php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #53960 "Invalid parameter number" for multiple params equals in query
Submitted: 2011-02-08 17:27 UTC Modified: 2011-05-11 13:22 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:2 (100.0%)
From: contato at andersonfraga dot net Assigned:
Status: Not a bug Package: PDO related
PHP Version: 5.3.5 OS: Windows
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: contato at andersonfraga dot net
New email:
PHP Version: OS:

 

 [2011-02-08 17:27 UTC] contato at andersonfraga dot net
Description:
------------
This error is occurring when I use the same parameter several times in the query.
In PHP 5.2.14, using Gentoo, it works perfectly. Already in versions 5.3.0 and 5.3.3 (using Windows on both), returns an exception.

Bug or 'feature'?

Test script:
---------------
<?php

try {
	$dbh = new PDO('mysql:/*irrelevant*/', Array(
        PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
        PDO::ATTR_EMULATE_PREPARES => false,
    ));

	$select = "SELECT * FROM PR_CLIENTE
	   WHERE DELETADO = 'N'
	     AND (NOME_CLIENTE LIKE :hash_1
	        OR ENDERECO_CLIENTE LIKE :hash_1)
	       ORDER BY ID_CLIENTE DESC
	   LIMIT :hash_2;";

	$statement = $dbh->prepare($select);
	$statement->execute(Array(
		':hash_1' => '%Anderson%',
		':hash_2' => 0,
	));

	$fetch = $statement->fetchAll(PDO::FETCH_ASSOC);
	print_r($fetch);
}
catch(PDOException $e) {
	print_r($e->getMessage());
}
?>

Expected result:
----------------
Array
(
    [0] => Array
        (
            [ID_CLIENTE] => 29
            (...)
        )

)


Actual result:
--------------
SQLSTATE[HY093]: Invalid parameter number

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-05-10 10:03 UTC] uw@php.net
-Status: Open +Status: Bogus
 [2011-05-10 10:03 UTC] uw@php.net
SQL - 2x hash_1:

	     AND (NOME_CLIENTE LIKE :hash_1
	        OR ENDERECO_CLIENTE LIKE :hash_1)


PHP bind - 1x hash_1, 1x hash_2:

	$statement->execute(Array(
		':hash_1' => '%Anderson%',
		':hash_2' => 0,
 [2011-05-10 17:58 UTC] contato at andersonfraga dot net
Anyway... 
I think it should work, right?
'Even more because' it works in 5.2.14..
 [2011-05-11 11:05 UTC] johannes@php.net
The old behavior is clearly wrong. You have explicit names and they are ignored....
 [2011-05-11 13:22 UTC] contato at andersonfraga dot net
Okay then...
Could put some 'warning' in the doc? Please ... ;)
 [2012-06-26 11:56 UTC] baptx dot is at gmail dot com
I've got this problem too, it's because of the PDO::ATTR_EMULATE_PREPARES => false parameter! It seems native prepared statements don't allow the same names in one SQL query...
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun Apr 11 07:01:24 2021 UTC