Fix sql incorrect types
This commit is contained in:
parent
f613b11fe7
commit
68947b616b
2 changed files with 20 additions and 3 deletions
|
@ -96,7 +96,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
|
||||||
$wish_image = Sanitiser::getURL($_POST['wish_image']);
|
$wish_image = Sanitiser::getURL($_POST['wish_image']);
|
||||||
$wish_url = Sanitiser::getURL($_POST['wish_url']);
|
$wish_url = Sanitiser::getURL($_POST['wish_url']);
|
||||||
$wish_priority = !empty(Sanitiser::getNumber($_POST['wish_priority'])) ? Sanitiser::getNumber($_POST['wish_priority']) : 'NULL';
|
$wish_priority = !empty(Sanitiser::getNumber($_POST['wish_priority'])) ? Sanitiser::getNumber($_POST['wish_priority']) : 'NULL';
|
||||||
$wish_is_purchasable = isset($_POST['wish_is_purchasable']) ? 'true' : 'false';
|
$wish_is_purchasable = isset($_POST['wish_is_purchasable']);
|
||||||
|
|
||||||
if (Wish::NO_IMAGE === $wish_image) {
|
if (Wish::NO_IMAGE === $wish_image) {
|
||||||
$wish_image = '';
|
$wish_image = '';
|
||||||
|
@ -150,7 +150,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
|
||||||
`image` = :wish_image,
|
`image` = :wish_image,
|
||||||
`url` = :wish_url,
|
`url` = :wish_url,
|
||||||
`priority` = :wish_priority,
|
`priority` = :wish_priority,
|
||||||
`is_purchasable` = :wish_is_purchasable,
|
`is_purchasable` = :wish_is_purchasable
|
||||||
WHERE `id` = :wish_id',
|
WHERE `id` = :wish_id',
|
||||||
array(
|
array(
|
||||||
'wishlist_id' => $wish->wishlist,
|
'wishlist_id' => $wish->wishlist,
|
||||||
|
|
|
@ -37,7 +37,24 @@ class Database
|
||||||
public function query(string $query, array $placeholders = array()): \PDOStatement
|
public function query(string $query, array $placeholders = array()): \PDOStatement
|
||||||
{
|
{
|
||||||
$statement = $this->pdo->prepare($query, array(\PDO::FETCH_ASSOC));
|
$statement = $this->pdo->prepare($query, array(\PDO::FETCH_ASSOC));
|
||||||
$statement->execute($placeholders);
|
|
||||||
|
foreach ($placeholders as $name => $value) {
|
||||||
|
switch (gettype($value)) {
|
||||||
|
case 'boolean':
|
||||||
|
$statement->bindValue($name, $value, \PDO::PARAM_BOOL);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'integer':
|
||||||
|
$statement->bindValue($name, $value, \PDO::PARAM_INT);
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
$statement->bindValue($name, $value, \PDO::PARAM_STR);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$statement->execute();
|
||||||
|
|
||||||
$this->lastInsertId = $this->pdo->lastInsertId();
|
$this->lastInsertId = $this->pdo->lastInsertId();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue