public function FrxOracle::format in Forena Reports 8
Implement custom SQL formatter to make sure that strings are properly escaped. Ideally we'd replace this with something that handles prepared statements, but it wouldn't work for
Parameters
string $value: The value of the token replacement.
string $key: The name of the token being replaced.
bool $raw: TRUE implies the data should not be formatted for user input.
Return value
string Formatted value.
File
- src/
FrxPlugin/ Driver/ FrxOracle.php, line 381 - Oracle specific driver that takes advantage of oracles native XML support
Class
- FrxOracle
- Class FrxOracle
Namespace
Drupal\forena\FrxPlugin\DriverCode
public function format($value, $key, $raw = FALSE) {
if ($raw) {
return $value;
}
$value = $this
->parmConvert($key, $value);
if ($value === '' || $value === NULL || $value === array()) {
$value = 'NULL';
}
else {
if (is_array($value)) {
if ($value == array()) {
$value = 'NULL';
}
else {
// Build a array of values string
$i = 0;
$val = '';
foreach ($value as $v) {
$i++;
if ($i == 1) {
$val .= '(';
}
else {
$val .= ',';
}
$val .= "'" . str_replace("'", "''", $v) . "'";
}
$value = $val . ')';
}
}
elseif (is_int($value)) {
$value = (int) $value;
$value = (string) $value;
}
elseif (is_float($value)) {
$value = (double) $value;
$value = (string) $value;
}
else {
$value = trim($value);
$value = "'" . str_replace("'", "''", $value) . "'";
}
}
return $value;
}