php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #5482 ODBC Support lacks ability to pass named parameters for MS Access
Submitted: 2000-07-09 12:09 UTC Modified: 2001-04-28 15:32 UTC
From: bram at xspace dot com Assigned:
Status: Closed Package: ODBC related
PHP Version: 4.0.1pl2 OS: WIN NT 4.0 (WIN 32)
Private report: No CVE-ID: None
 [2000-07-09 12:09 UTC] bram at xspace dot com
Preamble:
There is a similar but slightly different bug report 2976 that describes parameter passing problems as well.

Steps to observe behaviour:

1) In MS Access (preferably 97 or 2000) create a table named PEOPLE containing two fields
    username and password of any type.

2) Populate the table with a row of test data.

3) In MS Access create the following query name verifypassword:

         SELECT username
         FROM people
         WHERE username = InputUsername AND password = InputPass
         WITH OWNERACCESS OPTION;

        Since the DB is not going to be secured for any test cases, do NOT include the 
        WITH OWNERACCESS OPTION, as it is pointless and may not work.  When in a 
        secured database, this query will allow verification of a username and password 
        combination for a user that does not have access to the PEOPLE table without 
        giving direct access to the password field.  I provide this only for a description of
        necessity.

4) Make an ODBC DSN to the DB

5) In your PHP script connect to the DSN first, save connection to $conn.

6) In your PHP script, then add:

         $prep = odbc_prepare( $conn, "SELECT * FROM VERIFYPASSWORD" );
         $params = array( "test", "case" );
         ODBC_Execute( $prep, &$params );

7) You will get a "missing parameters" error.

Problem:
There is no appearant way to populate MS Access parameters from PHP.  
Since, in this case the query must be created under a user with priviledges to
a secured table, the query cannot be generated on the fly -- access will be denied.

Ideally, I should be able to populate my $params array as:
        $params = array( "InUsername" => "test", "InPassword" => "case" );

Synonymous behaviour in ASP:
In ASP the RECORDSET object supports named parameters.  
Obviously this functionality works in ASP.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-04-01 19:48 UTC] kalowsky@php.net
please try this with a recent release or snapshot of PHP 
and see if this continues for you.
 [2001-04-28 15:32 UTC] derick@php.net
No feedback. If this problem persists with PHP 4.0.5 which
will be released next week, please reopen this report.

Derick
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Wed Feb 20 22:01:25 2019 UTC