php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #5174 OCIBindByName doesn't need quoting in strings
Submitted: 2000-06-21 18:24 UTC Modified: 2002-04-27 13:30 UTC
From: hartmut at six dot de Assigned:
Status: Closed Package: Feature/Change Request
PHP Version: 4.0.0 Release OS: *
Private report: No CVE-ID: None
View Developer Edit
 [2000-06-21 18:24 UTC] hartmut at six dot de 
when using magic_quotes and OCIBindByName
you'll end up with database entries containing
doubled quotes as OCIBindByName transparently
passes values without any parsing

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-08-07 08:01 UTC] thies@php.net 
that's a feature -not- a bug!
 [2000-08-07 08:58 UTC] hholzgra@php.net 
it is at least inconsistent when you have magic_quotes
enabled 'cause the 'magic' breaks here

i'll change this into a feature request to 'banish'
'magic' for database variable bindings
 [2002-04-27 13:30 UTC] jimw@php.net 
ocibindbyname can't know whether its parameters were magic-quoted or not.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Jun 30 23:01:35 2025 UTC