PHP :: Request #23865 :: Parametric Queries, and Parametric Stored Procedures in Postgres

Request #23865	Parametric Queries, and Parametric Stored Procedures in Postgres
Submitted:	2003-05-28 16:06 UTC	Modified:	2005-03-21 09:28 UTC
From:	rcphp at littondale dot dyndns dot org	Assigned:	chriskl (profile)
Status:	Closed	Package:	Feature/Change Request
PHP Version:	4.3.1	OS:	Linux (Debian Unstable)
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	rcphp at littondale dot dyndns dot org
New email:
PHP Version:		OS:

New Comment:

[2003-05-28 16:06 UTC] rcphp at littondale dot dyndns dot org

Feature reqeuest for parametric queries, SQL bind variables, 
parameterised procedure calls, or whatever people call them 
;-) 
 
For example 
 
 pg_query("UPDATE Wibble SET foo=? WHERE wombat=?", 
$newFoo, $wombat); 
 
 pg_exec("spAddComment(?,?,?)",$user,$title,$content); 
 
A notable feature of these is no need to build dynamic SQL, 
and remember to addslashes(). Security becomes easier, and 
if prepared statements can be reused, speed can become 
better. 
 
 $stmt = pg_prepare("INSERT INTO Events (date,msg) 
VALUES (?,?)"); 
 
 pg_execute($stmt,date(),"Wotzit Flobbled"); 
 ... 
 pg_execute($stmt,date(),"Slime Thoroughly Slaughtered"); 
 
(Does PHP have varargs by the way?) 
 
Some finer details to sort, due to the way different database 
backends work. Postgres has stored procedures, but it looks 
like you SELECT from them, and they behave like functions in 
other databases. 
 
Otherwise though, a good language. 
 
 - Richard

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-03-21 09:28 UTC] chriskl@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

- Added several new functions to support the PostgreSQL v3 protocol introduced
  in PostgreSQL 7.4. (Christopher)
  . pg_transaction_status() - in-transaction status of a database connection.
  . pg_query_params() - execution of parameterized queries.
  . pg_prepare() - prepare named queries.
  . pg_execute() - execution of named prepared queries.
  . pg_send_query_params() - async equivalent of pg_query_params().
  . pg_send_prepare() - async equivalent of pg_prepare().
  . pg_send_execute() - async equivalent of pg_execute().
  . pg_result_error_field() - highly detailed error information,
    most importantly the SQLSTATE error code.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2026 The PHP Group All rights reserved.	Last updated: Wed Mar 18 02:00:02 2026 UTC