Merge pull request php-debugbar#44 from barryvdh/pdo-escaping

Check parameters for binary data

Author: maximebf

src/DebugBar/DataCollector/PDO/TracedStatement.php

@@ -51,14 +51,29 @@ public function __construct($sql, array $params = array(), $preparedId = null, $
     {
         $this->sql = $sql;
         $this->rowCount = $rowCount;
-        $this->parameters = $params;
+        $this->parameters = $this->checkParameters($params);
         $this->preparedId = $preparedId;
         $this->startTime = $startTime;
         $this->endTime = $endTime;
         $this->duration = $endTime - $startTime;
         $this->memoryUsage = $memoryUsage;
         $this->exception = $e;
     }
+	
+	/**
+     * Check parameters for illegal (non UTF-8) strings, like Binary data.
+     *
+     * @param $params
+     * @return mixed
+     */
+    public function checkParameters($params){
+        foreach($params as &$param){
+            if(!mb_check_encoding($param, 'UTF-8')){
+                $param = '[BINARY DATA]';
+            }
+        }
+        return $params;
+    }
 
     /**
      * Returns the SQL string used for the query