php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #18375 charset support for embedded libmysql
Submitted: 2002-07-16 15:48 UTC Modified: 2002-10-12 12:29 UTC
From: Xuefer at 21cn dot com Assigned: zak (profile)
Status: Not a bug Package: MySQL related
PHP Version: 4.2.0 OS: all
Private report: No CVE-ID: None
 [2002-07-16 15:48 UTC] Xuefer at 21cn dot com
as described in manual, addslashes is for prepairing database queries
but it don't fit for mysql4.x when charset is set to multibyte, e.g. GBK

escape/unescaping multibyte string is process differently in mysql-client/mysqld (btw: i dunno why it need to do such way)

when a binary data addslashes() by php sent to mysqlserver, myodbc_remove_escape

mysql_escape_string need upgraded mysql library
but addslashes is used to process GPC when magic_quote is on

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-07-16 16:23 UTC] sniper@php.net
magic_quotes_* can be turned off, no bug there. 
And if I understood correctly, mysql_escape_string()
works fine with multibyte data? So where's the bug here?
Sounds more like documentation problem..

 [2002-07-17 01:34 UTC] Xuefer at 21cn dot com
of cos magic_quote_* can be turned off, but how about turnning on?

and the binary version os php or bundled libmysql in php is out dated
both addslashes() and mysql_escape_string() didn't help me to insert binary data into mysql databse :(

may be a bug of mysql 4 ?....
after all, i'm not expert to those sources :(
 [2002-07-17 01:39 UTC] sniper@php.net
Can you please try this snapshot:

http://snaps.php.net/win32/php4-win32-latest.zip

The bundled mysql lib was updated recently..unfortunately
I'm not able to test this as I don't have windowds machine 
to test it..

About magic_quotes_*: I personally would like to see them removed altogether...

 [2002-07-17 01:41 UTC] xuefer at 21cn dot com
there're some other things to say.

i always get my code runnign under magic_quote_* off
but php_addslashes()(PHPAPI) is widely used internally

there is a configuration flag "magic_quotes_sybase" for special to sybase, will there a flag for warping php_addslashes to mysql_escape_string ?
 [2002-07-17 01:53 UTC] sniper@php.net
Everyplace where php_addslashes is used, it's only used
if the magic_quotes_* stuff is turned on (magic_quotes_runtime)..or is there someplace where it is
used anyway?


 [2002-07-17 02:48 UTC] Xuefer at 21cn dot com
tested with latest build
still can't pass
also checkout cvs source
it's not libmysql 4
 [2002-07-20 03:49 UTC] georg@php.net
To escape data please use mysql_real_escape_string 
function, which is implemented in the current cvs version.

http://www.php.net/manual/en/function.mysql-real-escape-string.php.

 [2002-07-20 07:44 UTC] Xuefer at 21cn dot com
i've tested with lastest build
but sorry to tell u that, problem still there

<?php
$data = chr(160) . "'";
echo mysql_character_set_name();
$data = mysql_real_escape_string($data);
mysql_query("SELECT '$data'"); // got error

?>
win32 build and bundled libmysql still has no gbk support build-in
gbk and other multibyte charset has to be built in (i don't bother why have to)
get the same error
MySQL - 1064 - You have an error in your SQL syntax near ''?\''' at line 1

and i have to put gbk.conf in shared/charset dir in order to `fake' a charset which has to be built-in, although it's not right, but it's my only way

mysql_character_set_name() return gbk
if didn't put gbk.conf, return latin1, and apache/logs/error.log complain about missing charset file
 [2002-07-20 15:32 UTC] georg@php.net
Ok, looks like we have to do something with the embedded libmysql charset support.

Assigned to Zak :)
 [2002-07-26 15:36 UTC] georg@php.net
Sorry, unfortunately I changed the summary few days before
 [2002-10-12 12:29 UTC] georg@php.net
Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same. Because of this, we hope you add your comments
to the original bug instead.

Thank you for your interest in PHP.

Duplicate, see #15375 (missing charset support in embedded libmysql).

Georg
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 09 03:01:27 2024 UTC