PreparedStatementTest.php

Go to the documentation of this file.

<?php
namespace TYPO3\CMS\Core\Tests\Unit\Database;

class PreparedStatementTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {

    protected $databaseStub;

    protected function setUp() {
        $this->databaseStub = $this->setUpAndReturnDatabaseStub();
    }

    // Utility functions

    private function setUpAndReturnDatabaseStub() {
        $GLOBALS['TYPO3_DB'] = $this->getAccessibleMock(
            'TYPO3\\CMS\\Core\\Database\\DatabaseConnection',
            array('prepare_PREPAREDquery'),
            array(),
            '',
            FALSE,
            FALSE
        );

        return $GLOBALS['TYPO3_DB'];
    }

    private function createPreparedStatement($query) {
        return new \TYPO3\CMS\Core\Database\PreparedStatement($query, 'pages');
    }

    // Tests for the utility functions

    public function setUpAndReturnDatabaseStubReturnsMockObjectOfDatabaseConnection() {
        $this->assertTrue($this->setUpAndReturnDatabaseStub() instanceof \TYPO3\CMS\Core\Database\DatabaseConnection);
    }

    public function createPreparedStatementReturnsInstanceOfPreparedStatementClass() {
        $this->assertTrue($this->createPreparedStatement('dummy') instanceof \TYPO3\CMS\Core\Database\PreparedStatement);
    }

    // Tests for \TYPO3\CMS\Core\Database\PreparedStatement

    public function parametersAndQueriesDataProvider() {
        return array(
            'one named integer parameter' => array('SELECT * FROM pages WHERE pid=:pid', array(':pid' => 1), 'SELECT * FROM pages WHERE pid=?'),
            'one unnamed integer parameter' => array('SELECT * FROM pages WHERE pid=?', array(1), 'SELECT * FROM pages WHERE pid=?'),
            'one named integer parameter is replaced multiple times' => array('SELECT * FROM pages WHERE pid=:pid OR uid=:pid', array(':pid' => 1), 'SELECT * FROM pages WHERE pid=? OR uid=?'),
            'two named integer parameters are replaced' => array('SELECT * FROM pages WHERE pid=:pid OR uid=:uid', array(':pid' => 1, ':uid' => 10), 'SELECT * FROM pages WHERE pid=? OR uid=?'),
            'two unnamed integer parameters are replaced' => array('SELECT * FROM pages WHERE pid=? OR uid=?', array(1, 1), 'SELECT * FROM pages WHERE pid=? OR uid=?'),
        );
    }

    public function parametersAreReplacedByQuestionMarkInQueryByCallingExecute($query, $parameters, $expectedResult) {
        $statement = $this->createPreparedStatement($query);
        $this->databaseStub->expects($this->any())->method('prepare_PREPAREDquery')->with($this->equalTo($expectedResult));
        $statement->execute($parameters);
    }

    public function parametersAreReplacedInQueryWhenBoundWithBindValues($query, $parameters, $expectedResult) {
        $statement = $this->createPreparedStatement($query);
        $this->databaseStub->expects($this->any())->method('prepare_PREPAREDquery')->with($this->equalTo($expectedResult));
        $statement->bindValues($parameters);
        $statement->execute();
    }

    public function invalidParameterTypesPassedToBindValueThrowsExceptionDataProvider() {
        return array(
            'integer passed with param type NULL' => array(1, \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_NULL),
            'string passed with param type NULL' => array('1', \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_NULL),
            'bool passed with param type NULL' => array(TRUE, \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_NULL),
            'NULL passed with param type INT' => array(NULL, \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_INT),
            'string passed with param type INT' => array('1', \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_INT),
            'bool passed with param type INT' => array(TRUE, \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_INT),
            'NULL passed with param type BOOL' => array(NULL, \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_BOOL),
            'string passed with param type BOOL' => array('1', \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_BOOL),
            'integer passed with param type BOOL' => array(1, \TYPO3\CMS\Core\Database\PreparedStatement::PARAM_BOOL)
        );
    }

    public function invalidParameterTypesPassedToBindValueThrowsException($parameter, $type) {
        $statement = $this->createPreparedStatement('');
        $statement->bindValue(1, $parameter, $type);
    }

    public function passingInvalidMarkersThrowsExceptionDataProvider() {
        return array(
            'using other prefix than colon' => array('SELECT * FROM pages WHERE pid=#pid', array('#pid' => 1)),
            'using non alphanumerical character' => array('SELECT * FROM pages WHERE title=:stra≠e', array(':stra≠e' => 1)),
            'no colon used' => array('SELECT * FROM pages WHERE pid=pid', array('pid' => 1)),
            'colon at the end' => array('SELECT * FROM pages WHERE pid=pid:', array('pid:' => 1)),
            'colon without alphanumerical character' => array('SELECT * FROM pages WHERE pid=:', array(':' => 1))
        );
    }

    public function passingInvalidMarkersThrowsException($query, $parameters) {
        $statement = $this->createPreparedStatement($query);
        $statement->bindValues($parameters);
    }

}