From cae0cbd5137029cab04ceeb0d52b1e73602f7a59 Mon Sep 17 00:00:00 2001
From: Patrick <thekabal@gmail.com>
Date: Sun, 12 Feb 2017 19:49:30 -0700
Subject: [PATCH] Use PDO datatype Constants in queries using bindPrams

---
 classes/Sessions.php | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/classes/Sessions.php b/classes/Sessions.php
index e8ae1b306..5040a6289 100644
--- a/classes/Sessions.php
+++ b/classes/Sessions.php
@@ -75,8 +75,8 @@ public function read(string $sesskey) : string
     {
         $qry = "SELECT sessdata FROM ::prefix::sessions where sesskey=:sesskey and expiry>=:expiry";
         $stmt = $this->pdo_db->prepare($qry);
-        $stmt->bindParam(':sesskey', $sesskey);
-        $stmt->bindParam(':expiry', $this->currenttime);
+        $stmt->bindParam(':sesskey', $sesskey, \PDO::PARAM_STR);
+        $stmt->bindParam(':expiry', $this->currenttime, \PDO::PARAM_STR);
         $stmt->execute();
         $result = $stmt->fetch(\PDO::FETCH_ASSOC);
         return (string) $result['sessdata']; // PHP7 change requires return to be string: https://github.com/Inchoo/Inchoo_PHP7/issues/4#issuecomment-165618172
@@ -95,9 +95,9 @@ public function write(string $sesskey, string $sessdata)
                 // Try to insert the record. This will fail if the record already exists, which will trigger catch below..
                 $qry = "INSERT into ::prefix::sessions (sesskey, sessdata, expiry) values (:sesskey, :sessdata, :expiry)";
                 $stmt = $this->pdo_db->prepare($qry);
-                $stmt->bindParam(':sesskey', $sesskey);
+                $stmt->bindParam(':sesskey', $sesskey, \PDO::PARAM_STR);
                 $stmt->bindParam(':sessdata', $sessdata);
-                $stmt->bindParam(':expiry', $this->expiry);
+                $stmt->bindParam(':expiry', $this->expiry, \PDO::PARAM_STR);
                 $result = $stmt->execute();
             }
             catch (\PDOException $e)
@@ -105,9 +105,9 @@ public function write(string $sesskey, string $sessdata)
                 // Insert didn't work, use update instead
                 $qry = "UPDATE ::prefix::sessions SET sessdata=:sessdata, expiry=:expiry where sesskey=:sesskey";
                 $stmt = $this->pdo_db->prepare($qry);
-                $stmt->bindParam(':sesskey', $sesskey);
+                $stmt->bindParam(':sesskey', $sesskey, \PDO::PARAM_STR);
                 $stmt->bindParam(':sessdata', $sessdata);
-                $stmt->bindParam(':expiry', $this->expiry);
+                $stmt->bindParam(':expiry', $this->expiry, \PDO::PARAM_STR);
                 $result = $stmt->execute();
             }
 
@@ -120,7 +120,7 @@ public function destroy(string $sesskey)
     {
         $qry = "DELETE from ::prefix::sessions where sesskey=:sesskey";
         $stmt = $this->pdo_db->prepare($qry);
-        $stmt->bindParam(':sesskey', $sesskey);
+        $stmt->bindParam(':sesskey', $sesskey, \PDO::PARAM_STR);
         $result = $stmt->execute();
         return $result;
     }
@@ -129,7 +129,7 @@ public function gc()
     {
         $qry = "DELETE from ::prefix::sessions where expiry>:expiry";
         $stmt = $this->pdo_db->prepare($qry);
-        $stmt->bindParam(':expiry', $this->expiry);
+        $stmt->bindParam(':expiry', $this->expiry, \PDO::PARAM_STR);
         $result = $stmt->execute();
         return $result;
     }
@@ -141,8 +141,8 @@ public function regen(): void
         $new_id = session_id();
         $qry = "UPDATE ::prefix::sessions SET sesskey=:newkey where sesskey=:sesskey";
         $stmt = $this->pdo_db->prepare($qry);
-        $stmt->bindParam(':newkey', $new_id);
-        $stmt->bindParam(':sesskey', $old_id);
+        $stmt->bindParam(':newkey', $new_id, \PDO::PARAM_STR);
+        $stmt->bindParam(':sesskey', $old_id, \PDO::PARAM_STR);
         $stmt->execute();
     }
 }