php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #36798 mysql error when using named parameters in a query with high ascii
Submitted: 2006-03-20 15:50 UTC Modified: 2006-12-05 18:06 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: albert at jool dot nl Assigned:
Status: Closed Package: PDO related
PHP Version: 5.1.2 OS: Debian Sarge
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: albert at jool dot nl
New email:
PHP Version: OS:

 

 [2006-03-20 15:50 UTC] albert at jool dot nl
Description:
------------
Create a PDO_MYSQL connection ($db in the example code). Prepare a query with high ascii values between single quotes (update queries are often affected) and one or more named parameters. Execute the query. 

Reproduce code:
---------------
$query = "
	SELECT		'?' as test
	FROM		test
	WHERE		id = :id";
$stm = $db->prepare($query);
$stm->execute(array(":id" => 1));

Expected result:
----------------
No errors, query is correct when executed directly under mysql.

Actual result:
--------------
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':id' at line 3

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-03-20 15:54 UTC] albert at jool dot nl
Changing the single quotes in the query to double seems to fix the problem.
 [2006-03-20 15:59 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5.1-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.1-win32-latest.zip

Can't reproduce.
 [2006-03-20 16:52 UTC] albert at jool dot nl
Tried the snapshot, and the problem still exists. Perhaps you aren't seeing the error because you need to explicitly set exception handling:

$db = new PDO("mysql:host=$dbHost;dbname=$dbName", $dbUser, $dbPass);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

[.. and then the code ..]
 [2006-03-20 16:53 UTC] albert at jool dot nl
oops, changed the summary
 [2006-03-21 15:41 UTC] iliaa@php.net
What is the charset of the server/connection?
 [2006-03-22 19:53 UTC] albert at jool dot nl
Charset of the connection is default ISO-8859-1 (you need to explicitly set another charset in the dsn), and the charset of any mysql table used is default latin1 - if any solution requires changing any of these settings, consider changing PHP first :). 

Anyhow, notice that the query _parsing_ fails, not the query itself. The double-quote fix isn't working btw - the error just didn't show up anymore as output (which is also strange!).
 [2006-12-05 18:06 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 23 13:01:29 2024 UTC