[Bug]: account_lockout: PDO execute([...]) sends '' for false (MySQL 1366)

[lukasdebaum]

Describe the problem

In Poweradmin with active account_lockout, booleans (successful variable) passed to PDO with execute([...]) are treated as strings. false becomes '', which MySQL (STRICT_TRANS_TABLES, default in 8.0) rejects for an integer column.

Expected: false should be stored as 0
Actual: false becomes '' (empty string)

Steps to reproduce

1. Ensure account_lockout.enable_lockout = true
2. Use MySQL 8.0 or greater (default sql_mode includes STRICT_TRANS_TABLES)
3. Trigger a failed login (so successful = false is recorded)
4. Observe: SQLSTATE[HY000]: 1366 Incorrect integer value: '' for column 'successful' in logs

Poweradmin version

4.0.1

Database

MySQL

Additional information (optional)

Error messasge:

PHP message: SQLSTATE[HY000]: General error: 1366 Incorrect integer value: '' for column 'successful' at row 1; PHP message: #0 /poweradmin/lib/Application/Service/LoginAttemptService.php(58): PDOStatement->execute()\n#1 /poweradmin/lib/Application/Service/SqlAuthenticator.php(127): Poweradmin\\Application\\Service\\LoginAttemptService->recordAttempt()\n#2 /poweradmin/lib/Infrastructure/Service/SessionAuthenticator.php(206): Poweradmin\\Application\\Service\\SqlAuthenticator->authenticate()\n#3 /poweradmin/lib/AppInitializer.php(156): Poweradmin\\Infrastructure\\Service\\SessionAuthenticator->authenticate()\n#4 /poweradmin/lib/AppInitializer.php(63): Poweradmin\\AppInitializer->authenticateUser()\n#5 /poweradmin/lib/BaseController.php(76): Poweradmin\\AppInitializer->__construct()\n#6 /poweradmin/lib/Application/Controller/IndexController.php(45): Poweradmin\\BaseController->__construct()\n#7 /data/web/dns...

Workaround:

--- a/lib/Application/Service/LoginAttemptService.php
+++ b/lib/Application/Service/LoginAttemptService.php
@@ -59,7 +59,7 @@ class LoginAttemptService
             'user_id' => $userId,
             'ip_address' => $ipAddress,
             'timestamp' => time(),
-            'successful' => $successful
+            'successful' => (int) $successful
         ]);
 
         $this->cleanupOldAttempts();

[edmondas]

@lukasdebaum Thanks for reporting this. I took a slightly different approach - replaced cast with a special function and aligned all similar code locations to use same method.