php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7284 Does'n work queries with placeholders
Submitted: 2000-10-17 12:06 UTC Modified: 2000-10-27 22:40 UTC
From: iamhere at online dot ru Assigned: jah (profile)
Status: Closed Package: InterBase related
PHP Version: 4.0.2 OS: Linux RedHat 6.2
Private report: No CVE-ID: None
 [2000-10-17 12:06 UTC] iamhere at online dot ru
DESCRIPTION:
-----------
1. I can't make simple query with params (with placeholders "?" in SQL).
Then i call ibase_query without placeholders or ibase_prepare - there are
not any errors, all works fine.

But when i try make query similar to
"INSERT INTO TABLE1 (FIELD1) VALUES ( ? )", then ibase_query or
ibase_execute crash script or server - there are no response or an error
unknown responded.

I can work without placeholders, simple by placing param values into
SQL, but not with BLOBs

if i try to place $blob_id_str directly into SQL
"INSERT INTO TABLE2(BLOB1) VALUES ('$blob_id_str')"
Interbase returns error "unexpected end of command"

2. In some queries, with MANY result fields, some fields does not contains
correct values.

3. Why many ib-functions are not documented yet? Does it's means that these
functions is untested and bugfull?

SCRIPT:
--------
<html><body>
test
<hr>
<?
    $test_base = "lin:/opt/interbase/db/php.gdb";
    ibase_connect($test_base, "sysdba", "masterkey");
    ibase_query(
        "drop table test_a");
    ibase_commit();
    ibase_query(
        "create table test_a (
            id int not null primary key,
            memo blob
            )");
    ibase_commit();

    ibase_query("insert into test_a(id) values(0);");
    /////// OK HERE //////////////

   
    $q = ibase_prepare("insert into test_a(id) values ( ? )");
    echo $q;
    /////// OK HERE //////////////


    $five = 5;
    ibase_execute($q, $five);
    /////// CRASH HERE //////////////


    ibase_free_query($q);

    ibase_close();
    echo "end of test\n";    
?>
</body></html>



MODULES: 
--------
 --with-interbase --with-apxs

???? ALL PHP.INI ?????
ok...
[PHP]

;;;;;;;;;;;;;;;;;;;
; About this file ;
;;;;;;;;;;;;;;;;;;;
; This file controls many aspects of PHP's behavior.  In order for PHP to
; read it, it must be named 'php.ini'.  PHP looks for it in the current
; working directory, in the path designated by the environment variable
; PHPRC, and in the path that was defined in compile time (in that order).
; Under Windows, the compile-time path is the Windows directory.  The
; path in which the php.ini file is looked for can be overriden using
; the -c argument in command line mode.
;
; The syntax of the file is extremely simple.  Whitespace and Lines
; beginning with a semicolon are silently ignored (as you probably guessed).
; Section headers (e.g. [Foo]) are also silently ignored, even though
; they might mean something in the future.
;
; Directives are specified using the following syntax:
; directive = value
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
;
; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
;
; Expressions in the INI file are limited to bitwise operators and parentheses:
; |             bitwise OR
; &             bitwise AND
; ~             bitwise NOT
; !             boolean NOT
;
; Boolean flags can be turned on using the values 1, On, True or Yes.
; They can be turned off using the values 0, Off, False or No.
;
; An empty string can be denoted by simply not writing anything after the equal
; sign, or by using the None keyword:
;
;   foo =           ; sets foo to an empty string
;   foo = none      ; sets foo to an empty string
;   foo = "none"    ; sets foo to the string 'none'
;
; If you use constants in your value, and these constants belong to a dynamically
; loaded extension (either a PHP extension or a Zend extension), you may only
; use these constants *after* the line that loads the extension.
;
; All the values in the php.ini-dist file correspond to the builtin
; defaults (that is, if no php.ini is used, or if you delete these lines,
; the builtin defaults will be identical).


;;;;;;;;;;;;;;;;;;;;
; Language Options ;
;;;;;;;;;;;;;;;;;;;;

engine          =   On  ; Enable the PHP scripting language engine under Apache
short_open_tag  =   On  ; allow the <? tag.  otherwise, only <?php and <script> tags are recognized.
asp_tags        =   Off ; allow ASP-style <% %> tags
precision       =   14  ; number of significant digits displayed in floating point numbers
y2k_compliance  =   Off ; whether to be year 2000 compliant (will cause problems with non y2k compliant browsers)
output_buffering    = Off   ; Output buffering allows you to send header lines (including cookies)
                            ; even after you send body content, in the price of slowing PHP's
                            ; output layer a bit.
                            ; You can enable output buffering by in runtime by calling the output
                            ; buffering functions, or enable output buffering for all files
                            ; by setting this directive to On.
implicit_flush      = Off   ; Implicit flush tells PHP to tell the output layer to flush itself
                            ; automatically after every output block.  This is equivalent to
                            ; calling the PHP function flush() after each and every call to print()
                            ; or echo() and each and every HTML block.
                            ; Turning this option on has serious performance implications, and
                            ; is generally recommended for debugging purposes only.
allow_call_time_pass_reference  = On    ; whether to enable the ability to force arguments to be 
                                        ; passed by reference at function-call time.  This method
                                        ; is deprecated, and is likely to be unsupported in future
                                        ; versions of PHP/Zend.  The encouraged method of specifying
                                        ; which arguments should be passed by reference is in the
                                        ; function declaration.  You're encouraged to try and
                                        ; turn this option Off, and make sure your scripts work
                                        ; properly with it, to ensure they will work with future
                                        ; versions of the language (you will receive a warning
                                        ; each time you use this feature, and the argument will
                                        ; be passed by value instead of by reference).

; Safe Mode
safe_mode       =   Off
safe_mode_exec_dir  =
safe_mode_allowed_env_vars = PHP_                   ; Setting certain environment variables
                                                    ; may be a potential security breach.
                                                    ; This directive contains a comma-delimited
                                                    ; list of prefixes.  In Safe Mode, the
                                                    ; user may only alter environment
                                                    ; variables whose names begin with the
                                                    ; prefixes supplied here.
                                                    ; By default, users will only be able
                                                    ; to set environment variables that begin
                                                    ; with PHP_ (e.g. PHP_FOO=BAR).
                                                    ; Note:  If this directive is empty, PHP
                                                    ; will let the user modify ANY environment
                                                    ; variable!
safe_mode_protected_env_vars = LD_LIBRARY_PATH      ; This directive contains a comma-
                                                    ; delimited list of environment variables,
                                                    ; that the end user won't be able to
                                                    ; change using putenv().
                                                    ; These variables will be protected
                                                    ; even if safe_mode_allowed_env_vars is
                                                    ; set to allow to change them.


disable_functions   =                               ; This directive allows you to disable certain
                                                    ; functions for security reasons.  It receives
                                                    ; a comma separated list of function names.
                                                    ; This directive is *NOT* affected by whether
                                                    ; Safe Mode is turned on or off.
                                                    

; Colors for Syntax Highlighting mode.  Anything that's acceptable in <font color=???> would work.
highlight.string    =   #DD0000
highlight.comment   =   #FF8000
highlight.keyword   =   #007700
highlight.bg        =   #FFFFFF
highlight.default   =   #0000BB
highlight.html      =   #000000

; Misc
expose_php  =   On      ; Decides whether PHP may expose the fact that it is installed on the
                        ; server (e.g., by adding its signature to the Web server header).
                        ; It is no security threat in any way, but it makes it possible
                        ; to determine whether you use PHP on your server or not.



;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

max_execution_time = 30     ; Maximum execution time of each script, in seconds
memory_limit = 8388608      ; Maximum amount of memory a script may consume (8MB)


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; error_reporting is a bit-field.  Or each number up to get desired error reporting level
; E_ALL             - All errors and warnings
; E_ERROR           - fatal run-time errors
; E_WARNING         - run-time warnings (non fatal errors)
; E_PARSE           - compile-time parse errors
; E_NOTICE          - run-time notices (these are warnings which often result from a bug in
;                     your code, but it's possible that it was intentional (e.g., using an
;                     uninitialized variable and relying on the fact it's automatically
;                     initialized to an empty string)
; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING    - warnings (non fatal errors) that occur during PHP's initial startup
; E_COMPILE_ERROR   - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non fatal errors)
; E_USER_ERROR      - user-generated error message
; E_USER_WARNING    - user-generated warning message
; E_USER_NOTICE     - user-generated notice message
; Examples:
; error_reporting = E_ALL & ~E_NOTICE                       ; show all errors, except for notices
; error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR    ; show only errors
error_reporting =   E_ALL & ~E_NOTICE       ; Show all errors except for notices
display_errors  =   On  ; Print out errors (as a part of the output)
                        ; For production web sites, you're strongly encouraged
                        ; to turn this feature off, and use error logging instead (see below).
                        ; Keeping display_errors enabled on a production web site may reveal
                        ; security information to end users, such as file paths on your Web server,
                        ; your database schema or other information.
log_errors      =   Off ; Log errors into a log file (server-specific log, stderr, or error_log (below))
                        ; As stated above, you're strongly advised to use error logging in place of
                        ; error displaying on production web sites.
track_errors    =   Off ; Store the last error/warning message in $php_errormsg (boolean)
;error_prepend_string = "<font color=ff0000>"   ; string to output before an error message
;error_append_string = "</font>"                ; string to output after an error message
;error_log  =   filename    ; log errors to specified file
;error_log  =   syslog      ; log errors to syslog (Event Log on NT, not valid in Windows 95)
warn_plus_overloading   =   Off     ; warn if the + operator is used with strings


;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
variables_order     =   "EGPCS" ; This directive describes the order in which PHP registers
                                ; GET, POST, Cookie, Environment and Built-in variables (G, P,
                                ; C, E & S respectively, often referred to as EGPCS or GPC).
                                ; Registration is done from left to right, newer values override
                                ; older values.
register_globals    =   On      ; Whether or not to register the EGPCS variables as global
                                ; variables.  You may want to turn this off if you don't want
                                ; to clutter your scripts' global scope with user data.  This makes
                                ; most sense when coupled with track_vars - in which case you can
                                ; access all of the GPC variables through the $HTTP_*_VARS[],
                                ; variables.
register_argc_argv  =   On      ; This directive tells PHP whether to declare the argv&argc
                                ; variables (that would contain the GET information).  If you
                                ; don't use these variables, you should turn it off for
                                ; increased performance
track_vars          =   On      ; enable the $HTTP_*_VARS[] arrays, where * is one of
                                ; ENV, POST, GET, COOKIE or SERVER.
gpc_order           =   "GPC"   ; This directive is deprecated.  Use variables_order instead.

; Magic quotes
magic_quotes_gpc    =   On      ; magic quotes for incoming GET/POST/Cookie data
magic_quotes_runtime=   Off     ; magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_sybase =   Off     ; Use Sybase-style magic quotes (escape ' with '' instead of \')

; automatically add files before or after any PHP document
auto_prepend_file   =
auto_append_file    =

; As of 4.0b4, PHP always outputs a character encoding by default in
; the Content-type: header.  To disable sending of the charset, simply
; set it to be empty.
; PHP's built-in default is text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"

;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;
include_path    =                   ; UNIX: "/path1:/path2"  Windows: "\path1;\path2"
doc_root        =                   ; the root of the php pages, used only if nonempty
user_dir        =                   ; the directory under which php opens the script using /~username, used only if nonempty
;upload_tmp_dir =                   ; temporary directory for HTTP uploaded files (will use system default if not specified)
upload_max_filesize = 2097152       ; 2 Meg default limit on file uploads
extension_dir   =   ./              ; directory in which the loadable extensions (modules) reside
enable_dl       = On                ; Whether or not to enable the dl() function.
                                    ; The dl() function does NOT properly work in multithreaded
                                    ; servers, such as IIS or Zeus, and is automatically disabled
                                    ; on them.


;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;
; if you wish to have an extension loaded automaticly, use the
; following syntax:  extension=modulename.extension
; for example, on windows,
; extension=msql.dll
; or under UNIX,
; extension=msql.so
; Note that it should be the name of the module only, no directory information 
; needs to go here.  Specify the location of the extension with the extension_dir directive above.


;Windows Extensions
;extension=php_nsmail.dll
;extension=php_calendar.dll
;extension=php_dbase.dll
;extension=php_filepro.dll
;extension=php_gd.dll
;extension=php_dbm.dll
;extension=php_mssql.dll
;extension=php_zlib.dll
;extension=php_filepro.dll
;extension=php_imap4r2.dll
;extension=php_ldap.dll
;extension=php_crypt.dll
;extension=php_msql2.dll
;extension=php_odbc.dll
; Note that MySQL support is now built in, so no dll is needed for it.

;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;

[Syslog]
define_syslog_variables = Off   ; Whether or not to define the various syslog variables,
                                ; e.g. $LOG_PID, $LOG_CRON, etc.  Turning it off is a
                                ; good idea performance-wise.  In runtime, you can define
                                ; these variables by calling define_syslog_variables()


[mail function]
SMTP            =   localhost           ;for win32 only
sendmail_from   =   me@localhost.com    ;for win32 only
;sendmail_path  =                       ;for unix only, may supply arguments as well (default is 'sendmail -t -i')

[Debugger]
debugger.host   =   localhost
debugger.port   =   7869
debugger.enabled    =   False

[Logging]
; These configuration directives are used by the example logging mechanism.
; See examples/README.logging for more explanation.
;logging.method    = db
;logging.directory = /path/to/log/directory

[SQL]
sql.safe_mode   =   Off

[ODBC]
;uodbc.default_db       =   Not yet implemented
;uodbc.default_user     =   Not yet implemented
;uodbc.default_pw       =   Not yet implemented
uodbc.allow_persistent  =   On  ; allow or prevent persistent links
uodbc.check_persistent  =   On  ; check that a connection is still validbefore reuse
uodbc.max_persistent    =   -1  ; maximum number of persistent links. -1 means no limit
uodbc.max_links         =   -1  ; maximum number of links (persistent+non persistent). -1 means no limit
uodbc.defaultlrl    =   4096    ; Handling of LONG fields. Returns number of bytes to variables, 0 means passthru
uodbc.defaultbinmode    =   1   ; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char
; See the documentation on odbc_binmode and odbc_longreadlen for an explanation of uodbc.defaultlrl
; and uodbc.defaultbinmode

[MySQL]
mysql.allow_persistent  =   On  ; allow or prevent persistent link
mysql.max_persistent    =   -1  ; maximum number of persistent links. -1 means no limit
mysql.max_links         =   -1  ; maximum number of links (persistent+non persistent).  -1 means no limit
mysql.default_port      =       ; default port number for mysql_connect().  If unset,
                                ; mysql_connect() will use the $MYSQL_TCP_PORT, or the mysql-tcp
                                ; entry in /etc/services, or the compile-time defined MYSQL_PORT
                                ; (in that order).  Win32 will only look at MYSQL_PORT.
mysql.default_socket    =       ; default socket name for local MySQL connects.  If empty, uses the built-in
                                ; MySQL defaults
mysql.default_host      =       ; default host for mysql_connect() (doesn't apply in safe mode)
mysql.default_user      =       ; default user for mysql_connect() (doesn't apply in safe mode)
mysql.default_password  =       ; default password for mysql_connect() (doesn't apply in safe mode)
                                ; Note that this is generally a *bad* idea to store passwords
                                ; in this file.  *Any* user with PHP access can run
                                ; 'echo cfg_get_var("mysql.default_password")' and reveal that
                                ; password!  And of course, any users with read access to this
                                ; file will be able to reveal the password as well.

[mSQL]
msql.allow_persistent   =   On  ; allow or prevent persistent link
msql.max_persistent     =   -1  ; maximum number of persistent links. -1 means no limit
msql.max_links          =   -1  ; maximum number of links (persistent+non persistent).  -1 means no limit

[PostgresSQL]
pgsql.allow_persistent  =   On  ; allow or prevent persistent link
pgsql.max_persistent    =   -1  ; maximum number of persistent links. -1 means no limit
pgsql.max_links         =   -1  ; maximum number of links (persistent+non persistent).  -1 means no limit

[Sybase]
sybase.allow_persistent =   On  ; allow or prevent persistent link
sybase.max_persistent   =   -1  ; maximum number of persistent links. -1 means no limit
sybase.max_links        =   -1  ; maximum number of links (persistent+non persistent).  -1 means no limit
;sybase.interface_file  =   "/usr/sybase/interfaces"
sybase.min_error_severity   =   10  ; minimum error severity to display
sybase.min_message_severity =   10  ; minimum message severity to display
sybase.compatability_mode   = Off   ; compatability mode with old versions of PHP 3.0.
                                    ; If on, this will cause PHP to automatically assign types to results
                                    ; according to their Sybase type, instead of treating them all as
                                    ; strings.  This compatability mode will probably not stay around
                                    ; forever, so try applying whatever necessary changes to your code,
                                    ; and turn it off.

[Sybase-CT]
sybct.allow_persistent  =   On      ; allow or prevent persistent link
sybct.max_persistent    =   -1      ; maximum number of persistent links. -1 means no limit
sybct.max_links         =   -1      ; maximum number of links (persistent+non persistent).  -1 means no limit
sybct.min_server_severity   =   10  ; minimum server message severity to display
sybct.min_client_severity   =   10  ; minimum client message severity to display

[bcmath]
bcmath.scale    =   0   ; number of decimal digits for all bcmath functions

[browscap]
;browscap   =   extra/browscap.ini

[Informix]
ifx.default_host        =       ; default host for ifx_connect() (doesn't apply in safe mode)
ifx.default_user        =       ; default user for ifx_connect() (doesn't apply in safe mode)
ifx.default_password        =       ; default password for ifx_connect() (doesn't apply in safe mode)
ifx.allow_persistent        =   On  ; allow or prevent persistent link
ifx.max_persistent      =   -1  ; maximum number of persistent links. -1 means no limit
ifx.max_links           =   -1  ; maximum number of links (persistent+non persistent).  -1 means no limit
ifx.textasvarchar       =   0   ; if set on, select statements return the contents of a text blob instead of it's id
ifx.byteasvarchar       =   0   ; if set on, select statements return the contents of a byte blob instead of it's id
ifx.charasvarchar       =   0   ; trailing blanks are stripped from fixed-length char columns. May help the life
                        ; of Informix SE users. 
ifx.blobinfile          =   0   ; if set on, the contents of text&byte blobs are dumped to a file instead of
                        ; keeping them in memory
ifx.nullformat          =   0   ; NULL's are returned as empty strings, unless this is set to 1. In that case,
                        ; NULL's are returned as string 'NULL'.

[Session]
session.save_handler      = files   ; handler used to store/retrieve data
session.save_path         = /tmp    ; argument passed to save_handler
                                    ; in the case of files, this is the
                                    ; path where data files are stored
session.use_cookies       = 1       ; whether to use cookies
session.name              = PHPSESSID  
                                    ; name of the session
                                    ; is used as cookie name
session.auto_start        = 0       ; initialize session on request startup
session.cookie_lifetime   = 0       ; lifetime in seconds of cookie
                                    ; or if 0, until browser is restarted
session.cookie_path       = /       ; the path the cookie is valid for
session.cookie_domain     =         ; the domain the cookie is valid for
session.serialize_handler = php     ; handler used to serialize data
                                    ; php is the standard serializer of PHP
session.gc_probability    = 1       ; percentual probability that the 
                                    ; 'garbage collection' process is started
                                    ; on every session initialization
session.gc_maxlifetime    = 1440    ; after this number of seconds, stored
                                    ; data will be seen as 'garbage' and
                                    ; cleaned up by the gc process
session.referer_check     =         ; check HTTP Referer to invalidate 
                                    ; externally stored URLs containing ids
session.entropy_length    = 0       ; how many bytes to read from the file
session.entropy_file      =         ; specified here to create the session id
; session.entropy_length    = 16
; session.entropy_file      = /dev/urandom
session.cache_limiter     = nocache ; set to {nocache,private,public} to
                                    ; determine HTTP caching aspects
session.cache_expire      = 180     ; document expires after n minutes

[MSSQL]
;extension=php_mssql.dll
mssql.allow_persistent      =   On  ; allow or prevent persistent link
mssql.max_persistent        =   -1  ; maximum number of persistent links. -1 means no limit
mssql.max_links             =   -1  ; maximum number of links (persistent+non persistent).  -1 means no limit
mssql.min_error_severity    =   10  ; minimum error severity to display
mssql.min_message_severity  =   10  ; minimum message severity to display
mssql.compatability_mode    = Off   ; compatability mode with old versions of PHP 3.0.

[Assertion]
;assert.active              =   On  ; assert(expr); active by default
;assert.warning             =   On  ; issue a PHP warning for each failed assertion.
;assert.bail                =   Off ; don't bail out by default.
;assert.callback            =   0   ; user-function to be called if an assertion fails.
;assert.quiet_eval          =   0   ; eval the expression with current error_reporting(). set to true if you want error_reporting(0) around the eval().

[Ingres II]
ii.allow_persistent         =   On  ; allow or prevent persistent link
ii.max_persistent           =   -1  ; maximum number of persistent links. (-1 means no limit)
ii.max_links                =  -1   ; maximum number of links, including persistents (-1 means no limit)
ii.default_database         =       ; default database (format : [node_id::]dbname[/srv_class]
ii.default_user             =       ; default user
ii.default_password         =       ; default password

[Verisign Payflow Pro]
pfpro.defaulthost           =   "test.signio.com"   ; default Signio server
pfpro.defaultport           =   443 ; default port to connect to
pfpro.defaulttimeout        =   30  ; default timeout in seconds

; pfpro.proxyaddress        =       ; default proxy IP address (if required)
; pfpro.proxyport           =       ; default proxy port
; pfpro.proxylogon          =       ; default proxy logon
; pfpro.proxypassword       =       ; default proxy password

; Local Variables:
; tab-width: 4
; End:


zend_optimizer.optimization_level=15
zend_extension="/usr/local/php/Optimizer/ZendOptimizer.so"




Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-10-17 13:52 UTC] jah@php.net
This is hopefully fixed in CVS. Please replace ext/interbase/interbase.c with
http://cvs.php.net/viewcvs.cgi/~checkout~/php4/ext/interbase/interbase.c?rev=1.45
and recompile. And please also tell whether it worked or not...
 [2000-10-27 22:40 UTC] jah@php.net
No feedback, but as 1. is the same problem as in #7117 that was confirmed to
be fixed by reporter, closing. (Not enough information to do anything to 2.)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Oct 30 22:01:28 2024 UTC