php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45491 bytea values don't get escaped in pg_query_params and pg_execute
Submitted: 2008-07-12 08:32 UTC Modified: 2008-07-12 13:38 UTC
From: php at benjaminschulz dot com Assigned:
Status: Not a bug Package: PostgreSQL related
PHP Version: 5.3CVS-2008-07-12 (CVS) OS: linux, darwin
Private report: No CVE-ID:
Password:
Status:
Package:
Bug Type:
Summary:
From: php at benjaminschulz dot com
New email:
PHP Version: OS:

 

 [2008-07-12 08:32 UTC] php at benjaminschulz dot com
Description:
------------
It's not possible to pass bytea values to pg_query_params or pg_execute. It seems like ext/pgsql does no escaping where it should. ext/pgsql is built against libpq 8.3.1.

Reproduce code:
---------------
<?php
$conn = pg_connect(...);
pg_set_client_encoding($conn, 'UTF8');
$res = pg_query_params('SELECT $1::bytea', array("\xf6"));
var_dump(pg_fetch_array($res));

Expected result:
----------------
Some binary string :)

Actual result:
--------------
Warning: pg_query_params(): Query failed: ERROR:  invalid byte sequence for encoding "UTF8": 0xf6
HINT:  This error can also happen if the byte sequence does not match the encoding expected by the server, which is controlled by "client_encoding". in ...



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-07-12 13:38 UTC] johannes@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

pgsql expects a utf-8 string there, got something else and fails -> no PHP issue
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC