Add ECUID (edit user cuid) to session and return in acl array

Release: v9.21.0
add uuidv4 verify method
2024-12-02 17:18:34 +09:00 · 2024-12-02 15:55:33 +09:00 · 2024-12-02 15:54:35 +09:00 · 2024-11-27 14:43:58 +09:00 · 2024-11-27 14:42:18 +09:00 · 2024-11-27 14:42:04 +09:00
12 changed files with 625 additions and 258 deletions
--- a/publish/last.published
+++ b/publish/last.published
@@ -1 +1 @@
-9.19.0
+9.21.0
--- a/src/ACL/Login.php
+++ b/src/ACL/Login.php
@@ -75,6 +75,8 @@ class Login
 {
 	/** @var ?int the user id var*/
 	private ?int $euid;
+	/** @var ?string the user cuid (note will be super seeded with uuid v4 later) */
+	private ?string $ecuid;
 	/** @var string _GET/_POST loginUserId parameter for non password login */
 	private string $login_user_id = '';
 	/** @var string source, either _GET or _POST or empty */
@@ -757,7 +759,7 @@ class Login
 		}
 		// have to get the global stuff here for setting it later
 		// we have to get the themes in here too
-		$q = "SELECT eu.edit_user_id, eu.username, eu.password, "
+		$q = "SELECT eu.edit_user_id, eu.cuid, eu.username, eu.password, "
 			. "eu.edit_group_id, "
 			. "eg.name AS edit_group_name, eu.admin, "
 			// additinal acl lists
@@ -889,6 +891,7 @@ class Login
 			// normal user processing
 			// set class var and session var
 			$_SESSION['EUID'] = $this->euid = (int)$res['edit_user_id'];
+			$_SESSION['ECUID'] = $this->ecuid = (string)$res['cuid'];
 			// check if user is okay
 			$this->loginCheckPermissions();
 			if ($this->login_error == 0) {
@@ -1132,6 +1135,8 @@ class Login
 		// username (login), group name
 		$this->acl['user_name'] = $_SESSION['USER_NAME'];
 		$this->acl['group_name'] = $_SESSION['GROUP_NAME'];
+		// edit user cuid
+		$this->acl['ecuid'] = $_SESSION['ECUID'];
 		// set additional acl
 		$this->acl['additional_acl'] = [
 			'user' => $_SESSION['USER_ADDITIONAL_ACL'],
@@ -1862,6 +1867,8 @@ HTML;
 		}
 		// if there is none, there is none, saves me POST/GET check
 		$this->euid = array_key_exists('EUID', $_SESSION) ? (int)$_SESSION['EUID'] : 0;
+		// TODO: allow load from cuid
+		// $this->ecuid = array_key_exists('ECUID', $_SESSION) ? (string)$_SESSION['ECUID'] : '';
 		// get login vars, are so, can't be changed
 		// prepare
 		// pass on vars to Object vars
@@ -2111,6 +2118,7 @@ HTML;
 		$this->session->sessionDestroy();
 		// unset euid
 		$this->euid = null;
+		$this->ecuid = null;
 		// then prints the login screen again
 		$this->permission_okay = false;
 	}
@@ -2128,11 +2136,12 @@ HTML;
 		if (empty($this->euid)) {
 			return $this->permission_okay;
 		}
+		// euid must match ecuid
 		// bail for previous wrong page match, eg if method is called twice
 		if ($this->login_error == 103) {
 			return $this->permission_okay;
 		}
-		$q = "SELECT ep.filename, "
+		$q = "SELECT ep.filename, eu.cuid, "
 			// base lock flags
 			. "eu.deleted, eu.enabled, eu.locked, "
 			// date based lock
@@ -2198,6 +2207,8 @@ HTML;
 		} else {
 			$this->login_error = 103;
 		}
+		// set ECUID
+		$_SESSION['ECUID'] = $this->ecuid = (string)$res['cuid'];
 		// if called from public, so we can check if the permissions are ok
 		return $this->permission_okay;
 	}
@@ -2503,6 +2514,16 @@ HTML;
 	{
 		return (string)$this->euid;
 	}
+
+	/**
+	 * Get the current set ECUID (edit user cuid)
+	 *
+	 * @return string ECUID as string
+	 */
+	public function loginGetEcid(): string
+	{
+		return (string)$this->ecuid;
+	}
 }

 // __END__
--- a/src/Convert/Color/Coordinates/HSB.php
+++ b/src/Convert/Color/Coordinates/HSB.php
@@ -26,7 +26,7 @@ class HSB implements Interface\CoordinatesInterface
 	private float $B = 0.0;

 	/** @var string color space: either ok or cie */
-	private string $colorspace = '';
+	private string $colorspace = ''; /** @phpstan-ignore-line */

 	/**
 	 * HSB (HSV) color coordinates
--- a/src/Convert/Color/Coordinates/HSL.php
+++ b/src/Convert/Color/Coordinates/HSL.php
@@ -25,7 +25,7 @@ class HSL implements Interface\CoordinatesInterface
 	/** @var float lightness (luminance) */
 	private float $L = 0.0;

-	/** @var string color space: either ok or cie */
+	/** @var string color space: either sRGB */
 	private string $colorspace = '';

 	/**
--- a/src/Create/Uids.php
+++ b/src/Create/Uids.php
@@ -56,26 +56,6 @@ class Uids
 	 */
 	public static function uuidv4(): string
 	{
-		/* return sprintf(
-			'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
-			// 32 bits for "time_low"
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff),
-			// 16 bits for "time_mid"
-			mt_rand(0, 0xffff),
-			// 16 bits for "time_hi_and_version",
-			// four most significant bits holds version number 4
-			mt_rand(0, 0x0fff) | 0x4000,
-			// 16 bits, 8 bits for "clk_seq_hi_res",
-			// 8 bits for "clk_seq_low",
-			// two most significant bits holds zero and one for variant DCE1.1
-			mt_rand(0, 0x3fff) | 0x8000,
-			// 48 bits for "node"
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff)
-		); */
-
 		$data = random_bytes(16);
 		assert(strlen($data) == 16);

@@ -93,6 +73,20 @@ class Uids
 		return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
 	}

+	/**
+	 * regex validate uuid v4
+	 *
+	 * @param  string $uuidv4
+	 * @return bool
+	 */
+	public static function validateUuuidv4(string $uuidv4): bool
+	{
+		if (!preg_match("/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/", $uuidv4)) {
+			return false;
+		}
+		return true;
+	}
+
 	/**
 	 * creates a uniq id based on lengths
 	 *
--- a/src/DB/IO.php
+++ b/src/DB/IO.php
@@ -284,7 +284,8 @@ class IO
 	public const ERROR_HASH_TYPE = 'adler32';
 	/** @var string regex to get returning with matches at position 1 */
 	public const REGEX_RETURNING = '/\s+returning\s+(.+\s*(?:.+\s*)+);?$/i';
-	/** @var array<string> allowed convert target for placeholder: pg or pdo (currently not available) */
+	/** @var array<string> allowed convert target for placeholder:
+	 * pg or pdo (currently not available) */
 	public const DB_CONVERT_PLACEHOLDER_TARGET = ['pg'];
 	// REGEX_SELECT
 	// REGEX_UPDATE
@@ -1311,33 +1312,14 @@ class IO
 	}

 	/**
-	 * count $ leading parameters only
+	 * count placeholder entries in the query
 	 *
 	 * @param  string $query Query to check
 	 * @return int           Number of parameters found
 	 */
 	private function __dbCountQueryParams(string $query): int
 	{
-		$match = [];
-		// regex for params: only stand alone $number allowed
-		// exclude all '' enclosed strings, ignore all numbers [note must start with digit]
-		// can have space/tab/new line
-		// must have <> = , ( [not equal, equal, comma, opening round bracket]
-		// can have space/tab/new line
-		// $ number with 1-9 for first and 0-9 for further digits
-		// /s for matching new line in . list
-		// [disabled, we don't used ^ or $] /m for multi line match
-		// Matches in 1:, must be array_filtered to remove empty, count with array_unique
-		$query_split = '[(=,?-]|->|->>|#>|#>>|@>|<@|\?\|\?\&|\|\||#-';
-		preg_match_all(
-			'/'
-			. '(?:\'.*?\')?\s*(?:\?\?|<>|' . $query_split . ')\s*'
-			. '(?:\d+|(?:\'.*?\')|(\$[1-9]{1}(?:[0-9]{1,})?))'
-			. '/s',
-			$query,
-			$match
-		);
-		return count(array_unique(array_filter($match[1])));
+		return $this->db_functions->__dbCountQueryParams($query);
 	}

 	/**
@@ -3160,7 +3142,8 @@ class IO
 				'count' => 0,
 				'query' => '',
 				'result' =>  null,
-				'returning_id' => false
+				'returning_id' => false,
+				'placeholder_converted' => [],
 			];
 			// if this is an insert query, check if we can add a return
 			if ($this->dbCheckQueryForInsert($query, true)) {
@@ -3200,6 +3183,39 @@ class IO
 					$this->prepare_cursor[$stm_name]['pk_name'] = $pk_name;
 				}
 			}
+			// QUERY PARAMS: run query params check and rewrite
+			if ($this->dbGetConvertPlaceholder() === true) {
+				try {
+					$this->placeholder_converted = ConvertPlaceholder::convertPlaceholderInQuery(
+						$query,
+						null,
+						$this->dbGetConvertPlaceholderTarget()
+					);
+					// write the new queries over the old
+					if (!empty($this->placeholder_converted['query'])) {
+						$query = $this->placeholder_converted['query'];
+					}
+					$this->prepare_cursor[$stm_name]['placeholder_converted'] = $this->placeholder_converted;
+				} catch (\OutOfRangeException $e) {
+					$this->__dbError($e->getCode(), context:[
+						'statement_name' => $stm_name,
+						'query' => $query,
+						'location' => 'dbPrepare',
+						'error' => 'OutOfRangeException',
+						'exception' => $e
+					]);
+					return false;
+				} catch (\RuntimeException $e) {
+					$this->__dbError($e->getCode(), context:[
+						'statement_name' => $stm_name,
+						'query' => $query,
+						'location' => 'dbPrepare',
+						'error' => 'RuntimeException',
+						'exception' => $e
+					]);
+					return false;
+				}
+			}
 			// check prepared curser parameter count
 			$this->prepare_cursor[$stm_name]['count'] = $this->__dbCountQueryParams($query);
 			$this->prepare_cursor[$stm_name]['query'] = $query;
@@ -3735,7 +3751,7 @@ class IO
 	}

 	/**
-	 * convert db values (set)
+	 * convert db values (set) to php matching types
 	 *
 	 * @param  Convert $convert
 	 * @return void
@@ -3746,7 +3762,7 @@ class IO
 	}

 	/**
-	 * unsert convert db values flag
+	 * unsert convert db values flag for converting db to php matching types
 	 *
 	 * @param  Convert $convert
 	 * @return void
@@ -3757,7 +3773,7 @@ class IO
 	}

 	/**
-	 * Reset to origincal config file set
+	 * Reset to original config file set for converting db to php matching type
 	 *
 	 * @return void
 	 */
@@ -3769,7 +3785,7 @@ class IO
 	}

 	/**
-	 * check if a conert flag is set
+	 * check if a convert flag is set for converting db to php matching type
 	 *
 	 * @param  Convert $convert
 	 * @return bool
@@ -3783,7 +3799,7 @@ class IO
 	}

 	/**
-	 * Set if we want to auto convert PDO/\Pg placeholders
+	 * Set if we want to auto convert to PDO/\Pg placeholders
 	 *
 	 * @param  bool $flag
 	 * @return void
@@ -4294,7 +4310,7 @@ class IO
 	 * @param string $stm_name  The name of the stored statement
 	 * @param string $key       Key field name in prepared cursor array
 	 *                          Allowed are: pk_name, count, query, returning_id
-	 * @return null|string|int|bool Entry from each of the valid keys
+	 * @return null|string|int|bool|array<string,mixed> Entry from each of the valid keys
 	 *                          Will return false on error
 	 *                          Not ethat returnin_id also can return false
 	 *                          but will not set an error entry
@@ -4302,7 +4318,7 @@ class IO
 	public function dbGetPrepareCursorValue(
 		string $stm_name,
 		string $key
-	): null|string|int|bool {
+	): null|string|int|bool|array {
 		// if no statement name
 		if (empty($stm_name)) {
 			$this->__dbError(
@@ -4313,7 +4329,7 @@ class IO
 			return false;
 		}
 		// if not a valid key
-		if (!in_array($key, ['pk_name', 'count', 'query', 'returning_id'])) {
+		if (!in_array($key, ['pk_name', 'count', 'query', 'returning_id', 'placeholder_converted'])) {
 			$this->__dbError(
 				102,
 				false,
--- a/src/DB/SQL/Interface/SqlFunctions.php
+++ b/src/DB/SQL/Interface/SqlFunctions.php
@@ -285,6 +285,22 @@ interface SqlFunctions
 	 */
 	public function __dbConnectionBusySocketWait(int $timeout_seconds = 3): bool;

+	/**
+	 * Undocumented function
+	 *
+	 * @param  string $parameter
+	 * @param  bool   $strip
+	 * @return string
+	 */
+	public function __dbVersionInfo(string $parameter, bool $strip = true): string;
+
+	/**
+	 * Undocumented function
+	 *
+	 * @return array<mixed>
+	 */
+	public function __dbVersionInfoParameterList(): array;
+
 	/**
 	 * Undocumented function
 	 *
@@ -292,6 +308,13 @@ interface SqlFunctions
 	 */
 	public function __dbVersion(): string;

+	/**
+	 * Undocumented function
+	 *
+	 * @return int
+	 */
+	public function __dbVersionNumeric(): int;
+
 	/**
 	 * Undocumented function
 	 *
@@ -306,6 +329,14 @@ interface SqlFunctions
 		?int &$end = null
 	): ?array;

+	/**
+	 * Undocumented function
+	 *
+	 * @param  string      $parameter
+	 * @return string|bool
+	 */
+	public function __dbParameter(string $parameter): string|bool;
+
 	/**
 	 * Undocumented function
 	 *
@@ -343,6 +374,14 @@ interface SqlFunctions
 	 * @return string
 	 */
 	public function __dbGetEncoding(): string;
+
+	/**
+	 * Undocumented function
+	 *
+	 * @param  string $query
+	 * @return int
+	 */
+	public function __dbCountQueryParams(string $query): int;
 }

 // __END__
--- a/src/DB/SQL/PgSQL.php
+++ b/src/DB/SQL/PgSQL.php
@@ -51,6 +51,8 @@ declare(strict_types=1);

 namespace CoreLibs\DB\SQL;

+use CoreLibs\DB\Support\ConvertPlaceholder;
+
 // below no ignore is needed if we want to use PgSql interface checks with PHP 8.0
 // as main system. Currently all @var sets are written as object
 /** @#phan-file-suppress PhanUndeclaredTypeProperty,PhanUndeclaredTypeParameter,PhanUndeclaredTypeReturnType */
@@ -102,7 +104,7 @@ class PgSQL implements Interface\SqlFunctions
 	 * SELECT foo FROM bar WHERE foobar = $1
 	 *
 	 * @param  string       $query  Query string with placeholders $1, ..
-	 * @param  array<mixed> $params Matching parameters for each placerhold
+	 * @param  array<mixed> $params Matching parameters for each placeholder
 	 * @return \PgSql\Result|false Query result
 	 */
 	public function __dbQueryParams(string $query, array $params): \PgSql\Result|false
@@ -140,7 +142,7 @@ class PgSQL implements Interface\SqlFunctions
 	 * sends an async query to the server with params
 	 *
 	 * @param  string       $query  Query string with placeholders $1, ..
-	 * @param  array<mixed> $params Matching parameters for each placerhold
+	 * @param  array<mixed> $params Matching parameters for each placeholder
 	 * @return bool         true/false Query sent successful status
 	 */
 	public function __dbSendQueryParams(string $query, array $params): bool
@@ -405,17 +407,13 @@ class PgSQL implements Interface\SqlFunctions
 			}
 			// no PK name given at all
 			if (empty($pk_name)) {
-				// if name is plurar, make it singular
-				// if (preg_match("/.*s$/i", $table))
-				// 	$table = substr($table, 0, -1);
 				// set pk_name to "id"
 				$pk_name = $table . "_id";
 			}
-			$seq = ($schema ? $schema . '.' : '') . $table . "_" . $pk_name . "_seq";
-			$q = "SELECT CURRVAL('$seq') AS insert_id";
+			$q = "SELECT CURRVAL(pg_get_serial_sequence($1, $2)) AS insert_id";
 			// I have to do manually or I overwrite the original insert internal vars ...
-			if ($q = $this->__dbQuery($q)) {
-				if (is_array($res = $this->__dbFetchArray($q))) {
+			if ($cursor = $this->__dbQueryParams($q, [$table, $pk_name])) {
+				if (is_array($res = $this->__dbFetchArray($cursor))) {
 					list($id) = $res;
 				} else {
 					return false;
@@ -449,26 +447,36 @@ class PgSQL implements Interface\SqlFunctions
 					$table_prefix = $schema . '.';
 				}
 			}
+			$params = [$table_prefix . $table];
+			$replace = ['', ''];
 			// read from table the PK name
 			// faster primary key get
-			$q = "SELECT pg_attribute.attname AS column_name, "
-				. "format_type(pg_attribute.atttypid, pg_attribute.atttypmod) AS type "
-				. "FROM pg_index, pg_class, pg_attribute ";
+			$q = <<<SQL
+			SELECT
+				pg_attribute.attname AS column_name,
+				format_type(pg_attribute.atttypid, pg_attribute.atttypmod) AS type
+			FROM pg_index, pg_class, pg_attribute{PG_NAMESPACE}
+			WHERE
+				-- regclass translates the OID to the name
+				pg_class.oid = $1::regclass AND
+				indrelid = pg_class.oid AND
+				pg_attribute.attrelid = pg_class.oid AND
+				pg_attribute.attnum = any(pg_index.indkey) AND
+				indisprimary
+				{NSPNAME}
+			SQL;
 			if ($schema) {
-				$q .= ", pg_namespace ";
+				$params[] = $schema;
+				$replace = [
+					", pg_namespace",
+					"AND pg_class.relnamespace = pg_namespace.oid AND nspname = $2"
+				];
 			}
-			$q .= "WHERE "
-				// regclass translates the OID to the name
-				. "pg_class.oid = '" . $table_prefix . $table . "'::regclass AND "
-				. "indrelid = pg_class.oid AND ";
-			if ($schema) {
-				$q .= "nspname = '" . $schema . "' AND "
-					. "pg_class.relnamespace = pg_namespace.oid AND ";
-			}
-			$q .= "pg_attribute.attrelid = pg_class.oid AND "
-				. "pg_attribute.attnum = any(pg_index.indkey) "
-				. "AND indisprimary";
-			$cursor = $this->__dbQuery($q);
+			$cursor = $this->__dbQueryParams(str_replace(
+				['{PG_NAMESPACE}', '{NSPNAME}'],
+				$replace,
+				$q
+			), $params);
 			if ($cursor !== false) {
 				$__db_fetch_array = $this->__dbFetchArray($cursor);
 				if (!is_array($__db_fetch_array)) {
@@ -893,11 +901,13 @@ class PgSQL implements Interface\SqlFunctions
 	public function __dbSetSchema(string $db_schema): int
 	{
 		// check if schema actually exists
-		$query = "SELECT EXISTS("
-			. "SELECT 1 FROM information_schema.schemata "
-			. "WHERE schema_name = " . $this->__dbEscapeLiteral($db_schema)
-			. ")";
-		$cursor = $this->__dbQuery($query);
+		$query = <<<SQL
+		SELECT EXISTS (
+			SELECT 1 FROM information_schema.schemata
+			WHERE schema_name = $1
+		)
+		SQL;
+		$cursor = $this->__dbQueryParams($query, [$db_schema]);
 		// abort if execution fails
 		if ($cursor === false) {
 			return 1;
@@ -966,6 +976,34 @@ class PgSQL implements Interface\SqlFunctions
 	{
 		return $this->__dbShow('client_encoding');
 	}
+
+	/**
+	 * Count placeholder queries. $ only
+	 *
+	 * @param  string $query
+	 * @return int
+	 */
+	public function __dbCountQueryParams(string $query): int
+	{
+		$matches = [];
+		// regex for params: only stand alone $number allowed
+		// exclude all '' enclosed strings, ignore all numbers [note must start with digit]
+		// can have space/tab/new line
+		// must have <> = , ( [not equal, equal, comma, opening round bracket]
+		// can have space/tab/new line
+		// $ number with 1-9 for first and 0-9 for further digits
+		// Collects also PDO ? and :named, but they are ignored
+		// /s for matching new line in . list
+		// [disabled, we don't used ^ or $] /m for multi line match
+		// Matches in 1:, must be array_filtered to remove empty, count with array_unique
+		// Regex located in the ConvertPlaceholder class
+		preg_match_all(
+			ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS,
+			$query,
+			$matches
+		);
+		return count(array_unique(array_filter($matches[3])));
+	}
 }

 // __END__
--- a/src/DB/Support/ConvertPlaceholder.php
+++ b/src/DB/Support/ConvertPlaceholder.php
@@ -14,6 +14,67 @@ namespace CoreLibs\DB\Support;

 class ConvertPlaceholder
 {
+	/** @var string split regex */
+	private const PATTERN_QUERY_SPLIT = '[(<>=,?-]|->|->>|#>|#>>|@>|<@|\?\|\?\&|\|\||#-';
+	/** @var string the main regex including  the pattern query split */
+	private const PATTERN_ELEMENT = '(?:\'.*?\')?\s*(?:\?\?|' . self::PATTERN_QUERY_SPLIT . ')\s*';
+	/** @var string parts to ignore in the SQL */
+	private const PATTERN_IGNORE =
+		// digit -> ignore
+		'\d+|'
+		// other string -> ignore
+		. '(?:\'.*?\')|';
+	/** @var string named parameters */
+	private const PATTERN_NAMED = '(:\w+)';
+	/** @var string question mark parameters */
+	private const PATTERN_QUESTION_MARK = '(?:(?:\?\?)?\s*(\?{1}))';
+	/** @var string numbered parameters */
+	private const PATTERN_NUMBERED = '(\$[1-9]{1}(?:[0-9]{1,})?)';
+	// below here are full regex that will be used
+	/** @var string replace regex for named (:...) entries */
+	public const REGEX_REPLACE_NAMED = '/'
+		. '(' . self::PATTERN_ELEMENT . ')'
+		. '('
+		. self::PATTERN_IGNORE
+		. self::PATTERN_NAMED
+		. ')'
+		. '/s';
+	/** @var string replace regex for question mark (?) entries */
+	public const REGEX_REPLACE_QUESTION_MARK = '/'
+		. '(' . self::PATTERN_ELEMENT . ')'
+		. '('
+		. self::PATTERN_IGNORE
+		. self::PATTERN_QUESTION_MARK
+		. ')'
+		. '/s';
+	/** @var string replace regex for numbered ($n) entries */
+	public const REGEX_REPLACE_NUMBERED = '/'
+		. '(' . self::PATTERN_ELEMENT . ')'
+		. '('
+		. self::PATTERN_IGNORE
+		. self::PATTERN_NUMBERED
+		. ')'
+		. '/s';
+	/** @var string the main lookup query for all placeholders */
+	public const REGEX_LOOKUP_PLACEHOLDERS = '/'
+		// prefix string part, must match towards
+		// seperator for ( = , ? - [and json/jsonb in pg doc section 9.15]
+		. self::PATTERN_ELEMENT
+		// match for replace part
+		. '(?:'
+		// ignore parts
+		. self::PATTERN_IGNORE
+		// :name named part (PDO) [1]
+		. self::PATTERN_NAMED . '|'
+		// ? question mark part (PDO) [2]
+		. self::PATTERN_QUESTION_MARK . '|'
+		// $n numbered part (\PG php) [3]
+		. self::PATTERN_NUMBERED
+		// end match
+		. ')'
+		// single line -> add line break to matches in "."
+		. '/s';
+
 	/**
 	 * Convert PDO type query with placeholders to \PG style and vica versa
 	 * For PDO to: ? and :named
@@ -27,44 +88,24 @@ class ConvertPlaceholder
 	 * found has -1 if an error occoured in the preg_match_all call
 	 *
 	 * @param  string       $query      Query with placeholders to convert
-	 * @param  array<mixed> $params     The parameters that are used for the query, and will be updated
+	 * @param  ?array<mixed> $params     The parameters that are used for the query, and will be updated
 	 * @param  string       $convert_to Either pdo or pg, will be converted to lower case for check
-	 * @return array{original:array{query:string,params:array<mixed>},type:''|'named'|'numbered'|'question_mark',found:int,matches:array<string>,params_lookup:array<mixed>,query:string,params:array<mixed>}
-	 * @throws \OutOfRangeException 200
+	 * @return array{original:array{query:string,params:array<mixed>,empty_params:bool},type:''|'named'|'numbered'|'question_mark',found:int,matches:array<string>,params_lookup:array<mixed>,query:string,params:array<mixed>}
+	 * @throws \OutOfRangeException 200 If mixed placeholder types
+	 * @throws \InvalidArgumentException 300 or 301 if wrong convert to with found placeholders
 	 */
 	public static function convertPlaceholderInQuery(
 		string $query,
-		array $params,
+		?array $params,
 		string $convert_to = 'pg'
 	): array {
 		$convert_to = strtolower($convert_to);
 		$matches = [];
-		$query_split = '[(=,?-]|->|->>|#>|#>>|@>|<@|\?\|\?\&|\|\||#-';
-		$pattern = '/'
-			// prefix string part, must match towards
-			// seperator for ( = , ? - [and json/jsonb in pg doc section 9.15]
-			. '(?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*'
-			// match for replace part
-			. '(?:'
-			// digit -> ignore
-			. '\d+|'
-			// other string -> ignore
-			. '(?:\'.*?\')|'
-			// :name named part (PDO)
-			. '(:\w+)|'
-			// ? question mark part (PDO)
-			. '(?:(?:\?\?)?\s*(\?{1}))|'
-			// $n numbered part (\PG php)
-			. '(\$[1-9]{1}(?:[0-9]{1,})?)'
-			// end match
-			. ')'
-			// single line -> add line break to matches in "."
-			. '/s';
 		// matches:
 		// 1: :named
 		// 2: ? question mark
 		// 3: $n numbered
-		$found = preg_match_all($pattern, $query, $matches, PREG_UNMATCHED_AS_NULL);
+		$found = preg_match_all(self::REGEX_LOOKUP_PLACEHOLDERS, $query, $matches, PREG_UNMATCHED_AS_NULL);
 		// if false or null set to -1
 		//  || $found === null
 		if ($found === false) {
@@ -77,10 +118,10 @@ class ConvertPlaceholder
 		/** @var array<string> 3: $n matches */
 		$numbered_matches = array_filter($matches[3]);
 		// count matches
-		$count_named = count($named_matches);
+		$count_named = count(array_unique($named_matches));
 		$count_qmark = count($qmark_matches);
-		$count_numbered = count($numbered_matches);
-		// throw if mixed
+		$count_numbered = count(array_unique($numbered_matches));
+		// throw exception if mixed found
 		if (
 			($count_named && $count_qmark) ||
 			($count_named && $count_numbered) ||
@@ -88,140 +129,195 @@ class ConvertPlaceholder
 		) {
 			throw new \OutOfRangeException('Cannot have named, question mark and numbered in the same query', 200);
 		}
-		// rebuild
-		$matches_return = [];
-		$type = '';
+		// // throw if invalid conversion
+		// if (($count_named || $count_qmark) && $convert_to != 'pg') {
+		// 	throw new \InvalidArgumentException('Cannot convert from named or question mark placeholders to PDO', 300);
+		// }
+		// if ($count_numbered && $convert_to != 'pdo') {
+		// 	throw new \InvalidArgumentException('Cannot convert from numbered placeholders to Pg', 301);
+		// }
+		// return array
+		$return_placeholders = [
+			// original
+			'original' => [
+					'query' => $query,
+					'params' => $params ?? [],
+					'empty_params' => $params === null ? true : false,
+				],
+				// type found, empty if nothing was done
+				'type' => '',
+				// int: found, not found; -1: problem (set from false)
+				'found' => (int)$found,
+				'matches' => [],
+				// old to new lookup check
+				'params_lookup' => [],
+				// this must match the count in params in new
+				'needed' => 0,
+				// new
+				'query' => '',
+				'params' => [],
+		];
+		// replace basic regex and name settings
+		if ($count_named) {
+			$return_placeholders['type'] = 'named';
+			$return_placeholders['matches'] = $named_matches;
+			$return_placeholders['needed'] = $count_named;
+		} elseif ($count_qmark) {
+			$return_placeholders['type'] = 'question_mark';
+			$return_placeholders['matches'] = $qmark_matches;
+			$return_placeholders['needed'] = $count_qmark;
+			// for each ?:DTN: -> replace with $1 ... $n, any remaining :DTN: remove
+		} elseif ($count_numbered) {
+			$return_placeholders['type'] = 'numbered';
+			$return_placeholders['matches'] = $numbered_matches;
+			$return_placeholders['needed'] = $count_numbered;
+		}
+		// run convert only if matching type and direction
+		if (
+			(($count_named || $count_qmark) && $convert_to == 'pg') ||
+			($count_numbered && $convert_to == 'pdo')
+		) {
+			$param_list = self::updateParamList($return_placeholders);
+			$return_placeholders['params_lookup'] = $param_list['params_lookup'];
+			$return_placeholders['query'] = $param_list['query'];
+			$return_placeholders['params'] = $param_list['params'];
+		}
+		// return data
+		return $return_placeholders;
+	}
+
+	/**
+	 * Updates the params list from one style to the other to match the query output
+	 * if original.empty_params is set to true, no params replacement is done
+	 * if param replacement has been done in a dbPrepare then this has to be run
+	 * with the return palceholders array with params in original filled and empty_params turned off
+	 *
+	 * phpcs:disable Generic.Files.LineLength
+	 * @param array{original:array{query:string,params:array<mixed>,empty_params:bool},type:''|'named'|'numbered'|'question_mark',found:int,matches?:array<string>,params_lookup?:array<mixed>,query?:string,params?:array<mixed>} $converted_placeholders
+	 * phpcs:enable Generic.Files.LineLength
+	 * @return array{params_lookup:array<mixed>,query:string,params:array<mixed>}
+	 */
+	public static function updateParamList(array $converted_placeholders): array
+	{
+		// skip if nothing set
+		if (!$converted_placeholders['found']) {
+			return [
+				'params_lookup' => [],
+				'query' => '',
+				'params' => []
+			];
+		}
 		$query_new = '';
 		$params_new = [];
 		$params_lookup = [];
-		if ($count_named && $convert_to == 'pg') {
-			$type = 'named';
-			$matches_return = $named_matches;
-			// only check for :named
-			$pattern_replace = '/'
-				. '((?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*)'
-				. '(\d+|(?:\'.*?\')|(:\w+))'
-				. '/s';
-			// 0: full
-			// 1: pre part
-			// 2: keep part UNLESS '3' is set
-			// 3: replace part :named
-			$pos = 0;
-			$query_new = preg_replace_callback(
-				$pattern_replace,
-				function ($matches) use (&$pos, &$params_new, &$params_lookup, $params) {
-					// only count up if $match[3] is not yet in lookup table
-					if (!empty($matches[3]) && empty($params_lookup[$matches[3]])) {
-						$pos++;
-						$params_lookup[$matches[3]] = '$' . $pos;
-						$params_new[] = $params[$matches[3]] ??
-							throw new \RuntimeException(
-								'Cannot lookup ' . $matches[3] . ' in params list',
-								210
-							);
-					}
-					// add the connectors back (1), and the data sets only if no replacement will be done
-					return $matches[1] . (
-						empty($matches[3]) ?
-							$matches[2] :
-							$params_lookup[$matches[3]] ??
+		// set to null if params is empty
+		$params = $converted_placeholders['original']['params'];
+		$empty_params = $converted_placeholders['original']['empty_params'];
+		switch ($converted_placeholders['type']) {
+			case 'named':
+				// 0: full
+				// 0: full
+				// 1: pre part
+				// 2: keep part UNLESS '3' is set
+				// 3: replace part :named
+				$pos = 0;
+				$query_new = preg_replace_callback(
+					self::REGEX_REPLACE_NAMED,
+					function ($matches) use (&$pos, &$params_new, &$params_lookup, $params, $empty_params) {
+						// only count up if $match[3] is not yet in lookup table
+						if (!empty($matches[3]) && empty($params_lookup[$matches[3]])) {
+							$pos++;
+							$params_lookup[$matches[3]] = '$' . $pos;
+							// skip params setup if param list is empty
+							if (!$empty_params) {
+								$params_new[] = $params[$matches[3]] ??
+									throw new \RuntimeException(
+										'Cannot lookup ' . $matches[3] . ' in params list',
+										210
+									);
+							}
+						}
+						// add the connectors back (1), and the data sets only if no replacement will be done
+						return $matches[1] . (
+							empty($matches[3]) ?
+								$matches[2] :
+								$params_lookup[$matches[3]] ??
+									throw new \RuntimeException(
+										'Cannot lookup ' . $matches[3] . ' in params lookup list',
+										211
+									)
+						);
+					},
+					$converted_placeholders['original']['query']
+				);
+				break;
+			case 'question_mark':
+				if (!$empty_params) {
+					// order and data stays the same
+					$params_new = $params ?? [];
+				}
+				// 0: full
+				// 1: pre part
+				// 2: keep part UNLESS '3' is set
+				// 3: replace part ?
+				$pos = 0;
+				$query_new = preg_replace_callback(
+					self::REGEX_REPLACE_QUESTION_MARK,
+					function ($matches) use (&$pos, &$params_lookup) {
+						// only count pos up for actual replacements we will do
+						if (!empty($matches[3])) {
+							$pos++;
+							$params_lookup[] = '$' . $pos;
+						}
+						// add the connectors back (1), and the data sets only if no replacement will be done
+						return $matches[1] . (
+							empty($matches[3]) ?
+								$matches[2] :
+								'$' . $pos
+						);
+					},
+					$converted_placeholders['original']['query']
+				);
+				break;
+			case 'numbered':
+				// 0: full
+				// 1: pre part
+				// 2: keep part UNLESS '3' is set
+				// 3: replace part $numbered
+				$pos = 0;
+				$query_new = preg_replace_callback(
+					self::REGEX_REPLACE_NUMBERED,
+					function ($matches) use (&$pos, &$params_new, &$params_lookup, $params, $empty_params) {
+						// only count up if $match[3] is not yet in lookup table
+						if (!empty($matches[3]) && empty($params_lookup[$matches[3]])) {
+							$pos++;
+							$params_lookup[$matches[3]] = ':' . $pos . '_named';
+							// skip params setup if param list is empty
+							if (!$empty_params) {
+								$params_new[] = $params[($pos - 1)] ??
+									throw new \RuntimeException(
+										'Cannot lookup ' . ($pos - 1) . ' in params list',
+										220
+									);
+							}
+						}
+						// add the connectors back (1), and the data sets only if no replacement will be done
+						return $matches[1] . (
+							empty($matches[3]) ?
+								$matches[2] :
+								$params_lookup[$matches[3]] ??
 								throw new \RuntimeException(
 									'Cannot lookup ' . $matches[3] . ' in params lookup list',
-									211
+									221
 								)
-					);
-				},
-				$query
-			);
-		} elseif ($count_qmark && $convert_to == 'pg') {
-			$type = 'question_mark';
-			$matches_return = $qmark_matches;
-			// order and data stays the same
-			$params_new = $params;
-			// only check for ?
-			$pattern_replace = '/'
-				. '((?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*)'
-				. '(\d+|(?:\'.*?\')|(?:(?:\?\?)?\s*(\?{1})))'
-				. '/s';
-			// 0: full
-			// 1: pre part
-			// 2: keep part UNLESS '3' is set
-			// 3: replace part ?
-			$pos = 0;
-			$query_new = preg_replace_callback(
-				$pattern_replace,
-				function ($matches) use (&$pos, &$params_lookup) {
-					// only count pos up for actual replacements we will do
-					if (!empty($matches[3])) {
-						$pos++;
-						$params_lookup[] = '$' . $pos;
-					}
-					// add the connectors back (1), and the data sets only if no replacement will be done
-					return $matches[1] . (
-						empty($matches[3]) ?
-							$matches[2] :
-							'$' . $pos
-					);
-				},
-				$query
-			);
-			// for each ?:DTN: -> replace with $1 ... $n, any remaining :DTN: remove
-		} elseif ($count_numbered && $convert_to == 'pdo') {
-			// convert numbered to named
-			$type = 'numbered';
-			$matches_return = $numbered_matches;
-			// only check for $n
-			$pattern_replace = '/'
-				. '((?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*)'
-				. '(\d+|(?:\'.*?\')|(\$[1-9]{1}(?:[0-9]{1,})?))'
-				. '/s';
-			// 0: full
-			// 1: pre part
-			// 2: keep part UNLESS '3' is set
-			// 3: replace part $numbered
-			$pos = 0;
-			$query_new = preg_replace_callback(
-				$pattern_replace,
-				function ($matches) use (&$pos, &$params_new, &$params_lookup, $params) {
-					// only count up if $match[3] is not yet in lookup table
-					if (!empty($matches[3]) && empty($params_lookup[$matches[3]])) {
-						$pos++;
-						$params_lookup[$matches[3]] = ':' . $pos . '_named';
-						$params_new[] = $params[($pos - 1)] ??
-							throw new \RuntimeException(
-								'Cannot lookup ' . ($pos - 1) . ' in params list',
-								220
-							);
-					}
-					// add the connectors back (1), and the data sets only if no replacement will be done
-					return $matches[1] . (
-						empty($matches[3]) ?
-							$matches[2] :
-							$params_lookup[$matches[3]] ??
-							throw new \RuntimeException(
-								'Cannot lookup ' . $matches[3] . ' in params lookup list',
-								221
-							)
-					);
-				},
-				$query
-			);
+						);
+					},
+					$converted_placeholders['original']['query']
+				);
+				break;
 		}
-		// return, old query is always set
 		return [
-			// original
-			'original' => [
-				'query' => $query,
-				'params' => $params,
-			],
-			// type found, empty if nothing was done
-			'type' => $type,
-			// int: found, not found; -1: problem (set from false)
-			'found' => (int)$found,
-			'matches' => $matches_return,
-			// old to new lookup check
 			'params_lookup' => $params_lookup,
-			// new
 			'query' => $query_new ?? '',
 			'params' => $params_new,
 		];
--- a/test/phpunit/ACL/CoreLibsACLLoginTest.php
+++ b/test/phpunit/ACL/CoreLibsACLLoginTest.php
@@ -243,6 +243,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[],
 				[
 					'EUID' => 1,
+					'ECUID' => 'abc',
 				],
 				2,
 				[],
@@ -260,6 +261,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[],
 				[
 					'EUID' => 1,
+					'ECUID' => 'abc',
 					'USER_NAME' => '',
 					'GROUP_NAME' => '',
 					'ADMIN' => 1,
--- a/test/phpunit/Create/CoreLibsCreateUidsTest.php
+++ b/test/phpunit/Create/CoreLibsCreateUidsTest.php
@@ -121,6 +121,7 @@ final class CoreLibsCreateUidsTest extends TestCase
 	 * must match 7e78fe0d-59b8-4637-af7f-e88d221a7d1e
 	 *
 	 * @covers ::uuidv4
+	 * @covers ::validateUuidv4
 	 * @testdox uuidv4 check that return is matching regex [$_dataName]
 	 *
 	 * @return void
@@ -129,13 +130,18 @@ final class CoreLibsCreateUidsTest extends TestCase
 	{
 		$uuid = \CoreLibs\Create\Uids::uuidv4();
 		$this->assertMatchesRegularExpression(
-			'/^[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}$/',
-			$uuid
+			'/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/',
+			$uuid,
+			'Failed regex check'
+		);
+		$this->assertTrue(
+			\CoreLibs\Create\Uids::validateUuuidv4($uuid),
+			'Failed validate regex method'
+		);
+		$this->assertFalse(
+			\CoreLibs\Create\Uids::validateUuuidv4('not-a-uuidv4'),
+			'Failed wrong uuid validated as true'
 		);
-		// $this->assertStringMatchesFormat(
-		// 	'%4s%4s-%4s-%4s-%4s-%4s%4s%4s',
-		// 	$uuid
-		// );
 	}

 	/**
--- a/test/phpunit/DB/CoreLibsDBIOTest.php
+++ b/test/phpunit/DB/CoreLibsDBIOTest.php
@@ -37,8 +37,9 @@ namespace tests;

 use PHPUnit\Framework\TestCase;
 use PHPUnit\Framework\MockObject\MockObject;
-use CoreLibs\Logging\Logger\Level;
+use CoreLibs\Logging;
 use CoreLibs\DB\Options\Convert;
+use CoreLibs\DB\Support\ConvertPlaceholder;

 /**
 * Test class for DB\IO + DB\SQL\PgSQL
@@ -117,7 +118,7 @@ final class CoreLibsDBIOTest extends TestCase
 			);
 		}
 		// define basic connection set valid and one invalid
-		self::$log = new \CoreLibs\Logging\Logging([
+		self::$log = new Logging\Logging([
 			// 'log_folder' => __DIR__ . DIRECTORY_SEPARATOR . 'log',
 			'log_folder' => DIRECTORY_SEPARATOR . 'tmp',
 			'log_file_id' => 'CoreLibs-DB-IO-Test',
@@ -159,15 +160,12 @@ final class CoreLibsDBIOTest extends TestCase
 		// create the tables
 		$db->dbExec(
 			// primary key name is table + '_id'
+				// table_with_primary_key_id SERIAL PRIMARY KEY,
 			<<<SQL
 			CREATE TABLE table_with_primary_key (
-				table_with_primary_key_id SERIAL PRIMARY KEY,
+				table_with_primary_key_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
 				$base_table
 			SQL
-			/* "CREATE TABLE table_with_primary_key ("
-			// primary key name is table + '_id'
-			. "table_with_primary_key_id SERIAL PRIMARY KEY, "
-			. $base_table */
 		);
 		$db->dbExec(
 			<<<SQL
@@ -570,11 +568,11 @@ final class CoreLibsDBIOTest extends TestCase
 		);
 		$db->dbClose();
 		// second conenction with log set NOT debug
-		$log = new \CoreLibs\Logging\Logging([
+		$log = new Logging\Logging([
 			// 'log_folder' => __DIR__ . DIRECTORY_SEPARATOR . 'log',
 			'log_folder' => DIRECTORY_SEPARATOR . 'tmp',
 			'log_file_id' => 'CoreLibs-DB-IO-Test',
-			'log_level' => \CoreLibs\Logging\Logger\Level::Notice,
+			'log_level' => Logging\Logger\Level::Notice,
 		]);
 		$db = new \CoreLibs\DB\IO(
 			self::$db_config[$connection],
@@ -3293,6 +3291,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'query' =>  'INSERT INTO table_with_primary_key (row_int, uid) '
 						. 'VALUES ($1, $2) RETURNING table_with_primary_key_id',
 					'returning_id' => true,
+					'placeholder_converted' => [],
 				],
 			],
 			// update
@@ -3327,6 +3326,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'query' => 'UPDATE table_with_primary_key SET row_int = $1, '
 						. 'row_varchar = $2 WHERE uid = $3',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// select
@@ -3356,6 +3356,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'count' => 1,
 					'query' => 'SELECT row_int, uid FROM table_with_primary_key WHERE uid = $1',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// any query but with no parameters
@@ -3388,6 +3389,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'count' => 0,
 					'query' => 'SELECT row_int, uid FROM table_with_primary_key',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// no statement name (25)
@@ -3411,6 +3413,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'count' => 0,
 					'query' => '',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// no query (prepare 11)
@@ -3435,6 +3438,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'count' => 0,
 					'query' => '',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// no db connection (prepare/execute 16)
@@ -3464,6 +3468,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'count' => 0,
 					'query' => 'SELECT row_int, uid FROM table_with_primary_key',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// prepare with different statement name
@@ -3489,6 +3494,7 @@ final class CoreLibsDBIOTest extends TestCase
 					'count' => 0,
 					'query' => 'SELECT row_int, uid FROM table_with_primary_key',
 					'returning_id' => false,
+					'placeholder_converted' => [],
 				],
 			],
 			// insert wrong data count compared to needed (execute 23)
@@ -3514,10 +3520,12 @@ final class CoreLibsDBIOTest extends TestCase
 					'query' => 'INSERT INTO table_with_primary_key (row_int, uid) VALUES '
 						. '($1, $2) RETURNING table_with_primary_key_id',
 					'returning_id' => true,
+					'placeholder_converted' => [],
 				],
 			],
 			// execute does not return a result (22)
 			// TODO execute does not return a result
+			// TODO prepared statement with placeholder params auto convert
 		];
 	}

@@ -3662,7 +3670,7 @@ final class CoreLibsDBIOTest extends TestCase
 			}

 			// check dbGetPrepareCursorValue
-			foreach (['pk_name', 'count', 'query', 'returning_id'] as $key) {
+			foreach (['pk_name', 'count', 'query', 'returning_id', 'placeholder_converted'] as $key) {
 				$this->assertEquals(
 					$prepare_cursor[$key],
 					$db->dbGetPrepareCursorValue($stm_name, $key),
@@ -5031,8 +5039,151 @@ final class CoreLibsDBIOTest extends TestCase
 		$db->dbClose();
 	}

-	// query placeholder convert
+	// MARK: QUERY PLACEHOLDERS

+	// test query placeholder detection for all possible sets
+	// ::dbPrepare
+
+	/**
+	 * placeholder sql
+	 *
+	 * @return array
+	 */
+	public function providerDbCountQueryParams(): array
+	{
+		return [
+			'one place holder' => [
+				'query' => 'SELECT row_varchar FROM table_with_primary_key WHERE row_varchar = $1',
+				'count' => 1,
+				'convert' => false,
+			],
+			'one place holder, json call' => [
+				'query' => "SELECT row_varchar FROM table_with_primary_key WHERE row_jsonb->>'data' = $1",
+				'count' => 1,
+				'convert' => false,
+			],
+			'one place holder, <> compare' => [
+				'query' => "SELECT row_varchar FROM table_with_primary_key WHERE row_varchar <> $1",
+				'count' => 1,
+				'convert' => false,
+			],
+			'one place holder, named' => [
+				'query' => "SELECT row_varchar FROM table_with_primary_key WHERE row_varchar <> :row_varchar",
+				'count' => 1,
+				'convert' => true,
+			],
+			'no replacement' => [
+				'query' => "SELECT row_varchar FROM table_with_primary_key WHERE row_varchar = '$1'",
+				'count' => 0,
+				'convert' => false,
+			],
+			'insert' => [
+				'query' => "INSERT INTO table_with_primary_key (row_varchar, row_jsonb, row_int) VALUES ($1, $2, $3)",
+				'count' => 3,
+				'convert' => false,
+			],
+			'update' => [
+				'query' => "UPDATE table_with_primary_key SET row_varchar = $1, row_jsonb = $2, row_int = $3 WHERE row_numeric = $4",
+				'count' => 4,
+				'convert' => false,
+			],
+			'multiple, multline' => [
+				'query' => <<<SQL
+				SELECT
+					row_varchar
+				FROM
+					table_with_primary_key
+				WHERE
+					row_varchar = $1 AND row_int = $2
+					AND row_numeric = ANY($3)
+				SQL,
+				'count' => 3,
+				'convert' => false,
+			],
+			'two digit numbers' => [
+				'query' => <<<SQL
+				INSERT INTO table_with_primary_key (
+					row_int, row_numeric, row_varchar, row_varchar_literal, row_json,
+					row_jsonb, row_bytea, row_timestamp, row_date, row_interval
+				) VALUES (
+					$1, $2, $3, $4, $5,
+					$6, $7, $8, $9, $10
+				)
+				SQL,
+				'count' => 10,
+				'convert' => false,
+			],
+			'things in brackets' => [
+				'query' => <<<SQL
+				SELECT row_varchar
+				FROM table_with_primary_key
+				WHERE
+					row_varchar = $1 AND
+					(row_int = ANY($2) OR row_int = $3)
+					AND row_varchar_literal = $4
+				SQL,
+				'count' => 4,
+				'convert' => false,
+			],
+			'number compare' => [
+				'query' => <<<SQL
+				SELECT row_varchar
+				FROM table_with_primary_key
+				WHERE
+					row_int >= $1 OR row_int <= $2 OR
+					row_int > $3 OR row_int < $4
+					OR row_int = $5 OR row_int <> $6
+				SQL,
+				'count' => 6,
+				'convert' => false,
+			]
+		];
+	}
+
+	/**
+	 * Placeholder check and convert tests
+	 *
+	 * @covers ::dbPrepare
+	 * @covers ::__dbCountQueryParams
+	 * @onvers ::convertPlaceholderInQuery
+	 * @dataProvider providerDbCountQueryParams
+	 * @testdox Query replacement count test [$_dataName]
+	 *
+	 * @param  string $query
+	 * @param  int    $count
+	 * @return void
+	 */
+	public function testDbCountQueryParams(string $query, int $count, bool $convert): void
+	{
+		$db = new \CoreLibs\DB\IO(
+			self::$db_config['valid'],
+			self::$log
+		);
+		$id = sha1($query);
+		$db->dbSetConvertPlaceholder($convert);
+		$db->dbPrepare($id, $query);
+		// print "\n**\n";
+		// print "PCount: " . $db->dbGetPrepareCursorValue($id, 'count') . "\n";
+		// print "\n**\n";
+		$this->assertEquals(
+			$count,
+			$db->dbGetPrepareCursorValue($id, 'count'),
+			'DB count params'
+		);
+		$placeholder = ConvertPlaceholder::convertPlaceholderInQuery($query, null, 'pg');
+		// print "RES: " . print_r($placeholder, true) . "\n";
+		$this->assertEquals(
+			$count,
+			$placeholder['needed'],
+			'convert params'
+		);
+	}
+
+	/**
+	 * query placeholder convert
+	 *
+	 * @return array
+	 */
 	public function queryPlaceholderReplaceProvider(): array
 	{
 		// 				WHERE row_varchar = $1
@@ -5076,7 +5227,9 @@ final class CoreLibsDBIOTest extends TestCase
 				WHERE row_varchar = $1
 				SQL,
 				'expected_params' => ['string a'],
-			]
+			],
+			// TODO: test with multiple entries
+			// TODO: test with same entry ($1, $1, :var, :var)
 		];
 	}

@@ -5178,6 +5331,8 @@ final class CoreLibsDBIOTest extends TestCase
 	// - data debug
 	//   dbDumpData

+	// MARK: ASYNC
+
 	// ASYNC at the end because it has 1s timeout
 	// - asynchronous executions
 	//   dbExecAsync, dbCheckAsync
Author	SHA1	Message	Date
Clemens Schwaighofer	e580e5430c	Add ECUID (edit user cuid) to session and return in acl array	2024-12-02 17:18:34 +09:00
Clemens Schwaighofer	da9717265c	Release: v9.21.0	2024-12-02 15:55:33 +09:00
Clemens Schwaighofer	6c6b33cacc	add uuidv4 verify method	2024-12-02 15:54:35 +09:00
Clemens Schwaighofer	5509d1c92e	Release: v9.20.1	2024-11-27 14:43:58 +09:00
Clemens Schwaighofer	16d789f061	Merge branch 'development'	2024-11-27 14:42:18 +09:00
Clemens Schwaighofer	3450b6263b	Fixes in SQL PgSQL for identity column	2024-11-27 14:42:04 +09:00
Clemens Schwaighofer	bcc1e833c1	Release: v9.20.0	2024-11-20 22:54:37 +09:00
Clemens Schwaighofer	fea4c315f3	Merge branch 'development'	2024-11-20 22:52:27 +09:00
Clemens Schwaighofer	3ac57e05b0	DB SQL placeholder code updated	2024-11-20 22:52:15 +09:00
Clemens Schwaighofer	b0230e7050	Release: v9.19.1	2024-11-19 12:04:32 +09:00
@@ -1 +1 @@
 .19.0
 .21.0