|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77067 Inserting a BLOB from a stream transforms it to a string
Submitted: 2018-10-26 14:14 UTC Modified: 2020-02-24 07:50 UTC
From: php at bohwaz dot net Assigned:
Status: Open Package: PDO related
PHP Version: 7.3.0RC4 OS: All
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
Solve the problem:
16 - 12 = ?
Subscribe to this entry?

 [2018-10-26 14:14 UTC] php at bohwaz dot net
If passing a stream as a parameter of PDOStatement::bindParam it is transformed to a string which contains the stream contents.

For example this prevents reusing the stream handle to close it properly or to truncate or change the file contents.

Test script:

$pdo = new PDO('sqlite::memory:');
$pdo->exec('CREATE TABLE test (a INTEGER, b BLOB);');

$fp = tmpfile();
fwrite($fp, 'Random stuff!');
fseek($fp, 0);

$stmt = $pdo->prepare('INSERT INTO test VALUES (?, ?);');
$stmt->bindValue(1, 42);
$stmt->bindParam(2, $fp, PDO::PARAM_LOB);



Expected result:

Actual result:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2018-12-05 10:57 UTC] sjon at hortensius dot net
FWIW this isn't necessarily 7.3 specific - it has been like this ever since php 7.0, see
 [2020-02-24 07:50 UTC]
-Package: PDO SQLite +Package: PDO related
 [2020-02-24 07:50 UTC]
The same happens with PDO_MySQL if emulated prepares are disabled.
PDO_ODBC may convert non-string parameters to string.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Apr 16 02:01:29 2024 UTC