NEW: Add prepare() method to DoliDB class (rebuild) (#35249)

* feat:prepared sql for mysqli and postgres * refactor:remove whitespace * Update DoliDB.class.php --------- Co-authored-by: Laurent Destailleur <eldy@destailleur.fr>
2025-12-05 09:08:09 +01:00 · 2025-09-08 02:37:42 +02:00
parent 686de5271a
commit 6334fa5bea
3 changed files with 56 additions and 0 deletions
--- a/htdocs/core/db/DoliDB.class.php
+++ b/htdocs/core/db/DoliDB.class.php
@@ -459,4 +459,19 @@ abstract class DoliDB implements Database

 		return false;
 	}
+
+	/**
+	 * Prepare a SQL statement for execution
+	 *
+	 * This method must be implemented by subclasses.
+	 *
+	 * @param string $sql SQL query to prepare
+	 * @return mixed Driver-specific prepared statement object or false on failure
+	 */
+	public function prepare($sql)
+	{
+		$this->lasterror = 'prepare() not implemented for this driver. Failed to prepare '.$sql;
+
+		return false;
+	}
 }
--- a/htdocs/core/db/mysqli.class.php
+++ b/htdocs/core/db/mysqli.class.php
@@ -1294,6 +1294,28 @@ class DoliDBMysqli extends DoliDB

 		return $result;
 	}
+
+	/**
+	 * Prepare a SQL statement for execution
+	 *
+	 * @param string $sql SQL query to prepare
+	 * @return false|mysqli_stmt
+	 */
+	public function prepare($sql)
+	{
+		if (!$this->connected) {
+			$this->lasterror = 'Not connected to database';
+			return false;
+		}
+		$stmt = $this->db->prepare($sql);
+		if ($stmt === false) {
+			$this->lasterror = $this->db->error;
+			$this->lastqueryerror = $sql;
+			return false;
+		}
+
+		return $stmt;
+	}
 }

 if (class_exists('mysqli')) {
--- a/htdocs/core/db/pgsql.class.php
+++ b/htdocs/core/db/pgsql.class.php
@@ -1512,4 +1512,23 @@ class DoliDBPgsql extends DoliDB

 		return array();
 	}
+
+	/**
+	 * Prepare a SQL statement for execution (PostgreSQL prepared statement)
+	 *
+	 * @param string $sql The SQL query to prepare
+	 * @return string|false The name of the prepared statement on success, or false on failure
+	 */
+	public function prepare($sql)
+	{
+		$stmtname = uniqid('dolipgstmt_'); // Generate a unique identifier for the statement
+
+		$result = pg_prepare($this->db, $stmtname, $sql);
+		if (!$result) {
+			$this->lasterror = pg_last_error($this->db);
+			return false;
+		}
+
+		return $stmtname; // We just return the name of the prepared statement
+	}
 }