|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56316 Prepared query emulation doesn't respect INTs
Submitted: 2005-02-21 10:31 UTC Modified: 2005-02-26 10:45 UTC
From: sean at caedmon dot net Assigned: wez (profile)
Status: Closed Package: PDO_MYSQL (PECL)
PHP Version: 5.0.3 OS: Linux
Private report: No CVE-ID: None
 [2005-02-21 10:31 UTC] sean at caedmon dot net
For emulated MySQL prepared queries; everything gets treated as a string:
10:25 <@_Wez_> the emulation stuff forces the input to be a string
10:25 <@_Wez_> and then quotes it


Reproduce code:

function pretty_pdo_error($PDO)
  $err = $PDO->errorInfo();
  echo "PDO Error: {$err[1]}: {$err[2]}\n";

try {
  $PDO = new PDO('mysql:dbname=testdb;host=localhost', 'testdb', 'testdb');
catch (PDOException $e) {
  echo 'Connection failed: ' . $e->getMessage();

$sql = "SELECT * FROM testtable LIMIT :limit";
$QS = $PDO->prepare($sql);
$limit = 10;
$QS->bindParam(':limit', $limit, PDO_PARAM_INT);

if (FALSE === $QS->execute()) {


Expected result:
no error

Actual result:
PDO Error: 1064: You have an error in your SQL syntax near '"10"' at line 1


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-02-26 10:45 UTC]
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on

In case this was a website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PECL better.

PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Sep 25 22:03:39 2021 UTC