Fix #270 - Replace sscanf by equivalent native PHP functions because sscanf can be disabled for security reasons.

Fixes: #270

Author: niconoe-

src/Token.php

@@ -252,17 +252,16 @@ public function extract()
                 if ($this->flags & self::FLAG_NUMBER_HEX) {
                     if ($this->flags & self::FLAG_NUMBER_NEGATIVE) {
                         $ret = str_replace('-', '', $this->token);
-                        sscanf($ret, '%x', $ret);
-                        $ret = -$ret;
+                        $ret = -hexdec($ret);
                     } else {
-                        sscanf($ret, '%x', $ret);
+                        $ret = hexdec($ret);
                     }
                 } elseif (($this->flags & self::FLAG_NUMBER_APPROXIMATE)
                 || ($this->flags & self::FLAG_NUMBER_FLOAT)
                 ) {
-                    sscanf($ret, '%f', $ret);
-                } else {
-                    sscanf($ret, '%d', $ret);
+                    $ret = (float) $ret;
+                } elseif (! ($this->flags & self::FLAG_NUMBER_BINARY)) {
+                    $ret = (int) $ret;
                 }
 
                 return $ret;

tests/data/lexer/lexNumber.in

@@ -1,3 +1,3 @@
-SELECT 12, 34, 5.67, 0x89, -10, --11, +12, .15, 0xFFa, 0xfFA, 0XFfA, 1e-10, 1e10, .5e10, b'10';
+SELECT 12, 34, 5.67, 0x89, -10, --11, +12, .15, 0xFFa, 0xfFA, 0XFfA, -0xFFa, -0xfFA, -0XFfA, 1e-10, 1e10, .5e10, b'10';
 -- invalid number
 SELECT 12ex10, b'15';