Skip to content

Commit 29095a5

Browse files
committed
EloquentDataSource - improved generating runnable queries to correctly handle escaped and named bindings.
1 parent c27ad77 commit 29095a5

1 file changed

Lines changed: 14 additions & 5 deletions

File tree

Clockwork/DataSource/EloquentDataSource.php

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -270,15 +270,24 @@ protected function createRunnableQuery($query, $bindings, $connection)
270270
$bindings = $this->databaseManager->connection($connection)->prepareBindings($bindings);
271271

272272
$index = 0;
273-
$query = preg_replace_callback('/\?/', function ($matches) use ($bindings, $connection, &$index) {
274-
$binding = $this->quoteBinding($bindings[$index++], $connection);
273+
$query = preg_replace_callback('/\'[^\']*\'|[^?]\?|\W:[a-z]+/', function ($matches) use ($bindings, $connection, &$index) {
274+
$match = $matches[0];
275+
276+
if ($match[0] == '\'') { // quoted string
277+
return $match;
278+
} elseif ($match[1] == '?' && isset($bindings[$index])) { // question-mark binding
279+
$binding = $this->quoteBinding($bindings[$index++], $connection);
280+
} elseif ($match[1] == ':' && isset($bindings[substr($match, 2)])) { // named binding
281+
$binding = $this->quoteBinding($bindings[substr($match, 2)], $connection);
282+
} else {
283+
return $match;
284+
}
275285

276286
// convert binary bindings to hexadecimal representation
277287
if (! preg_match('//u', (string) $binding)) $binding = '0x' . bin2hex($binding);
278288

279-
// escape backslashes in the binding (preg_replace requires to do so)
280-
return (string) $binding;
281-
}, $query, count($bindings));
289+
return $match[0] . ((string) $binding);
290+
}, $query);
282291

283292
// highlight keywords
284293
$keywords = [

0 commit comments

Comments
 (0)