|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2013-03-14 14:12 UTC] pingvein at gmail dot com
[2013-03-14 14:12 UTC] pingvein at gmail dot com
-Package: PECL
+Package: PDO related
[2013-03-14 15:10 UTC] johannes@php.net
[2013-03-14 15:10 UTC] johannes@php.net
-Status: Open
+Status: Not a bug
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Oct 25 08:00:01 2025 UTC |
Description: ------------ question sign in sql comment perceived as a parameter. Test script: --------------- <?php $dbhost ='localhost'; // username and password to log onto db server $dbuser ='root'; $dbpass ='test'; // name of database $dbname='test'; //Charset $sqlchar='utf8'; $db = new PDO ( 'mysql:host=' . $dbhost . ';dbname=' . $dbname, $dbuser, $dbpass); $sth = $db->prepare("SELECT * from users where id = :user /* find user by id script ?\ */"); $sth->execute(array(':user' => 1)); $sth->fetch(); Expected result: ---------------- Exception not thrown Actual result: -------------- Exception is thrown