PHP :: Bug #71447 :: an query may return bad result or error "Invalid parameter number"

Bug #71447

an query may return bad result or error "Invalid parameter number"

Submitted:

2016-01-25 16:10 UTC

Modified:

2016-02-18 09:34 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	0 (0.0%)
Same OS:	1 (100.0%)

From:

skrol29forum+bugsphp at gmail dot com

Assigned:

mbeccati (profile)

Status:

Closed

Package:

PDO PgSQL

PHP Version:

5.6.17

OS:

Windows 10, Debian Cid

Private report:

CVE-ID:

None

View Developer Edit

[2016-01-25 16:10 UTC] skrol29forum+bugsphp at gmail dot com

Description:
------------
Depending to a comment in the SQL query, PDO will run it correctly or return an error, or even a wrong result.

Run the test script and an error will raise while the query contains actually no PDO parameters.
Then if you simply delete the character single-quote (replace "that's strange" with "thats strange") in the comment of the SQL query there will be no error.

--------------
More dramatic:
--------------
Replace:
   $pdo->query($sql_1, PDO::FETCH_NUM);
With:
   $pdo->query($sql_2, PDO::FETCH_NUM);
in order to run the second query.
Take car to previously create the table and the row using the small SQL script at the head of the script.
In this case, there is no error, but the query returns a wrong result (NULL instead of '8000'). If you delete the single-quote in the comment, then the result is correct.



The bug occurs with Windows 10 and Debian Cid with PHP 5.6.17 but also with versions 5.6.16 and 5.6.15. Not tested on PHP 7.
The bug does not occurs with PHP 5.4.3.

I've tested a similar query with PDO-MySQL and there is no error.

---------
PDO version with PHP 5.6.17:
PostgreSQL(libpq) Version 	9.4.1
Module version 	1.0.2
Revision 	$Id: 93432550a76a2298959ec74f40d65c7195a82ad2 $ 
---------



Test script:
---------------
/*
Database structure for query #2
CREATE SCHEMA _test;
CREATE TABLE _test.t_test (prms character varying(255));
INSERT INTO _test.t_test (prms) VALUES ('{"radius":8000}');
*/

// connection to the PostgreSQL database
$pdo = new PDO("pgsql:dbname=mydb;host=myhost", 'myusername', 'mypassword');

$sql_1 = "
SELECT -- that's strange
  SUBSTRING( '{\"radius\":8000}'::text FROM '(?:\"radius\":)([\d\.]*)') AS zzz";

$sql_2 = "
SELECT -- that's strange
  SUBSTRING( prms::text FROM '(?:\"radius\":)([\d\.]*)') AS zzz
FROM _test.t_test";

$rs = $pdo->query($sql_1, PDO::FETCH_NUM);
$rec = $rs->fetch();
var_export($rec);


Expected result:
----------------
array (
  0 => '8000',
)

Actual result:
--------------
Query #1 returns :

« PDO::query(): SQLSTATE[HY093]: Invalid parameter number: mixed named and positional parameters in ... »

Query #2 returns :

array (
  0 => NULL,
)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2016-02-18 09:34 UTC] mbeccati@php.net

-Assigned To: +Assigned To: mbeccati

[2016-04-04 22:11 UTC] mbeccati@php.net

Automatic comment on behalf of mbeccati
Revision: http://git.php.net/?p=php-src.git;a=commit;h=30925cd49826c59ea8459a24bcb24d47c2ce562d
Log: Fixed bug #71447 (Quotes inside comments not properly handled)

[2016-04-04 22:11 UTC] mbeccati@php.net

-Status: Assigned +Status: Closed

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Nov 12 22:00:01 2025 UTC