php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76917 Binding parameters not sending full value
Submitted: 2018-09-21 20:09 UTC Modified: 2018-09-21 21:13 UTC
From: ghudson at dorothylane dot com Assigned: cmb (profile)
Status: Not a bug Package: ODBC related
PHP Version: 7.1.22 OS: Windows Server 2012 R2 Standard
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ghudson at dorothylane dot com
New email:
PHP Version: OS:

 

 [2018-09-21 20:09 UTC] ghudson at dorothylane dot com
Description:
------------
Using: ODBC Driver "SQL Server native Client 11.0", SQL Server 12.0.5579.0
When using a binding parameter to pass a value into an ENCRYPTBYPASSPHRASE statement, the value sent is consistently truncated to only the first character. This is true for all alphanumeric inputs. The Value field used in the example is of the type VARBINARY(80)

Test script:
---------------
$pass = "The Pa$$phrase";
$value = "1234567890123456";
$dbh = odbc_connect("Driver={SQl Server Native Client 
 11.0};Server=Database2;Database=Playground", "user", "password") or die('Something went wrong while connecting to MSSQL');

$insert = odbc_prepare($dbh, "
    INSERT INTO BindTests(Value)
    VALUES(ENCRYPTBYPASSPHRASE('".$pass."', ?))
");
odbc_execute($insert, array($value));
// Same Results
$insert = odbc_prepare($dbh, "
    INSERT INTO BindTests(Value)
    VALUES(ENCRYPTBYPASSPHRASE('The Pa$$phrase', ?))
");
odbc_execute($insert, array($value));

Expected result:
----------------
SELECT ID, CAST(DECRYPTBYPASSPHRASE('The Pa$$phrase'), Value) AS VARCHAR(40))
FROM BindTests

--------------
ID       Value
1        1234567890123456
2        1234567890123456

Actual result:
--------------
SELECT ID, CAST(DECRYPTBYPASSPHRASE('The Pa$$phrase'), Value) AS VARCHAR(40))
FROM BindTests

--------------
ID       Value
1        1
2        1

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-09-21 20:35 UTC] ghudson at dorothylane dot com
-Status: Open +Status: Closed
 [2018-09-21 20:35 UTC] ghudson at dorothylane dot com
Redacting this bug report, because in my haste to figure this out, I didn't even try the same commands in a different language. Just encountered the same issue in Perl.
 [2018-09-21 21:12 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 [2018-09-21 21:13 UTC] cmb@php.net
-Status: Closed +Status: Not a bug
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Feb 28 03:01:27 2020 UTC