php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #54605 promote the usage of mysql_set_charset
Submitted: 2011-04-26 11:26 UTC Modified: 2012-06-08 00:12 UTC
From: tyra3l at gmail dot com Assigned: philip (profile)
Status: Closed Package: Documentation problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: tyra3l at gmail dot com
New email:
PHP Version: OS:

 

 [2011-04-26 11:26 UTC] tyra3l at gmail dot com 
Description:
------------
I noticed that nobody from my fellow php developers are aware that they should 
use mysql_set_charset over mysql_query('SET NAMES utf-8');
I wanted to tell them to RTFM, but currently, the only place that we talk about 
mysql_set_charset is on the documentation page of mysql_client_encoding and the 
documentation page of that function, which tells that:
"This is the preferred way to change the charset. Using mysql_query() to execute 
SET NAMES .. is not recommended."
but doesn't mention why is that.

I would propose adding something like this to the documentation either as a note 
or in the description:

"As mysql_real_escape_string takes into account the current character set of the 
connection, you should only change client encoding through mysql_set_charset, 
not via mysql_query('SET NAMES ...'); or mysql_real_escape_string cannot 
guarantee that the string is properly escaped."

maybe we should link http://shiflett.org/blog/2006/jan/addslashes-versus-mysql-
real-escape-string also.

I would also propose that we link mysql_set_charset in the documentation of 
mysql_real_escape_string, and adding a mysql_set_charset into every mysql 
example.

the same should be done to the mysqli documentation also

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-05-04 09:27 UTC] uw@php.net
-Assigned To: +Assigned To: philip
 [2012-05-04 09:27 UTC] uw@php.net 
Do you think this can be closed meanwhile?
 [2012-05-04 11:17 UTC] jpauli@php.net 
+1 for the exact same reasons as my developers do SET NAMES and are not aware of 
such functionality
 [2012-06-08 00:11 UTC] philip@php.net 
Automatic comment from SVN on behalf of philip
Revision: http://svn.php.net/viewvc/?view=revision&revision=326022
Log: Documented that setting the character set via an SQL query will not be
useful to real_escape_string. This closes PHP Bug #54605
 [2012-06-08 00:12 UTC] philip@php.net
-Status: Assigned +Status: Closed
 [2012-06-08 00:12 UTC] philip@php.net 
This has been fixed in SVN, thank you for the report.
 [2012-06-08 05:21 UTC] philip@php.net 
Automatic comment from SVN on behalf of philip
Revision: http://svn.php.net/viewvc/?view=revision&revision=326024
Log: Added a concepts section about character sets, and linked to it in various places.
This is an improved fix for PHP Bug #54605
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Nov 01 01:01:28 2024 UTC