Added invisible for products.

2026-01-03 19:22:40 +03:00
parent 4a8d4f8c3f
commit 8682d4ade1
5 changed files with 44 additions and 6 deletions
--- a/app/Core/Database.php
+++ b/app/Core/Database.php
@@ -38,22 +38,41 @@ class Database
    public function query(string $sql, array $params = []): array
    {
        $stmt = $this->connection->prepare($sql);
-        $stmt->execute($params);
+        $this->bindParams($stmt, $params);
+        $stmt->execute();
        return $stmt->fetchAll();
    }

    public function queryOne(string $sql, array $params = []): ?array
    {
        $stmt = $this->connection->prepare($sql);
-        $stmt->execute($params);
+        $this->bindParams($stmt, $params);
+        $stmt->execute();
        $result = $stmt->fetch();
        return $result ?: null;
    }
+    
+    private function bindParams(\PDOStatement $stmt, array $params): void
+    {
+        foreach ($params as $index => $param) {
+            $paramNum = $index + 1;
+            if (is_bool($param)) {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_BOOL);
+            } elseif (is_int($param)) {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_INT);
+            } elseif (is_null($param)) {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_NULL);
+            } else {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_STR);
+            }
+        }
+    }

    public function execute(string $sql, array $params = []): bool
    {
        $stmt = $this->connection->prepare($sql);
-        return $stmt->execute($params);
+        $this->bindParams($stmt, $params);
+        return $stmt->execute();
    }

    public function lastInsertId(): string
--- a/app/Core/Model.php
+++ b/app/Core/Model.php
@@ -75,7 +75,23 @@ abstract class Model
        );
        
        $stmt = $this->db->getConnection()->prepare($sql);
-        $stmt->execute(array_values($data));
+        
+        // Правильно биндим параметры с учетом типов
+        $params = array_values($data);
+        foreach ($params as $index => $param) {
+            $paramNum = $index + 1;
+            if (is_bool($param)) {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_BOOL);
+            } elseif (is_int($param)) {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_INT);
+            } elseif (is_null($param)) {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_NULL);
+            } else {
+                $stmt->bindValue($paramNum, $param, \PDO::PARAM_STR);
+            }
+        }
+        
+        $stmt->execute();
        
        return (int) $stmt->fetchColumn();
    }