php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #53960 "Invalid parameter number" for multiple params equals in query
Submitted: 2011-02-08 17:27 UTC Modified: 2011-05-11 13:22 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:2 (100.0%)
From: contato at andersonfraga dot net Assigned:
Status: Not a bug Package: PDO related
PHP Version: 5.3.5 OS: Windows
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: contato at andersonfraga dot net
New email:
PHP Version: OS:

 

 [2011-02-08 17:27 UTC] contato at andersonfraga dot net
Description:
------------
This error is occurring when I use the same parameter several times in the query.
In PHP 5.2.14, using Gentoo, it works perfectly. Already in versions 5.3.0 and 5.3.3 (using Windows on both), returns an exception.

Bug or 'feature'?

Test script:
---------------
<?php

try {
	$dbh = new PDO('mysql:/*irrelevant*/', Array(
        PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
        PDO::ATTR_EMULATE_PREPARES => false,
    ));

	$select = "SELECT * FROM PR_CLIENTE
	   WHERE DELETADO = 'N'
	     AND (NOME_CLIENTE LIKE :hash_1
	        OR ENDERECO_CLIENTE LIKE :hash_1)
	       ORDER BY ID_CLIENTE DESC
	   LIMIT :hash_2;";

	$statement = $dbh->prepare($select);
	$statement->execute(Array(
		':hash_1' => '%Anderson%',
		':hash_2' => 0,
	));

	$fetch = $statement->fetchAll(PDO::FETCH_ASSOC);
	print_r($fetch);
}
catch(PDOException $e) {
	print_r($e->getMessage());
}
?>

Expected result:
----------------
Array
(
    [0] => Array
        (
            [ID_CLIENTE] => 29
            (...)
        )

)


Actual result:
--------------
SQLSTATE[HY093]: Invalid parameter number

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-05-10 10:03 UTC] uw@php.net
-Status: Open +Status: Bogus
 [2011-05-10 10:03 UTC] uw@php.net
SQL - 2x hash_1:

	     AND (NOME_CLIENTE LIKE :hash_1
	        OR ENDERECO_CLIENTE LIKE :hash_1)


PHP bind - 1x hash_1, 1x hash_2:

	$statement->execute(Array(
		':hash_1' => '%Anderson%',
		':hash_2' => 0,
 [2011-05-10 17:58 UTC] contato at andersonfraga dot net
Anyway... 
I think it should work, right?
'Even more because' it works in 5.2.14..
 [2011-05-11 11:05 UTC] johannes@php.net
The old behavior is clearly wrong. You have explicit names and they are ignored....
 [2011-05-11 13:22 UTC] contato at andersonfraga dot net
Okay then...
Could put some 'warning' in the doc? Please ... ;)
 [2012-06-26 11:56 UTC] baptx dot is at gmail dot com
I've got this problem too, it's because of the PDO::ATTR_EMULATE_PREPARES => false parameter! It seems native prepared statements don't allow the same names in one SQL query...
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 23:01:28 2024 UTC