php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #60624 Incorrect Invalid variable used for bind error
Submitted: 2011-12-29 11:35 UTC Modified: 2012-10-26 05:18 UTC
Votes:6
Avg. Score:4.5 ± 0.8
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:1 (25.0%)
From: 935c at itsynergy dot co dot uk Assigned: sixd (profile)
Status: No Feedback Package: OCI8 related
PHP Version: 5.3.8 OS: Scientific Linux 6.1
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: 935c at itsynergy dot co dot uk
New email:
PHP Version: OS:

 

 [2011-12-29 11:35 UTC] 935c at itsynergy dot co dot uk 
Description:
------------
I am seeing the following errors generated for no apparent reason when a function 
is used as a string source:
PHP Warning:  oci_bind_by_name(): Invalid variable used for bind
PHP Warning:  oci_execute(): ORA-01008: not all variables bound

If I replace the $sim_token parameter in my FS_ORA_NEW_SIMTOKEN call with a 
static string, e.g. "2", then it all works fine.

Test script:
---------------
-- The OCI8 Call --
function FS_ORA_NEW_SIMTOKEN($p_sess,$p_tkn) {
        $c = FS_ORA_CONNECT();
        $s = oci_parse($c, "begin fs_pkg_XXXXX.new_auth(:p_sess,:p_sim);end;");
        oci_bind_by_name($s,":p_sess",$p_sess,-1,SQLT_CHR);
        oci_bind_by_name($s,":p_sim",$p_tkn,-1,SQLT_CHR);
        $exec_status=oci_execute($s);
        oci_free_statement($s);
        return $exec_status;
}
-- The Token Generator--
function FS_SIMAPI_GETTOKEN() {
        $valid_time=time()+FS_SIM_TOKLEN;
        $sesskey=htmlspecialchars(sha1(XXXXXXXXXXXXX));
        $qry_array=array(
        'mode' => 'AUTH',
        'user' => FS_SIM_UNA,
        'clientip'=>FS_SIM_SRCIP,
        'expiry' => $valid_time,
        'key' => $sesskey
        );
        $tokres=FS_SIMAPI_SIMPLEPOST("XXXXXXX AUTH",$qry_array);
        if ($tokres==false) {
                return false;
        }
        libxml_use_internal_errors(true);
        try {
        $xmlp=new SimpleXMLElement($tokres);
        } catch (Exception $e) {
                foreach(libxml_get_errors() as $error_line) {
                $error_msg = "SimpleXML: ".$error_line->message;
                FS_APPTOOL_LOGERR($error_msg);
                }
        return false;
        }
        return $xmlp->results->token;
}
-- The Application Call--
// 4 XXXXXX Token
$sim_token=FS_SIMAPI_GETTOKEN();
if($sim_token!=false) {
$sim_to_db=FS_ORA_NEW_SIMTOKEN($_COOKIE['fs_cookie'],$sim_token);
if($sim_to_db==false) {
    header("Location: " . FS_APP_HOME_URI . "?autherr=" . urlencode(FS_ERR_SIMFAIL));
    exit;
}
} else {
    header("Location: " . FS_APP_HOME_URI . "?autherr=" . urlencode($sim_token));
    exit;
}

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-12-29 11:37 UTC] 935c at itsynergy dot co dot uk 
OCI8 Support	enabled
Version	1.4.6
Revision	$Revision: 313688 $
Active Persistent Connections	0
Active Connections	0
Oracle Run-time Client Library Version	11.2.0.2.0
Oracle Version	11.2
Compile-time ORACLE_HOME	/u01/app/oracle/product/11.2.0/xe
Libraries Used	-Wl,-rpath,/u01/app/oracle/product/11.2.0/xe/lib -
L/u01/app/oracle/product/11.2.0/xe/lib -lclntsh
Temporary Lob support	enabled
Collections support	enabled


Directive	Local Value	Master Value
oci8.connection_class	no value	no value
oci8.default_prefetch	100	100
oci8.events	Off	Off
oci8.max_persistent	-1	-1
oci8.old_oci_close_semantics	Off	Off
oci8.persistent_timeout	-1	-1
oci8.ping_interval	60	60
oci8.privileged_connect	Off	Off
oci8.statement_cache_size	20	20
 [2011-12-29 13:47 UTC] 935c at itsynergy dot co dot uk 
update php version
 [2011-12-29 13:47 UTC] 935c at itsynergy dot co dot uk
-PHP Version: Irrelevant +PHP Version: 5.3.8
 [2012-01-27 00:20 UTC] sixd@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.

Can you give a concrete example of a failing $p_tkn token?  Also what is the 
fs_pkg signature? Do the oci_bind_by_name calls return errors?
 [2012-01-27 00:20 UTC] sixd@php.net
-Status: Open +Status: Feedback
 [2012-02-23 21:47 UTC] sixd@php.net
-Assigned To: +Assigned To: sixd
 [2012-10-26 05:18 UTC] sixd@php.net
-Status: Feedback +Status: No Feedback
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Mon Dec 30 16:01:29 2024 UTC