TYPE_NULL);
504 					PDO_DBG_RETURN(1);
505 				}
506 #else
507 				b = (PDO_MYSQL_PARAM_BIND*)param->driver_data;
508 				*b->is_null = 0;
509 				if (PDO_PARAM_TYPE(param->param_type) == PDO_PARAM_NULL || Z_TYPE_P(parameter) == IS_NULL) {
510 					*b->is_null = 1;
511 					b->buffer_type = MYSQL_TYPE_STRING;
512 					b->buffer = NULL;
513 					b->buffer_length = 0;
514 					*b->length = 0;
515 					PDO_DBG_RETURN(1);
516 				}
517 #endif /* PDO_USE_MYSQLND */
518 
519 				switch (PDO_PARAM_TYPE(param->param_type)) {
520 					case PDO_PARAM_STMT:
521 						PDO_DBG_RETURN(0);
522 					case PDO_PARAM_LOB:
523 						PDO_DBG_INF("PDO_PARAM_LOB");
524 						if (!Z_ISREF(param->parameter)) {
525 							parameter = &param->parameter;
526 						} else {
527 							parameter = Z_REFVAL(param->parameter);
528 						}
529 						if (Z_TYPE_P(parameter) == IS_RESOURCE) {
530 							php_stream *stm = NULL;
531 							php_stream_from_zval_no_verify(stm, parameter);
532 							if (stm) {
533 								zend_string *mem = php_stream_copy_to_mem(stm, PHP_STREAM_COPY_ALL, 0);
534 								zval_ptr_dtor(parameter);
535 								ZVAL_STR(parameter, mem ? mem : ZSTR_EMPTY_ALLOC());
536 							} else {
537 								pdo_raise_impl_error(stmt->dbh, stmt, "HY105", "Expected a stream resource");
538 								return 0;
539 							}
540 						}
541 						/* fall through */
542 
543 					default:
544 						;
545 				}
546 
547 #if PDO_USE_MYSQLND
548 				/* Is it really correct to check the zval's type? - But well, that's what the old code below does, too */
549 				PDO_DBG_INF_FMT("param->parameter->type=%d", Z_TYPE(param->parameter));
550 				if (!Z_ISREF(param->parameter)) {
551 					parameter = &param->parameter;
552 				} else {
553 					parameter = Z_REFVAL(param->parameter);
554 				}
555 				switch (Z_TYPE_P(parameter)) {
556 					case IS_STRING:
557 						mysqlnd_stmt_bind_one_param(S->stmt, param->paramno, parameter, MYSQL_TYPE_VAR_STRING);
558 						break;
559 					case IS_LONG:
560 #if SIZEOF_ZEND_LONG==8
561 						mysqlnd_stmt_bind_one_param(S->stmt, param->paramno, parameter, MYSQL_TYPE_LONGLONG);
562 #elif SIZEOF_ZEND_LONG==4
563 						mysqlnd_stmt_bind_one_param(S->stmt, param->paramno, parameter, MYSQL_TYPE_LONG);
564 #endif /* SIZEOF_LONG */
565 						break;
566 					case IS_TRUE:
567 					case IS_FALSE:
568 						mysqlnd_stmt_bind_one_param(S->stmt, param->paramno, parameter, MYSQL_TYPE_TINY);
569 						break;
570 					case IS_DOUBLE:
571 						mysqlnd_stmt_bind_one_param(S->stmt, param->paramno, parameter, MYSQL_TYPE_DOUBLE);
572 						break;
573 					default:
574 						PDO_DBG_RETURN(0);
575 				}
576 
577 				PDO_DBG_RETURN(1);
578 #else
579 				PDO_DBG_INF_FMT("param->parameter->type=%d", Z_TYPE(param->parameter));
580 				if (!Z_ISREF(param->parameter)) {
581 					parameter = &param->parameter;
582 				} else {
583 					parameter = Z_REFVAL(param->parameter);
584 				}
585 				switch (Z_TYPE_P(parameter)) {
586 					case IS_STRING:
587 						b->buffer_type = MYSQL_TYPE_STRING;
588 						b->buffer = Z_STRVAL_P(parameter);
589 						b->buffer_length = Z_STRLEN_P(parameter);
590 						*b->length = Z_STRLEN_P(parameter);
591 						PDO_DBG_RETURN(1);
592 
593 					case IS_LONG:
594 						b->buffer_type = MYSQL_TYPE_LONG;
595 						b->buffer = &Z_LVAL_P(parameter);
596 						PDO_DBG_RETURN(1);
597 
598 					case IS_DOUBLE:
599 						b->buffer_type = MYSQL_TYPE_DOUBLE;
600 						b->buffer = &Z_DVAL_P(parameter);
601 						PDO_DBG_RETURN(1);
602 
603 					default:
604 						PDO_DBG_RETURN(0);
605 				}
606 #endif /* PDO_USE_MYSQLND */
607 		case PDO_PARAM_EVT_FREE:
608 		case PDO_PARAM_EVT_EXEC_POST:
609 		case PDO_PARAM_EVT_FETCH_PRE:
610 		case PDO_PARAM_EVT_FETCH_POST:
611 		case PDO_PARAM_EVT_NORMALIZE:
612 			/* do nothing */
613 			break;
614 		}
615 	}
616 
617 	PDO_DBG_RETURN(1);
618 }
619 /* }}} */
620 
pdo_mysql_stmt_fetch(pdo_stmt_t *stmt, enum pdo_fetch_orientation ori, zend_long offset)621 static int pdo_mysql_stmt_fetch(pdo_stmt_t *stmt, enum pdo_fetch_orientation ori, zend_long offset) /* {{{ */
622 {
623 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
624 #if PDO_USE_MYSQLND
625 	zend_bool fetched_anything;
626 
627 	PDO_DBG_ENTER("pdo_mysql_stmt_fetch");
628 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
629 	if (S->stmt) {
630 		if (FAIL == mysqlnd_stmt_fetch(S->stmt, &fetched_anything) || fetched_anything == FALSE) {
631 			pdo_mysql_error_stmt(stmt);
632 			PDO_DBG_RETURN(0);
633 		}
634 
635 		PDO_DBG_RETURN(1);
636 	}
637 #else
638 	int ret;
639 
640 	if (S->stmt) {
641 		ret = mysql_stmt_fetch(S->stmt);
642 
643 #		ifdef MYSQL_DATA_TRUNCATED
644 		if (ret == MYSQL_DATA_TRUNCATED) {
645 			ret = 0;
646 		}
647 #		endif
648 
649 		if (ret) {
650 			if (ret != MYSQL_NO_DATA) {
651 				pdo_mysql_error_stmt(stmt);
652 			}
653 			PDO_DBG_RETURN(0);
654 		}
655 
656 		PDO_DBG_RETURN(1);
657 	}
658 #endif /* PDO_USE_MYSQLND */
659 
660 	if (!S->result) {
661 		strcpy(stmt->error_code, "HY000");
662 		PDO_DBG_RETURN(0);
663 	}
664 #if PDO_USE_MYSQLND
665 	if (!S->stmt && S->current_data) {
666 		mnd_free(S->current_data);
667 	}
668 #endif /* PDO_USE_MYSQLND */
669 
670 	if ((S->current_data = mysql_fetch_row(S->result)) == NULL) {
671 		if (!S->H->buffered && mysql_errno(S->H->server)) {
672 			pdo_mysql_error_stmt(stmt);
673 		}
674 		PDO_DBG_RETURN(0);
675 	}
676 
677 	S->current_lengths = mysql_fetch_lengths(S->result);
678 	PDO_DBG_RETURN(1);
679 }
680 /* }}} */
681 
pdo_mysql_stmt_describe(pdo_stmt_t *stmt, int colno)682 static int pdo_mysql_stmt_describe(pdo_stmt_t *stmt, int colno) /* {{{ */
683 {
684 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
685 	struct pdo_column_data *cols = stmt->columns;
686 	int i;
687 
688 	PDO_DBG_ENTER("pdo_mysql_stmt_describe");
689 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
690 	if (!S->result) {
691 		PDO_DBG_RETURN(0);
692 	}
693 
694 	if (colno >= stmt->column_count) {
695 		/* error invalid column */
696 		PDO_DBG_RETURN(0);
697 	}
698 
699 	/* fetch all on demand, this seems easiest
700 	** if we've been here before bail out
701 	*/
702 	if (cols[0].name) {
703 		PDO_DBG_RETURN(1);
704 	}
705 	for (i = 0; i < stmt->column_count; i++) {
706 
707 		if (S->H->fetch_table_names) {
708 			cols[i].name = strpprintf(0, "%s.%s", S->fields[i].table, S->fields[i].name);
709 		} else {
710 			cols[i].name = zend_string_init(S->fields[i].name, S->fields[i].name_length, 0);
711 		}
712 
713 		cols[i].precision = S->fields[i].decimals;
714 		cols[i].maxlen = S->fields[i].length;
715 
716 #ifdef PDO_USE_MYSQLND
717 		if (S->stmt) {
718 			cols[i].param_type = PDO_PARAM_ZVAL;
719 		} else
720 #endif
721 		{
722 			cols[i].param_type = PDO_PARAM_STR;
723 		}
724 	}
725 	PDO_DBG_RETURN(1);
726 }
727 /* }}} */
728 
pdo_mysql_stmt_get_col(pdo_stmt_t *stmt, int colno, char **ptr, size_t *len, int *caller_frees)729 static int pdo_mysql_stmt_get_col(pdo_stmt_t *stmt, int colno, char **ptr, size_t *len, int *caller_frees) /* {{{ */
730 {
731 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
732 
733 	PDO_DBG_ENTER("pdo_mysql_stmt_get_col");
734 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
735 	if (!S->result) {
736 		PDO_DBG_RETURN(0);
737 	}
738 
739 	/* With mysqlnd data is stored inside mysqlnd, not S->current_data */
740 	if (!S->stmt) {
741 		if (S->current_data == NULL || !S->result) {
742 			PDO_DBG_RETURN(0);
743 		}
744 	}
745 
746 	if (colno >= stmt->column_count) {
747 		/* error invalid column */
748 		PDO_DBG_RETURN(0);
749 	}
750 #if PDO_USE_MYSQLND
751 	if (S->stmt) {
752 		Z_TRY_ADDREF(S->stmt->data->result_bind[colno].zv);
753 		*ptr = (char*)&S->stmt->data->result_bind[colno].zv;
754 		*len = sizeof(zval);
755 		PDO_DBG_RETURN(1);
756 	}
757 #else
758 	if (S->stmt) {
759 		if (S->out_null[colno]) {
760 			*ptr = NULL;
761 			*len = 0;
762 			PDO_DBG_RETURN(1);
763 		}
764 		*ptr = S->bound_result[colno].buffer;
765 		if (S->out_length[colno] > S->bound_result[colno].buffer_length) {
766 			/* mysql lied about the column width */
767 			strcpy(stmt->error_code, "01004"); /* truncated */
768 			S->out_length[colno] = S->bound_result[colno].buffer_length;
769 			*len = S->out_length[colno];
770 			PDO_DBG_RETURN(0);
771 		}
772 		*len = S->out_length[colno];
773 		PDO_DBG_RETURN(1);
774 	}
775 #endif
776 	*ptr = S->current_data[colno];
777 	*len = S->current_lengths[colno];
778 	PDO_DBG_RETURN(1);
779 } /* }}} */
780 
type_to_name_native(int type)781 static char *type_to_name_native(int type) /* {{{ */
782 {
783 #define PDO_MYSQL_NATIVE_TYPE_NAME(x)	case FIELD_TYPE_##x: return #x;
784 
785     switch (type) {
786         PDO_MYSQL_NATIVE_TYPE_NAME(STRING)
787         PDO_MYSQL_NATIVE_TYPE_NAME(VAR_STRING)
788 #ifdef FIELD_TYPE_TINY
789         PDO_MYSQL_NATIVE_TYPE_NAME(TINY)
790 #endif
791 #ifdef FIELD_TYPE_BIT
792         PDO_MYSQL_NATIVE_TYPE_NAME(BIT)
793 #endif
794         PDO_MYSQL_NATIVE_TYPE_NAME(SHORT)
795         PDO_MYSQL_NATIVE_TYPE_NAME(LONG)
796         PDO_MYSQL_NATIVE_TYPE_NAME(LONGLONG)
797         PDO_MYSQL_NATIVE_TYPE_NAME(INT24)
798         PDO_MYSQL_NATIVE_TYPE_NAME(FLOAT)
799         PDO_MYSQL_NATIVE_TYPE_NAME(DOUBLE)
800         PDO_MYSQL_NATIVE_TYPE_NAME(DECIMAL)
801 #ifdef FIELD_TYPE_NEWDECIMAL
802         PDO_MYSQL_NATIVE_TYPE_NAME(NEWDECIMAL)
803 #endif
804 #ifdef FIELD_TYPE_GEOMETRY
805         PDO_MYSQL_NATIVE_TYPE_NAME(GEOMETRY)
806 #endif
807         PDO_MYSQL_NATIVE_TYPE_NAME(TIMESTAMP)
808 #ifdef FIELD_TYPE_YEAR
809         PDO_MYSQL_NATIVE_TYPE_NAME(YEAR)
810 #endif
811         PDO_MYSQL_NATIVE_TYPE_NAME(SET)
812         PDO_MYSQL_NATIVE_TYPE_NAME(ENUM)
813         PDO_MYSQL_NATIVE_TYPE_NAME(DATE)
814 #ifdef FIELD_TYPE_NEWDATE
815         PDO_MYSQL_NATIVE_TYPE_NAME(NEWDATE)
816 #endif
817         PDO_MYSQL_NATIVE_TYPE_NAME(TIME)
818         PDO_MYSQL_NATIVE_TYPE_NAME(DATETIME)
819         PDO_MYSQL_NATIVE_TYPE_NAME(TINY_BLOB)
820         PDO_MYSQL_NATIVE_TYPE_NAME(MEDIUM_BLOB)
821         PDO_MYSQL_NATIVE_TYPE_NAME(LONG_BLOB)
822         PDO_MYSQL_NATIVE_TYPE_NAME(BLOB)
823         PDO_MYSQL_NATIVE_TYPE_NAME(NULL)
824         default:
825             return NULL;
826     }
827 #undef PDO_MYSQL_NATIVE_TYPE_NAME
828 } /* }}} */
829 
pdo_mysql_stmt_col_meta(pdo_stmt_t *stmt, zend_long colno, zval *return_value)830 static int pdo_mysql_stmt_col_meta(pdo_stmt_t *stmt, zend_long colno, zval *return_value) /* {{{ */
831 {
832 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
833 	const MYSQL_FIELD *F;
834 	zval flags;
835 	char *str;
836 
837 	PDO_DBG_ENTER("pdo_mysql_stmt_col_meta");
838 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
839 	if (!S->result) {
840 		PDO_DBG_RETURN(FAILURE);
841 	}
842 	if (colno >= stmt->column_count) {
843 		/* error invalid column */
844 		PDO_DBG_RETURN(FAILURE);
845 	}
846 
847 	array_init(return_value);
848 	array_init(&flags);
849 
850 	F = S->fields + colno;
851 
852 	if (F->def) {
853 		add_assoc_string(return_value, "mysql:def", F->def);
854 	}
855 	if (IS_NOT_NULL(F->flags)) {
856 		add_next_index_string(&flags, "not_null");
857 	}
858 	if (IS_PRI_KEY(F->flags)) {
859 		add_next_index_string(&flags, "primary_key");
860 	}
861 	if (F->flags & MULTIPLE_KEY_FLAG) {
862 		add_next_index_string(&flags, "multiple_key");
863 	}
864 	if (F->flags & UNIQUE_KEY_FLAG) {
865 		add_next_index_string(&flags, "unique_key");
866 	}
867 	if (IS_BLOB(F->flags)) {
868 		add_next_index_string(&flags, "blob");
869 	}
870 	str = type_to_name_native(F->type);
871 	if (str) {
872 		add_assoc_string(return_value, "native_type", str);
873 	}
874 
875 #ifdef PDO_USE_MYSQLND
876 	switch (F->type) {
877 		case MYSQL_TYPE_BIT:
878 		case MYSQL_TYPE_YEAR:
879 		case MYSQL_TYPE_TINY:
880 		case MYSQL_TYPE_SHORT:
881 		case MYSQL_TYPE_INT24:
882 		case MYSQL_TYPE_LONG:
883 #if SIZEOF_ZEND_LONG==8
884 		case MYSQL_TYPE_LONGLONG:
885 #endif
886 			add_assoc_long(return_value, "pdo_type", PDO_PARAM_INT);
887 			break;
888 		default:
889 			add_assoc_long(return_value, "pdo_type", PDO_PARAM_STR);
890 			break;
891 	}
892 #endif
893 
894 	add_assoc_zval(return_value, "flags", &flags);
895 	add_assoc_string(return_value, "table", (char *) (F->table?F->table : ""));
896 
897 	PDO_DBG_RETURN(SUCCESS);
898 } /* }}} */
899 
pdo_mysql_stmt_cursor_closer(pdo_stmt_t *stmt)900 static int pdo_mysql_stmt_cursor_closer(pdo_stmt_t *stmt) /* {{{ */
901 {
902 	pdo_mysql_stmt *S = (pdo_mysql_stmt*)stmt->driver_data;
903 
904 	PDO_DBG_ENTER("pdo_mysql_stmt_cursor_closer");
905 	PDO_DBG_INF_FMT("stmt=%p", S->stmt);
906 	if (S->result) {
907 		mysql_free_result(S->result);
908 		S->result = NULL;
909 	}
910 	if (S->stmt) {
911 		int retval;
912 		retval = mysql_stmt_free_result(S->stmt);
913 		PDO_DBG_RETURN(retval ? 0 : 1);
914 	}
915 
916 	while (mysql_more_results(S->H->server)) {
917 		MYSQL_RES *res;
918 		if (mysql_next_result(S->H->server) != 0) {
919 			break;
920 		}
921 		res = mysql_store_result(S->H->server);
922 		if (res) {
923 			mysql_free_result(res);
924 		}
925 	}
926 	PDO_DBG_RETURN(1);
927 }
928 /* }}} */
929 
930 const struct pdo_stmt_methods mysql_stmt_methods = {
931 	pdo_mysql_stmt_dtor,
932 	pdo_mysql_stmt_execute,
933 	pdo_mysql_stmt_fetch,
934 	pdo_mysql_stmt_describe,
935 	pdo_mysql_stmt_get_col,
936 	pdo_mysql_stmt_param_hook,
937 	NULL, /* set_attr */
938 	NULL, /* get_attr */
939 	pdo_mysql_stmt_col_meta,
940 	pdo_mysql_stmt_next_rowset,
941 	pdo_mysql_stmt_cursor_closer
942 };
943