@@ -1243,7 +1243,7 @@ static void _php_pgsql_free_params(char **params, uint32_t num_params)
12431243 efree (params );
12441244}
12451245
1246- static char * * php_pgsql_make_arguments (const HashTable * param_arr , int * num_params )
1246+ static char * * php_pgsql_make_arguments (const HashTable * param_arr , int * num_params , uint32_t arg_num )
12471247{
12481248 /* This conversion is safe because of the limit of number of elements in a table. */
12491249 * num_params = (int ) zend_hash_num_elements (param_arr );
@@ -1254,6 +1254,10 @@ static char **php_pgsql_make_arguments(const HashTable *param_arr, int *num_para
12541254 ZVAL_DEREF (tmp );
12551255 if (Z_TYPE_P (tmp ) == IS_NULL ) {
12561256 params [i ] = NULL ;
1257+ } else if (Z_TYPE_P (tmp ) == IS_TRUE || Z_TYPE_P (tmp ) == IS_FALSE ) {
1258+ zend_argument_value_error (arg_num , "must not contain boolean values, use a string representation instead" );
1259+ _php_pgsql_free_params (params , i );
1260+ return NULL ;
12571261 } else {
12581262 zend_string * param_str = zval_try_get_string (tmp );
12591263 if (!param_str ) {
@@ -1320,7 +1324,7 @@ PHP_FUNCTION(pg_query_params)
13201324 php_error_docref (NULL , E_NOTICE , "Found results on this connection. Use pg_get_result() to get these results first" );
13211325 }
13221326
1323- params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params );
1327+ params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params , ZEND_NUM_ARGS () );
13241328 if (UNEXPECTED (!params )) {
13251329 RETURN_THROWS ();
13261330 }
@@ -1503,7 +1507,7 @@ PHP_FUNCTION(pg_execute)
15031507 php_error_docref (NULL , E_NOTICE , "Found results on this connection. Use pg_get_result() to get these results first" );
15041508 }
15051509
1506- params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params );
1510+ params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params , ZEND_NUM_ARGS () );
15071511 if (UNEXPECTED (!params )) {
15081512 RETURN_THROWS ();
15091513 }
@@ -4060,7 +4064,7 @@ PHP_FUNCTION(pg_send_query_params)
40604064 "There are results on this connection. Call pg_get_result() until it returns FALSE" );
40614065 }
40624066
4063- params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params );
4067+ params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params , 3 );
40644068 if (UNEXPECTED (!params )) {
40654069 RETURN_THROWS ();
40664070 }
@@ -4215,7 +4219,7 @@ PHP_FUNCTION(pg_send_execute)
42154219 "There are results on this connection. Call pg_get_result() until it returns FALSE" );
42164220 }
42174221
4218- params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params );
4222+ params = php_pgsql_make_arguments (Z_ARRVAL_P (pv_param_arr ), & num_params , 3 );
42194223 if (UNEXPECTED (!params )) {
42204224 RETURN_THROWS ();
42214225 }
0 commit comments