php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #39146 Named placeholder is not bound correctly with Subqueries
Submitted: 2006-10-13 12:29 UTC Modified: 2006-10-15 16:46 UTC
From: php at mailingslists dot birkholz dot biz Assigned:
Status: Closed Package: PDO related
PHP Version: 5.1.6 OS: Linux 2.6.17-gentoo-r7
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: php at mailingslists dot birkholz dot biz
New email:
PHP Version: OS:

 

 [2006-10-13 12:29 UTC] php at mailingslists dot birkholz dot biz
Description:
------------
When binding to a named placeholder in a prepared-statement using mysql-5.0.24-r1 causes unpredictable behaviour.
With PHP 5.1.4 the query goes correct.

Reproduce code:
---------------
<?php

$dbh = new PDO('mysql:host=localhost;dbname=mysql', 'root', 'pwd');

$query1 = "SELECT * FROM user WHERE User=:user AND Host IN (SELECT Host FROM user WHERE User=:user)";
$query2 = "SELECT * FROM user WHERE Host IN (SELECT Host FROM user WHERE User=:user) AND User=:user";

$stm1 = $dbh->prepare($query1);
$stm1->bindValue(':user', 'root');
$stm1->execute();
print count($stm1->fetchAll()).'<br>';

$stm2 = $dbh->prepare($query2);
$stm2->bindValue(':user', 'root');
$stm2->execute();
print count($stm2->fetchAll()).'<br>';


Expected result:
----------------
Should return: (like it does using the command-line-client)

2
2

Actual result:
--------------
It returns:

2
6

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-10-15 16:46 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 10:01:28 2024 UTC