|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69257 Error on PDO MySQL non-emulated statements and repeating the same named param
Submitted: 2015-03-18 16:00 UTC Modified: 2021-09-28 10:41 UTC
Avg. Score:4.0 ± 1.2
Reproduced:5 of 5 (100.0%)
Same Version:1 (20.0%)
Same OS:5 (100.0%)
From: jrbasso at gmail dot com Assigned: cmb (profile)
Status: Duplicate Package: PDO MySQL
PHP Version: 5.6.6 OS: Any
Private report: No CVE-ID: None
 [2015-03-18 16:00 UTC] jrbasso at gmail dot com
When using prepared statements with named parameters that repeats in the statement work fine in emulated prepared statements, but doesn't work in non-emulated mode.

The test script is a simple way to reproduce it.

Test script:

$pdo = new PDO('mysql:unix_socket=/var/run/mysqld/mysqld.sock;dbname=test;charset=utf8', 'test', 'test');
$pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

$stmt = $pdo->prepare('SELECT :a = :a');
$stmt->bindValue(':a', 1, PDO::PARAM_INT);


Expected result:
array(1) {
  string(1) "1"

Actual result:
PHP Fatal error:  Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number' in /home/vagrant/shared/test.php:10
Stack trace:
#0 /home/vagrant/shared/test.php(10): PDOStatement->execute()
#1 {main}
  thrown in /home/vagrant/shared/test.php on line 10


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2018-01-09 19:20 UTC] sebastiaanlokhorst at gmail dot com
This bug is still present in PHP 7.2.

The crazy thing is that it is well known and even expected to fail since the addition mysqlnd support in PDO_mysql in 2008.

In the pdo_mysql_prepare_native_dup_named_placeholder.phpt test[1], this exact scenario is tested, and it's expected to fail with
"Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number in %s on line %d"
 [2018-01-09 22:22 UTC] sebastiaanlokhorst at gmail dot com
So apparently this is indeed expected behavior: see e.g.

But this means there's a bug in the emulated statement, as it works there. The behavior should be consistent.
 [2021-09-28 10:41 UTC]
-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb
 [2021-09-28 10:41 UTC]
This is a duplicate of bug #48856.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Mon Dec 11 00:01:26 2023 UTC