php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #41639 odbc_execute fails with parameters
Submitted: 2007-06-08 18:08 UTC Modified: 2007-07-19 01:00 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: cody dot stockwell at qsicorp dot com Assigned: kalowsky (profile)
Status: No Feedback Package: ODBC related
PHP Version: 4.4.7 OS: Red Hat 4 ES
Private report: No CVE-ID: None
View Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
14 - 10 = ?
Subscribe to this entry?

 
 [2007-06-08 18:08 UTC] cody dot stockwell at qsicorp dot com 
Description:
------------
The script works fine when talking to Apache(WinXP)/PHP5/DNS [SQL Server]/MS SQL Express 2005,
but when I try to get it to run on Apache (Linux)/PHP4/[unixODBC/FreeTDS]/MS SQL Express 2005 I get an error from PHP.

If I place variables into the odbc_prepare() statement directly it works fine, but for some reason refuses to replace the '?' parameter in odbc_execute(). Obviously that would negate the security advantage of using odbc_prepare().

So it appears to be a bug in PHP4, but unfortunately the boss is hesitant to install PHP5 or any new version for fear of breaking everything.

Reproduce code:
---------------
<?php
$dsn = "SQLExpress";
$dbuser = "sa";
$dbpass = "mypass";
$dbname = "mydb";

$connect = odbc_connect($dsn, $dbuser, $dbpass);
odbc_exec($connect, "use " . $dbname) or die("Failed to connect to database.");

$query = odbc_prepare($connect, "SELECT FIRST_NAME, MIDDLE_INITIAL, LAST_NAME FROM mytable WHERE LAST_NAME = ?");
odbc_execute($query, array("Smith"));

echo odbc_result_all($query);
?>


Expected result:
----------------
FIRST_NAME	MIDDLE_INITIAL	LAST_NAME
Joseph	C	Smith
Travis	M	Smith
2

Actual result:
--------------
Warning: odbc_execute(): SQL error: <&#65533;tH&#65533; I&#65533;&#65533;5, SQL state 00000 in SQLExecute in /var/www/html/v_contact.php on line 11

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-07-11 13:00 UTC] jani@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows (zip):
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip

For Windows (installer):

  http://snaps.php.net/win32/php5.2-win32-installer-latest.msi

If the bug exists in PHP 5.2 snapshot, update the version to "5CVS, 4CVS (yyyy-mm-dd)
 [2007-07-19 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Oct 31 12:00:01 2025 UTC