Merge pull request propelorm#1782 from mringler/reintroduce_late_sele…

…ct_for_backward_compatibility

Reintroduce late select for backward compatibility

Merge pull request propelorm#1697 from nederdirk/findOne-override-dec…

…laration-nullable

Update findOne model overrides: nullable return

Merge pull request propelorm#1643 from spryker/cs-tests-src

CS for tests

Merge pull request propelorm#1529 from DurandSacha/patch-1

alphabetical order in 'use' statements

Update README.md (propelorm#1585)

SQL injection fix: Cast limit to integer when setting via Criteria::s…

…etLimit() (propelorm#1465)

* Cast limit to integer when setting via Criteria::setLimit()

This is a followup to a fix for SQL injections with LIMIT clauses in MySQL [1]. That fix only applied to the MySQL adapter, and other existing or future adapters could still be at risk.

By coercing limit inputs to integers upon setting them, we can avoid SQL injection vulnerabilities with `limit()` across all database adapters.

The original code comments implied that integer coercion could be problematic with 32-bit integers, but unit tests in this PR prove otherwise. Even 64-bit integers seem to work fine.

[1] propelorm#1464

* Add missing tests for setOffset()

* Remove note about 32-bit truncation

Unit tests show that even 64-bit integers aren't truncated.

Fixes propelorm#1324 - fixed wrong sprintf arguments positioning in g…

…etIdentifierPhp()

Related to propelorm#1090.

Compatibility of numeric and string keys (propelorm#1279)

Compatibility of numeric and string keys

Merge pull request propelorm#923 from SCIF/external-attribute

External attribute added

Fixed typo in ConcreteInheritance behavior.