php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62528 PDO disregards SQL comments and throws parameter number exceptions
Submitted: 2012-07-11 07:54 UTC Modified: 2014-01-01 12:36 UTC
Votes:7
Avg. Score:4.0 ± 1.3
Reproduced:7 of 7 (100.0%)
Same Version:3 (42.9%)
Same OS:2 (28.6%)
From: robin at industrialwebs dot nl Assigned:
Status: Open Package: PDO Core
PHP Version: Irrelevant OS: Independent
Private report: No CVE-ID:
Have you experienced this issue?
Rate the importance of this bug to you:

 [2012-07-11 07:54 UTC] robin at industrialwebs dot nl
Description:
------------
Description can also be found here:
http://stackoverflow.com/questions/11415314/pdo-invalid-parameter-number-parameters-in-comments/

The problem is simple: PDO throws an exception when using named or positional parameters in SQL comments. This is unexpected behaviour and costed me quite a while to figure out.

The thrown exceptions for named and positional parameters are, respectively:

Warning: PDOStatement::execute() [pdostatement.execute]: SQLSTATE[HY093]: Invalid parameter number:
Warning: PDOStatement::execute() [pdostatement.execute]: SQLSTATE[HY093]: Invalid parameter number: mixed named and positional parameters

Test script:
---------------
Try executing this query using PDO:

SELECT
    x
FROM
    y
WHERE
    -- CHECKING IF X = ? --
    x = :y
AND
    1 = 2

Or this one:

SELECT
    x
FROM
    y
WHERE
    -- CHECKING IF X = :Z --
    x = :y
AND
    1 = 2

Expected result:
----------------
This should execute the query with only :Z as bound parameter.

Actual result:
--------------
Exceptions because parameters in comments get parsed.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-01-01 12:36 UTC] felipe@php.net
-Package: PDO related +Package: PDO Core
 [2014-08-15 20:48 UTC] stephen at chomadoma dot net
This still occurs in PHP 5.5.0 with MySQL
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sat Jul 29 11:01:37 2017 UTC