PB-50121 Replace rand() with a static counter to generate unique bind-parameter placeholder (GITHUB passbolt#595)

(cherry picked from commit 4d1b480)

Author: ishanvyas22

src/Model/Traits/Query/CaseSensitiveCompareValueTrait.php

@@ -26,6 +26,16 @@
  */
 trait CaseSensitiveCompareValueTrait
 {
+    /**
+     * Global counter for generating unique bind placeholder names.
+     * A per-query counter (e.g. ValueBinder::placeholder()) is not sufficient because
+     * queries can be combined via union(), which merges their bindings — identical
+     * placeholder names across queries would silently overwrite each other.
+     *
+     * @var int
+     */
+    private static int $placeholderCounter = 0;
+
     /**
      * @param \Cake\ORM\Query\SelectQuery $query Reference query object.
      * @param mixed $col Column value to convert into case-sensitive binary.
@@ -41,7 +51,7 @@ public function getCaseSensitiveValue(SelectQuery $query, mixed $col): QueryExpr
             return $col;
         }
 
-        $valuePlaceholder = ':value_case_insensitive_' . rand();
+        $valuePlaceholder = ':value_case_insensitive_' . self::$placeholderCounter++;
         $query = $query->bind($valuePlaceholder, $col, $this->getBindType($col));
 
         return $query->newExpr()->add("CONVERT({$valuePlaceholder} using utf8mb4) COLLATE utf8mb4_bin");
@@ -65,7 +75,7 @@ public function getCaseSensitiveValues(SelectQuery $query, array $values): array
         $conditions = [];
         $values = array_unique($values);
         foreach ($values as $value) {
-            $valuePlaceholder = ':value_case_insensitive_' . rand();
+            $valuePlaceholder = ':value_case_insensitive_' . self::$placeholderCounter++;
             $conditions[] = $query
                 ->newExpr()
                 ->add("CONVERT({$valuePlaceholder} using utf8mb4) COLLATE utf8mb4_bin");