php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-12-14 18:31:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize null bytes before quoteValue() on PHP 8.5+ in SQLite. (#20673)

Browse Source
This commit is contained in:
Wilmer Arambula
2025-11-02 06:49:19 -03:00
committed by GitHub
parent 1fdcebaeec
commit ab6cef441e
3 changed files with 45 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
framework/db/sqlite/Schema.php
View File

@@ -491,4 +491,24 @@ class Schema extends BaseSchema implements ConstraintFinderInterface
{
return strncmp($identifier, 'sqlite_', 7) === 0;
}
/**
* @inheritdoc
*
* Since PHP 8.5, `PDO::quote()` throws a ValueError when the string contains null bytes ("\0").
*
* This method sanitizes such bytes before calling the parent implementation to avoid exceptions while maintaining
* backward compatibility.
*
* @link https://github.com/php/php-src/commit/0a10f6db26875e0f1d0f867307cee591d29a43c7
*/
public function quoteValue($value)
{
if (PHP_VERSION_ID >= 80500 && is_string($value) && str_contains($value, "\0")) {
// Sanitize null bytes to prevent PDO ValueError on PHP 8.5+
$value = str_replace("\0", '', $value);
}
return parent::quoteValue($value);
}
}