php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #44832 PDO: Binding to unset placeholders.
Submitted: 2008-04-25 15:53 UTC Modified: 2011-04-08 21:04 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: atrauzzi at gmail dot com Assigned:
Status: Open Package: PDO related
PHP Version: 5.2.5 OS: Ubuntu
Private report: No CVE-ID: None
 [2008-04-25 15:53 UTC] atrauzzi at gmail dot com
Description:
------------
PHP doesn't support automatic-skipping of placeholders that aren't in a prepared statement.

It would be nice if this rather simple scenario could be handled as it's forcing me to double up on my checks when generating a query.

It's hard to determine whether this is truly an error condition or not.  I hope the issue doesn't bounce without due consideration.

My suggestion is to have the Statement object ignore requests to bind to fields not present in the query.  It might be sloppy, so to that end, I'm happy to see any suggestions for alternatives.

Hopefully I'm not missing a best practice here either ;)

Reproduce code:
---------------
The generalized steps are:

o Go through steps to generate query.  At some point during this, the string being built has placeholders (Example: ":userID" and ":isActive") that need to be added.  More often that not these will be surrounded by conditions like "if($lookingForUser)".
o Take the completed query string and generate a prepared statement.
o Bind all requested parameters.

The problem here is at the "Bind all requested parameters" step.  It is there that we'll see an almost identical set of condition checking as encountered during the "Go through steps to generate query" phase.
If I don't want ":isActive" in my query, I have to not only dodge it when generating my query, but also when binding parameters with an identical set of checks.

There must be a cleaner way to do this?!

Expected result:
----------------
bindParam should not throw any errors when the parameter isn't present in the query.

Actual result:
--------------
bindParam throws an error when you try to bind a parameter that isn't present in the query.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-04-08 21:04 UTC] jani@php.net
-Package: Feature/Change Request +Package: PDO related
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 10 20:01:26 2024 UTC