php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80358 PostgreSQL PDOStatement broke json after '\'
Submitted: 2020-11-13 11:51 UTC Modified: 2020-11-13 12:34 UTC
From: toxbyte at gmail dot com Assigned: cmb (profile)
Status: Duplicate Package: PDO PgSQL
PHP Version: 7.4.12 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: toxbyte at gmail dot com
New email:
PHP Version: OS:

 

 [2020-11-13 11:51 UTC] toxbyte at gmail dot com
Description:
------------
$pdo->exec($focusSql); // works correct
$pdo->prepare($focusSql)->execute(); // error

Test script:
---------------
$focusSql = <<<'SQL'
    select '\', '{"x":1}'::jsonb
SQL;

$pdo->exec($focusSql) !== false and print("1 OK\n");

$pdo->prepare(<<<'SQL'
    select '\\', '{"x":1}'::jsonb
SQL)->execute() and print("2 OK\n");

$pdo->prepare(<<<'SQL'
    select '\', '{"x":"foo"}'::jsonb
SQL)->execute() and print("3 OK\n");

$pdo->prepare(<<<'SQL'
    select '\', '{"x":1}'
SQL)->execute() and print("4 OK\n");

$pdo->prepare($focusSql)->execute() and print("5 OK\n");

Expected result:
----------------
1 OK
2 OK
3 OK
4 OK
5 OK

Actual result:
--------------
1 OK
2 OK
3 OK
4 OK
PDOException: SQLSTATE[22P02]: Invalid text representation: 7 ERROR:  invalid input syntax for type json
LINE 1:     select '\', '{"x"$1}'::jsonb
                        ^
DETAIL:  Token "$" is invalid.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-11-13 12:34 UTC] cmb@php.net
-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb
 [2020-11-13 12:34 UTC] cmb@php.net
Duplicate of bug #79276.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Nov 27 09:03:13 2021 UTC