|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #44832 PDO: Binding to unset placeholders.
Submitted: 2008-04-25 15:53 UTC Modified: 2011-04-08 21:04 UTC
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: atrauzzi at gmail dot com Assigned:
Status: Open Package: PDO related
PHP Version: 5.2.5 OS: Ubuntu
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2008-04-25 15:53 UTC] atrauzzi at gmail dot com
PHP doesn't support automatic-skipping of placeholders that aren't in a prepared statement.

It would be nice if this rather simple scenario could be handled as it's forcing me to double up on my checks when generating a query.

It's hard to determine whether this is truly an error condition or not.  I hope the issue doesn't bounce without due consideration.

My suggestion is to have the Statement object ignore requests to bind to fields not present in the query.  It might be sloppy, so to that end, I'm happy to see any suggestions for alternatives.

Hopefully I'm not missing a best practice here either ;)

Reproduce code:
The generalized steps are:

o Go through steps to generate query.  At some point during this, the string being built has placeholders (Example: ":userID" and ":isActive") that need to be added.  More often that not these will be surrounded by conditions like "if($lookingForUser)".
o Take the completed query string and generate a prepared statement.
o Bind all requested parameters.

The problem here is at the "Bind all requested parameters" step.  It is there that we'll see an almost identical set of condition checking as encountered during the "Go through steps to generate query" phase.
If I don't want ":isActive" in my query, I have to not only dodge it when generating my query, but also when binding parameters with an identical set of checks.

There must be a cleaner way to do this?!

Expected result:
bindParam should not throw any errors when the parameter isn't present in the query.

Actual result:
bindParam throws an error when you try to bind a parameter that isn't present in the query.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-04-08 21:04 UTC]
-Package: Feature/Change Request +Package: PDO related
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Mar 02 18:01:29 2024 UTC