php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72124 pg_convert prefixes UUIDs with escape string constant
Submitted: 2016-04-28 18:43 UTC Modified: 2021-01-08 14:43 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: me at nonrandom dot it Assigned:
Status: Verified Package: PostgreSQL related
PHP Version: 7.4 OS: Centos 6.7
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: me at nonrandom dot it
New email:
PHP Version: OS:

 

 [2016-04-28 18:43 UTC] me at nonrandom dot it
Description:
------------
---
From manual page: http://www.php.net/function.pg-convert
---

Using pg_convert along with pg_query_params and having a value of UUID among the values being converted generates an error:

Warning:  pg_query_params(): Query failed: ERROR:  invalid input syntax for uuid: "E'7d9c76e4-0278-11e6-a626-000c2917e56a'"

It would seem that pg_convert is prefixing an escape string constant to UUIDs, and that is possibly causing the issue.

I was using pg_convert to get around boolean falses becoming empty strings, but ended up using something else when I ran across this.


Test script:
---------------
CREATE TABLE public.test_uuid(
	id uuid
);

$db = pg_connect('host=localhost port=5432 dbname=public user=postgres password=1234');

$sql = 'insert into public.test_uuid (id) values ($1)';

$values = array('id' => '7d9c76e4-0278-11e6-a626-000c2917e56a');

pg_covert($db, 'test_uuid', $values);

pg_query_params($db, $sql, $values);


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-01-08 14:43 UTC] cmb@php.net
-Status: Open +Status: Verified -PHP Version: 5.6.21RC1 +PHP Version: 7.4
 [2021-01-08 14:43 UTC] cmb@php.net
The problem is that PHP doesn't explicitly support uuid[1], and as
such treats it as PG_UNKNOWN so that it is converted to an escape
string.

[1] <https://github.com/php/php-src/blob/8b2b8563ef2e9e42e4d03752556131abd501b3ae/ext/pgsql/php_pgsql.h#L203-L247>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 23 09:01:28 2024 UTC