php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #5458 odbc_prepare crashes calling MSSQL stored procedures
Submitted: 2000-07-08 14:09 UTC Modified: 2000-11-09 12:37 UTC
From: santiago dot holgado at telesoft dot es Assigned:
Status: Closed Package: ODBC related
PHP Version: 4.0 Release Candidate 2 OS: Windows NT 4.0 SP6
Private report: No CVE-ID: None
 [2000-07-08 14:09 UTC] santiago dot holgado at telesoft dot es
PHP 4.0.1pl2 Win32 CGI (the one in php.net) under IIS4

I'm using ODBC support to access MS SQL Server databases by querying stored procedures. The way to call those is the next one:
{CALL sp(param1, param2)}
written into {}. The following code (and similar calls) worked in PHP 3.0.16, but now the following sentence

if (($Resultset = odbc_prepare($Conexion, "{CALL chkUserName(?)}")) == false) {
	die("Error");
}

ends with a Fatal: emalloc()
Replacing ? with a parameter works fine.
I will also point that the automatic parameter binding done in odbc_execute, causes that I can't return values using parameters
{? = CALL sp(?,?)}
This is a valid SQL Server sentence which allows returning a code, and it's done by binding a parameter using OUTPUT or RETURN instead of INPUT. I remember also that the parameter binding done only binded strings (that was PHP 3.0.16)
As pointed in another bug, I'll recomend adding a odbc_bindparameter function with 4 params: prepared statement, argument, sql data type, input/output. Parameter order can be checked with Microsoft documentation.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-10-22 05:38 UTC] dbeu@php.net
does the problem still exist with 4.0.3pl1?
 [2000-11-09 12:37 UTC] waldschrott@php.net
no feedback
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 11:01:30 2024 UTC