php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74996 PDOStatement failed to bindValue with standard_conforming_strings (PostgreSQL)
Submitted: 2017-07-27 10:46 UTC Modified: 2020-11-03 18:21 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: miloslav dot hula at gmail dot com Assigned: cmb (profile)
Status: Duplicate Package: PDO PgSQL
PHP Version: 7.1.7 OS:
Private report: No CVE-ID: None
 [2017-07-27 10:46 UTC] miloslav dot hula at gmail dot com
Description:
------------
PDOStatement failed to bindValue with standard_conforming_strings=on. Setting PDO::ATTR_EMULATE_PREPARES true/false is irrelevant.

Seems to me as a bug during `?` replacing by the `$1` or by the value in emulated prepares mode. In the PostgreSQL log is message:

ERROR:  syntax error at or near "," at character 51
STATEMENT:  INSERT INTO test (col1, col2, col3) VALUES ('\', ?, ' ')

Test script:
---------------
$pdo = new PDO('pgsql:host=localhost;dbname=test', 'test', 'test');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->query('SET standard_conforming_strings TO on');

$stmt = $pdo->prepare("INSERT INTO test (col1, col2, col3) VALUES ('\\', ?, ' ')");
$stmt->bindValue(1, 'x', PDO::PARAM_STR);
$stmt->execute();

# following are successful
$stmt = $pdo->prepare("INSERT INTO test (col1, col2, col3) VALUES ('\\ ', ?, ' ')");
$stmt = $pdo->prepare("INSERT INTO test (col1, col2) VALUES ('\\', ?)");


Actual result:
--------------
Fatal error: Uncaught PDOException: SQLSTATE[42601]: Syntax error: 7 ERROR:  syntax error at or near ","
LINE 1: INSERT INTO test (col1, col2, col3) VALUES ('\', ?, ' ')
                                                          ^ in .../test2.php:11

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-10-24 08:34 UTC] kalle@php.net
-Package: PDO related +Package: PDO PgSQL
 [2020-11-03 18:21 UTC] cmb@php.net
-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb
 [2020-11-03 18:21 UTC] cmb@php.net
This has the same root cause as bug #79276; since that other
ticket has already some discussion and an attached patch, I'm
closing this ticket.  It should be noted though, that this likely
could be fixed on the driver level as well, in which case this
wouldn't be a duplicate.  Still, in my opinion, it is a bug in PDO
core to cater to MySQL's idiosyncracies.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Fri Jul 30 05:01:24 2021 UTC