From 42009d047df5cb2ac2b9d16c7d4d0bbe8a0d211e Mon Sep 17 00:00:00 2001
From: Cyril Vazquez <cyril.vazquez@maarch.org>
Date: Tue, 30 Jun 2015 10:07:53 +0000
Subject: [PATCH] FEAT #2482 Test placeholder and param type array for sql in()

---
 core/trunk/core/class/class_db_pdo.php | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/core/trunk/core/class/class_db_pdo.php b/core/trunk/core/class/class_db_pdo.php
index b6179a58e0d..5e880a1329b 100644
--- a/core/trunk/core/class/class_db_pdo.php
+++ b/core/trunk/core/class/class_db_pdo.php
@@ -181,6 +181,26 @@ class Database
      */
     public function query($queryString, $parameters=null, $catchExceptions=false)
     {
+        if ($parameters) {
+            foreach ($parameters as $key => $value) {
+                if (is_array($value)) {
+                    if (is_int($key)) {
+                        $placeholders = implode(',', array_fill(0, count($value), '?'));
+                        preg_match_all("/\?/", $queryString, $matches, PREG_OFFSET_CAPTURE);
+                        $match = $matches[0][$key];
+                        $queryString = substr($queryString, 0, $match[1]) . $placeholders . substr($queryString, $match[1]+1);
+                    } else {
+                        $placeholdersArr = array();
+                        foreach ($value as $pos => $item) {
+                            $placeholdersArr[] = ':item_'.$pos;
+                        }
+                        $placeholders = implode(',', $placeholdersArr);
+                        $queryString = str_replace($key, $placeholders, $queryString);    
+                    }
+                }
+            }
+        }
+
         try {
             $this->stmt = $this->prepare($queryString);
 
-- 
GitLab