php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #47588 PDO_DBLIB: barfs on quoted field names
Submitted: 2009-03-06 16:13 UTC Modified: 2010-06-23 03:43 UTC
From: ssufficool at roadrunner dot com Assigned: ssufficool (profile)
Status: Closed Package: PDO related
PHP Version: 5.3-svn OS: Linux Gentoo 2.6.x
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2009-03-06 16:13 UTC] ssufficool at roadrunner dot com 
Description:
------------
When passing a query containing double quoted field names, the query fails. 

Reproduce code:
---------------
$pdo_ms = new PDO('dblib:host=db01;dbname=database',
$_SESSION['user'], $_SESSION['pass'], array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION ) );

$rs = $pdo_ms->prepare('SELECT "myView"."FieldName" from "myView" order by "Some Field"')


Expected result:
----------------
A valid handle to a stmt in $rs


Actual result:
--------------
SQLSTATE[HY000]: General error: 20018 Incorrect syntax near 'FieldName'. [20018] (severity 5) [(null)]

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-15 19:43 UTC] ssufficool at roadrunner dot com 
Solution:

tsql from freetds package set the following where PDO does not:
set quoted_identifier on
set ansi_warnings on
set ansi_padding on
set ansi_nulls on
set concat_null_yields_null on

Since this is default behavior of FreeTDS (tsql) and NT DBLIB (isql), I assume it should be for PDO dblib as well.
 [2010-03-20 00:50 UTC] ssufficool at roadrunner dot com
-PHP Version: 5.2.9 +PHP Version: 5.3-svn
 [2010-03-20 00:50 UTC] ssufficool at roadrunner dot com 
Set quoted identifiers to allow "FIELD NAME" quoting style.

Index: ext/pdo_dblib/dblib_driver.c
===================================================================
--- ext/pdo_dblib/dblib_driver.c        (revision 296453)
+++ ext/pdo_dblib/dblib_driver.c        (working copy)
@@ -236,6 +236,9 @@
        /* limit text/image from network */
        DBSETOPT(H->link, DBTEXTSIZE, "2147483647");

+       /* Allow double quoted field and table names */
+       DBSETOPT(H->link, DBQUOTEDIDENT, NULL);
+
        if (vars[3].optval && FAIL == dbuse(H->link, vars[3].optval)) {
                goto cleanup;
        }
 [2010-04-24 01:03 UTC] felipe@php.net
-Status: Open +Status: Feedback
 [2010-04-24 01:03 UTC] felipe@php.net 
But this patch has a side effect, when using for example... 'where foo = "bar"', the "bar" will be identified as an identifier, not a literal. Right?
 [2010-06-22 04:52 UTC] ssufficool@php.net
-Status: Feedback +Status: Open -Type: Bug +Type: Feature/Change Request -Assigned To: +Assigned To: ssufficool
 [2010-06-23 03:29 UTC] ssufficool@php.net 
Automatic comment from SVN on behalf of ssufficool
Revision: http://svn.php.net/viewvc/?view=revision&revision=300685
Log: Fix Bug #47588 - Allow Quoted Identifiers
 [2010-06-23 03:43 UTC] ssufficool@php.net
-Status: Assigned +Status: Closed
 [2010-06-23 03:43 UTC] ssufficool@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Fixed in trunk
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 18 17:01:28 2024 UTC