php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #43279 pg_send_query_params converts all elements in 'params' to strings
Submitted: 2007-11-13 17:51 UTC Modified: 2007-11-13 20:08 UTC
From: TheRealAL at gmail dot com Assigned:
Status: Closed Package: PostgreSQL related
PHP Version: 5.2.5 OS: Debian GNU/Linux
Private report: No CVE-ID:
 [2007-11-13 17:51 UTC] TheRealAL at gmail dot com
Description:
------------
Is seems pg_send_query_params internally converts all parameters passed in array 'params' to strings.
It's very strange, because 'params' is passed by-value. And much more strange - if 'params' was passed from some wrapper function (in which it was passed by-value), original value of this array will be modified even outside wrapper.

Configure Command =>  './configure'  '--prefix=/usr/local/php5-mod' '--disable-all' '--with-apxs2=/usr/local/apache2-php5/bin/apxs' '--enable-cli' '--disable-cgi' '--disable-ipv6' '--with-pcre-regex' '--with-zlib' '--enable-hash' '--enable-mbstring' '--with-pgsql' '--enable-session' '--enable-wddx' '--enable-libxml' '--enable-xml'

Reproduce code:
---------------
function query($dbh, $sql, $params)//$params: passed by value!!!
{
        pg_send_query_params($dbh, $sql, $params);
        // ...
}


$dbh = pg_connect('host=localhost dbname=esp user=esp password=pass');


$foo = array(5, 10);
var_dump($foo);

query($dbh, 'SELECT data FROM test WHERE id = $1 OR id = $2', $foo);

var_dump($foo);


pg_close($dbh);

Expected result:
----------------
array(2) {
  [0]=>
  int(5)
  [1]=>
  int(10)
}
array(2) {
  [0]=>
  int(5)
  [1]=>
  int(10)
}


Actual result:
--------------
array(2) {
  [0]=>
  int(5)
  [1]=>
  int(10)
}
array(2) {
  [0]=>
  string(1) "5"
  [1]=>
  string(2) "10"
}


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-11-13 20:08 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 23 09:02:23 2014 UTC