|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76665 SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't juggle
Submitted: 2018-07-25 17:25 UTC Modified: 2018-07-26 12:26 UTC
From: Assigned: cmb (profile)
Status: Closed Package: SQLite related
PHP Version: 7.2.8 OS: *
Private report: No CVE-ID: None
 [2018-07-25 17:25 UTC]
If SQLite3Stmt::bindValue() is called with the explicit $type
SQLITE3_FLOAT, and a $value which is not a float, garbage is
written to the database in the best case.

For some reason the respective conversion to double[1] is
commented out since ext/sqlite3 has been moved to php-src (and
actually has been commented out at least since PECL/sqlite3
version 0.3).

[1] <>

Test script:
$db = new SQLite3('memory');
$db->exec("CREATE TABLE foo (bar REAL)");
$stmt = $db->prepare("INSERT INTO foo VALUES (:bar)");
$stmt->bindValue(':bar', 17, SQLITE3_FLOAT);
var_dump($db->querySingle("SELECT bar FROM foo LIMIT 1"));

Expected result:

Actual result:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2018-07-26 09:53 UTC]
You got it, Christoph. Looks like just uncommenting it and adding test should be fine for 7.1.

 [2018-07-26 12:25 UTC]
Automatic comment on behalf of
Log: Fix #76665: SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't juggle
 [2018-07-26 12:25 UTC]
-Status: Open +Status: Closed
 [2018-07-26 12:26 UTC]
-Assigned To: +Assigned To: cmb
 [2018-07-26 12:26 UTC]
Thanks, Anatol!
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat May 18 23:01:31 2024 UTC