php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33886 PDO Prepared Statement fails if binding id (:blah) is used more then once.
Submitted: 2005-07-27 15:57 UTC Modified: 2005-07-27 16:20 UTC
Votes:16
Avg. Score:4.6 ± 0.7
Reproduced:10 of 11 (90.9%)
Same Version:2 (20.0%)
Same OS:3 (30.0%)
From: wb at pro-net dot co dot uk Assigned:
Status: Wont fix Package: PDO related
PHP Version: 5.0.4 OS: FreeBSD 5.4-RELEASE-p2
Private report: No CVE-ID:
Have you experienced this issue?
Rate the importance of this bug to you:

 [2005-07-27 15:57 UTC] wb at pro-net dot co dot uk
Description:
------------
When using the same binding id in a query the PDOStatement::execute() method still requires you to specify the same amount of parameters.

Reproduce code:
---------------
<?php
$pdo = new PDO('pgsql:host=localhost dbname=bats user=user password=pass');
$pdo->setAttribute(PDO_ATTR_ERRMODE, PDO_ERRMODE_EXCEPTION);

$statement = $pdo->prepare("
            UPDATE groups
            SET
               lft = CASE WHEN lft > :right
                     THEN lft + 2
                     ELSE lft END,
               rgt = CASE WHEN rgt >= :right
                     THEN rgt + 2
                     ELSE rgt END
            WHERE
              rgt >= :right
            ");
$statement->execute(array(':right' => 5));

?>

Expected result:
----------------
Would expect the statement to execute without issue.

Actual result:
--------------
PHP Fatal error:  Uncaught exception 'PDOException' with message 'SQLSTATE[08P01]: <<Unknown error>>: 7 ERROR:  bind message supplies 1 parameters, but prepared statement "pdo_pgsql_stmt_08257c0c" requires 3' in /usr/home/wb/bats/scripts/tests/pdoQuery.php:17
Stack trace:
#0 /usr/home/wb/bats/scripts/tests/pdoQuery.php(17): PDOStatement->execute(Array)
#1 {main}
  thrown in /usr/home/wb/bats/scripts/tests/pdoQuery.php on line 17


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-07-27 16:00 UTC] wb at pro-net dot co dot uk
Using PDO-0.9 and PDO_PGSQL-0.9
 [2005-07-27 16:04 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip


 [2005-07-27 16:13 UTC] wez@php.net
It's not portable to rely on that.
You need to create three parameters and bind them separately.
 [2005-07-27 16:20 UTC] wb at pro-net dot co dot uk
Fair enougth.

I will submit a note to the php manual about this.

Keep up the good work :)
 [2014-03-18 15:53 UTC] php at pineight dot com
Use of named placeholders is also not portable, as MySQL supports only positional placeholders, yet PDO emulates it. Why does PDO emulate named placeholders on MySQL but not emulate repeated placeholders? Otherwise, applications using PDO will end up littered with passive-aggressive workarounds:

  $args[':skuid_bug33886'] = $args[':skuid'];
  $args[':supplierid_bug33886'] = $args[':supplierid'];
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 19:02:26 2014 UTC