ID: 44998 Comment by: djneoform at gmail dot com Reported By: djneoform at gmail dot com Status: Open Bug Type: MySQLi related Operating System: Win2003 Standard PHP Version: 5.2.6 Assigned To: andrey New Comment:
Results: TEST STRING LENGTH: 51 RETURNED STRING LENGTH: 100 Previous Comments: ------------------------------------------------------------------------ [2008-07-24 14:19:36] djneoform at gmail dot com http://phpneoform.com/error.php Here's this script running on a win2k3 server with PHP 5.2.6 and mysql 5.0.62 <?php $mysqli = new mysqli('localhost', 'xxx', 'xxx', 'xxx'); $mysqli->query("DROP TABLE IF EXISTS `test_table`"); $mysqli->query(" CREATE TABLE `test_table` ( `id` int(10) unsigned NOT NULL auto_increment, `name` binary(100) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; "); $str = str_repeat('A', 25).chr(0x0).str_repeat('B', 25); echo "TEST STRING LENGTH: ".strlen($str)."<br />\n"; $mysqli->query(" INSERT INTO `test_table` SET `name` = '".$mysqli->real_escape_string($str)."' "); $id = $mysqli->insert_id; $result = $mysqli->query(" SELECT name FROM `test_table` WHERE id = '".intval($id)."' "); $result = $result->fetch_object(); echo "RETURNED STRING LENGTH: ".strlen($result->name)."<br />\n"; ?> ------------------------------------------------------------------------ [2008-07-24 13:37:53] [EMAIL PROTECTED] Hi, Do you still experience it? Can you reproduce it with a simple script? Can you provide a dump or just the data, index + frm, considering you are using MyISAM? ------------------------------------------------------------------------ [2008-07-14 18:16:27] djneoform at gmail dot com I was using v.5.0.51b 64bit (win2k3) at the time. Right now I'm using a compiled version of the enterprise code, 5.0.62 from apachelounge.com. When I do an insert a value: mysqli_real_escape_string('foo'.chr(0x0).'bar') all i see in the table after is "foo" maybe this is a windows only issue? ------------------------------------------------------------------------ [2008-07-14 17:58:38] [EMAIL PROTECTED] What MySQL version are you using? Interesting find. The mysqli_real_escape_string test does play with \0: if ("foo\\0bar" !== ($tmp = mysqli_real_escape_string($link, "foo" . chr(0) . "bar"))) printf("[009] Expecting %s, got %s\n", "foo\\0bar", $tmp); But it does not try to insert/fetch such a string. Of course it works fine with PHP 5.3 and a recent MySQL and on Linux... ------------------------------------------------------------------------ [2008-05-15 16:52:47] djneoform at gmail dot com I'm able to get around this problem by replacing 0x0 chars with 0x1 prior to passing the string to mysqli_real_escape_string(), however this damages the integrity of the binary string. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/44998 -- Edit this bug report at http://bugs.php.net/?id=44998&edit=1
