summaryrefslogtreecommitdiff
path: root/ext/dbx/tests/009.phpt
blob: f363de46b1a4702759af4c5cb53c996cba5c3d70 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

--TEST--
dbx_escape_string
--SKIPIF--
<?php 
include_once("skipif.inc");
?>
--INI--
magic_quotes_runtime=0
--FILE--
<?php 
include_once("dbx_test.p");
$sql_select_statement = "select * from tbl where id=999999 and parentid=999999";
$sql_insert_statement = "insert into tbl (id, parentid, description) values (999999, 999999, 'temporary_record')";
$sql_update_statement = "update tbl set field2 = '%s' where id=999999 and parentid=999999";
$sql_delete_statement = "delete from tbl where id=999999 and parentid=999999";
$dlo = dbx_connect($module, $host, $database, $username, $password);
if (!$dlo) {
    print('this won\'t work'."\n");
	}
else {
    // insert query
    dbx_query($dlo, $sql_insert_statement);
    // dbx_escape_string should make sure that an escaped string
    // is neatly passed through to the database, and on readout
    // it should be returned exactly the same as it went in
    function test_dbx_escape_string($txt) 
    {
        $sql = sprintf($GLOBALS['sql_update_statement'], dbx_escape_string($GLOBALS['dlo'], $txt));
        if (dbx_query($GLOBALS['dlo'], $sql)) {
            if ($dro=dbx_query($GLOBALS['dlo'], $GLOBALS['sql_select_statement'])) {
                print(($dro->data[0]['field2']===$txt?'ok':'fail ('.$dro->data[0]['field2'].')').': '.$txt."\n");
                }
            }
    }
    test_dbx_escape_string('no special characters');
    test_dbx_escape_string('quote \' string');
    test_dbx_escape_string('doublequote " string');
    test_dbx_escape_string('backslash \\ string');
    test_dbx_escape_string('backslash and quote \\ \' string');
    test_dbx_escape_string('ampersand & string');
    // delete query
    dbx_query($dlo, $sql_delete_statement);
    // generate errors
    if (!@dbx_escape_string(0, "any_text")) {
        print('wrong dbx_link_object: escape_string failure works ok'."\n");
        }
    if (!@dbx_escape_string($dlo, "any_text", "12many")) {
        print('too many parameters: escape_string failure works ok'."\n");
        }
    if (!@dbx_escape_string($dlo)) {
        print('too few parameters: escape_string failure works ok'."\n");
        }
    dbx_close($dlo);
    }
?>
--EXPECT--
ok: no special characters
ok: quote ' string
ok: doublequote " string
ok: backslash \ string
ok: backslash and quote \ ' string
ok: ampersand & string
wrong dbx_link_object: escape_string failure works ok
too many parameters: escape_string failure works ok
too few parameters: escape_string failure works ok
View Lorry Controller Status