PHP :: Bug #36652 :: Prepared statements killing script

Bug #36652

Prepared statements killing script

Submitted:

2006-03-08 06:19 UTC

Modified:

2006-04-09 08:19 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

shadda at gmail dot com

Assigned:

Status:

Closed

Package:

PDO related

PHP Version:

5.1.2

OS:

Debian 3.1

Private report:

CVE-ID:

None

View Developer Edit

[2006-03-08 06:19 UTC] shadda at gmail dot com

Description:
------------
Using prepared statements causes my script to die, in two ways depending on how I use them. If I use bindParam() the script dies silently (no error, no exception thrown, even with PDO::ATTR_ERRMODE set to ERRMODE_EXCEPTION) and I am unable to output anything (above or below). When I pass the parameter through PDOStatement::execute(), I receive the following error:

SQLSTATE[42P18]: Indeterminate datatype: 7 ERROR: could not determine data type of parameter $1

Reproduce code:
---------------
<?php
//First Example
$query = $db->prepare("select font_name, path from fonts_list where id = ?");

$query->execute( array($_GET['foo']) );
//Produces error (see above)

//Second example
$query = $db->prepare("Select font_name, path from fonts_list where id = :id");
$query->bindParam(':id', $id);

$id = $_GET['foo'];
$query->execute();

//Kills the script. No Error. Nothing error log.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-03-08 08:28 UTC] tony2001@php.net

What driver are you using with PDO ?
Is it PDO_OCI or PDO_MYSQL or something else?
Did you try CVS snapshot from http://snaps.php.net?

[2006-03-10 00:05 UTC] shadda at gmail dot com

Excuse the delay; I'm using PDO_PGSQL driver, and yes I've tried the latest snapshot from snaps.php.net.

I just built it, and tested the code.

Gluttony:/home/shadda/php5.1-200603081930# php -r '

try { 

   $db = new PDO("pgsql:host=localhost;dbname=carbonix", "xoom", "1914"); 
   $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
   $q = $db->prepare("select ?"); 
   $q->execute( array(1) ); var_dump($q->fetch()); 

} catch (Exception $e) { echo $e->getMessage(); }'

Returns: 

SQLSTATE[42P18]: Indeterminate datatype: 7 ERROR:  could not determine data type of parameter

[2006-04-09 08:19 UTC] wez@php.net

postgres has a particularly poor C API for communicating type information in prepared statements.

You most likely need to add some kind of nasty cast for those statements to work correctly, or sidestep the issue by preparing your statement using:

$stmt = $db->prepare($sql, array(PDO::PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT => true));

or, using the very latest snap:

$stmt = $db->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true));

If you can repeat the silent-death of your script, please re-open this bug report.  I'm assuming that it's fixed because your additional comments have working error information.

[2020-11-10 04:22 UTC] dinomarindiaz178 at gmail dot com

wez@php.net Sir, you save my life 
work for me in postgres PDO with 
$stmt = $db->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true));
Thanks

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Apr 08 03:01:29 2025 UTC