|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2020-02-15 00:19 UTC] v-yitam at microsoft dot com
Description: ------------ PDO_API int pdo_parse_params() in ext/pdo/pdo_sql_parser.re ignores (skips) any placeholder in between two backslashes `\` If I replaced the backslash `\` with forward slash '/' in the query, the query succeeded and returned the row as expected. If the following line is removed the 'problem' is gone: https://github.com/php/php-src/blob/master/ext/pdo/pdo_sql_parser.re#L59 If this is intentional (by design), please explain or let us know if there is a workaround. Test script: --------------- $dbh = new PDO("sqlsrv:server=$server;Database = $db", $uid, $pwd); $tableName = 'testPDO'; $create_sql = "CREATE TABLE $tableName(id int NOT NULL, langcode varchar(12), revision_id int, [path] nvarchar(255), [alias] nvarchar(255))" $dbh->exec($create_sql1); $insert_sql = "INSERT INTO $tableName(id, langcode, revision_id, [path], [alias]) VALUES (4, 'en', 4, '/node/3', '/')"; $dbh->exec($insert_sql); $sql = "SELECT * FROM $tableName WHERE [path] LIKE :path ESCAPE '\' AND [langcode] like :lang ESCAPE '\'"; $args = [ ':path' => '%node%', ':lang' => 'en' ]; $sth = $dbh->prepare($sql); $sth->execute($args); $row = $sth->fetch(PDO::FETCH_NUM); var_dump($row); Expected result: ---------------- array(5) { [0]=> string(1) "4" [1]=> string(2) "en" [2]=> string(1) "4" [3]=> string(7) "/node/3" [4]=> string(1) "/" } Actual result: -------------- PHP Fatal error: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in C:\Workspace\Test\pdo_1093.php:53 PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Feb 18 00:01:30 2025 UTC |
I'm the person who originlly submitted this as a bug report to Microsoft, who then passed it on to the PHP-PDO team. I am updating the SQL Server driver for the Drupal CMS. Drupal uses backslash-escaped strings for LIKE expressions as its standard. SQL Server does not as its default, but can when specified in the expression as `field LIKE :parameter_x ESCAPE '\'`. When several LIKE expressions are used in one query, an exception is thrown. The Drupal core testsuite includes a test for this situation. Other databases use the `ESCAPE '{delimiter}'` syntax, so this bug will likely affect those drivers as well.