php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #12137 PEAR/DB : DB_common::executeEmulateQuery() bug
Submitted: 2001-07-13 05:34 UTC Modified: 2001-09-06 19:04 UTC
From: sav at tut dot by Assigned:
Status: Closed Package: Unknown/Other Function
PHP Version: 4.0.6 OS:
Private report: No CVE-ID: None
 [2001-07-13 05:34 UTC] sav at tut dot by
Multiple execution emulation fails as in the following script: 
<?php
  $db  = DB::connect("mysql://localhost/test");
  $some_query_with_params = "DELETE FROM TST WHERE id = ? ";
  $params = array(1,2,3);
  $stmt = $db->prepare($some_query_with_params); 
  foreach($params as $param)
    $db->execute($stmt, array($param)); //Fails !!!
?>

The reason for that is executeEmulateQuery() code:

    function executeEmulateQuery($stmt, $data = false)
    {
        $p = &$this->prepare_tokens;
        $stmt = (int)$this->prepare_maxstmt++; // BUG ?

        if (!isset($this->prepare_tokens[$stmt]) ||
            !is_array($this->prepare_tokens[$stmt]) ||
            !sizeof($this->prepare_tokens[$stmt])) {
            return $this->raiseError(DB_ERROR_INVALID);
        }

        $qq = &$this->prepare_tokens[$stmt];
        // and so on...
What does the second line do?:
  $stmt = (int)$this->prepare_maxstmt++;
It ignores the input parameter $stmt, sets it to some unreasonable value, and we always get DB_ERROR_INVALID. If the line is removed - everything works. Apparently this line should not be here at all.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-09-06 19:04 UTC] cox@php.net
That was fixed in 11th July 2001. Thanks any way.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC