Merge branch '3'

2024-10-22 14:05:37 +02:00 · 2016-09-16 12:07:22 +01:00 · 2016-09-16 12:07:22 +01:00 · f65168ef8d
commit f65168ef8d
parent 78276e5397 beeed8155a
6 changed files with 113 additions and 54 deletions
--- a/ORM/Connect/Database.php
+++ b/ORM/Connect/Database.php
@ -190,21 +190,20 @@ abstract class Database {
 	 *
 	 * @param string $sql Query to run, and single parameter to callback
 	 * @param callable $callback Callback to execute code
-	 * @param array $parameters Parameters to display
+	 * @param array $parameters Parameters for any parameterised query
 	 * @return mixed Result of query
 	 */
-	protected function benchmarkQuery($sql, $callback, $parameters = null) {
+	protected function benchmarkQuery($sql, $callback, $parameters = array()) {
 		if (isset($_REQUEST['showqueries']) && Director::isDev()) {
 			$this->queryCount++;
 			$starttime = microtime(true);
 			$result = $callback($sql);
 			$endtime = round(microtime(true) - $starttime, 4);
-			$message = $sql;
-			if($parameters) {
-				$message .= "\nparams: \"" . implode('", "', $parameters) . '"';
+			// replace parameters as closely as possible to what we'd expect the DB to put in
+			if (strtolower($_REQUEST['showqueries']) == 'inline') {
+				$sql = DB::inline_parameters($sql, $parameters);
 			}
-			Debug::message("\n$this->queryCount: {$message}\n{$endtime}s\n", false);
-
+			Debug::message("\n$sql\n{$endtime}s\n", false);
 			return $result;
 		} else {
 			return $callback($sql);
--- a/ORM/Connect/PDOConnector.php
+++ b/ORM/Connect/PDOConnector.php
@ -128,6 +128,12 @@ class PDOConnector extends DBConnector {
 				$server .= ",{$parameters['port']}";
 			}
 			$dsn[] = "Server=$server";
+		} elseif ($parameters['driver'] === 'dblib') {
+			$server = $parameters['server'];
+			if (!empty($parameters['port'])) {
+				$server .= ":{$parameters['port']}";
+			}
+			$dsn[] = "host={$server}";
 		} else {
 			if (!empty($parameters['server'])) {
 				// Use Server instead of host for sqlsrv
--- a/ORM/DB.php
+++ b/ORM/DB.php
@ -303,6 +303,60 @@ class DB {
 		return implode($join, array_fill(0, $number, '?'));
 	}

+	/**
+	 * @param string $sql The parameterised query
+	 * @param array $parameters The parameters to inject into the query
+	 *
+	 * @return string
+	 */
+	public static function inline_parameters($sql, $parameters) {
+		$segments = preg_split('/\?/', $sql);
+		$joined = '';
+		$inString = false;
+		$numSegments = count($segments);
+		for($i = 0; $i < $numSegments; $i++) {
+			$input = $segments[$i];
+			// Append next segment
+			$joined .= $segments[$i];
+			// Don't add placeholder after last segment
+			if($i === $numSegments - 1) {
+				break;
+			}
+			// check string escape on previous fragment
+			// Remove escaped backslashes, count them!
+			$input = preg_replace('/\\\\\\\\/', '', $input);
+			// Count quotes
+			$totalQuotes = substr_count($input, "'"); // Includes double quote escaped quotes
+			$escapedQuotes = substr_count($input, "\\'");
+			if((($totalQuotes - $escapedQuotes) % 2) !== 0) {
+				$inString = !$inString;
+			}
+			// Append placeholder replacement
+			if($inString) {
+				// Literal question mark
+				$joined .= '?';
+				continue;
+			}
+
+			// Encode and insert next parameter
+			$next = array_shift($parameters);
+			if(is_array($next) && isset($next['value'])) {
+				$next = $next['value'];
+			}
+			if (is_bool($next)) {
+				$value = $next ? '1' : '0';
+			}
+			elseif (is_int($next)) {
+				$value = $next;
+			}
+			else {
+				$value = DB::is_active() ? Convert::raw2sql($next, true) : $next;
+			}
+			$joined .= $value;
+		}
+		return $joined;
+	}
+
 	/**
 	 * Execute the given SQL parameterised query with the specified arguments
 	 *
--- a/Security/Member.php
+++ b/Security/Member.php
@ -815,7 +815,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
 		$id = Member::currentUserID();

 		if($id) {
-			return Member::get()->byID($id);
+			return DataObject::get_by_id('SilverStripe\\Security\\Member', $id);
 		}
 		return null;
 	}
--- a/admin/client/dist/js/bundle-lib.js
+++ b/admin/client/dist/js/bundle-lib.js
--- a/docs/en/02_Developer_Guides/07_Debugging/02_URL_Variable_Tools.md
+++ b/docs/en/02_Developer_Guides/07_Debugging/02_URL_Variable_Tools.md
@ -38,8 +38,8 @@ Append the option and corresponding value to your URL in your browser's address
 ## Database

 | URL Variable | | Values | | Description                                                                                  | 
- | ------------ | | ------ | | -----------                                                                                  | 
- | showqueries  | | 1      | | List all SQL queries executed                                                                | 
+ | ------------ | | --------- | | -----------                                                                                  | 
+ | showqueries  | | 1\|inline | | List all SQL queries executed, the `inline` option will do a fudge replacement of parameterised queries          | 
 | previewwrite | | 1      | | List all insert / update SQL queries, and **don't** execute them.  Useful for previewing writes to the database. | 

 ## Security Redirects