|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2021-05-21 14:15 UTC] cmb@php.net
[2021-06-04 09:15 UTC] madis at creditinfo dot ee
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Mar 31 16:01:29 2025 UTC |
Description: ------------ The PDO quote method for Informix escapes single quotes inside string with a backslash which is invalid. A single quote should be escaped with another single quote ('TEST\'N%' is incorrect and breaks the query while 'TEST''N%' works). Test script: --------------- $pdo = new PDO(); $string = "TEST'N"; $search_string = $pdo->quote($string . "%"); $sql = "SELECT * FROM companies WHERE UPPER(name) LIKE $search_string LIMIT 1"; $query = $pdo->prepare($sql); $query->execute(); $result = $query->fetchAll(PDO::FETCH_ASSOC); print_r($result); Expected result: ---------------- No errors Actual result: -------------- Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: -11060 [Informix][Informix ODBC Driver]General error.