ID: 44251
Comment by: tsteiner at nerdclub dot net
Reported By: om at viazenetti dot de
Status: Open
Bug Type: PDO related
Operating System: Linux
PHP Version: 5.2.5
New Comment:
This bug is a direct result of the fix for Bug #36798.
The patch for that bug removed code in the parser that would ignore an
escaped quote when inside of quotes (ie: "foo\"bar" or 'foo\'bar').
This causes the parser to think it has found the end of quoted text,
when it has not. Because of this, ? characters after an escaped quote
are treated as placeholders. Additionally, I have found it causes the
parser to parse beyond the end of the query and into unknown memory
contents.
It looks like Bug #36798 needs to be reopened!
Previous Comments:
------------------------------------------------------------------------
[2008-02-26 11:11:13] om at viazenetti dot de
Description:
------------
If a question mark and an escaped singel quote appear in a where
statement as value, the PDO method prepare tries to bind a value to the
question mark.
Because no values are passed, pdo throws an exception (Only tested with
where statements):
PDOStatement::execute() [function.PDOStatement-execute]:
SQLSTATE[HY093]: Invalid parameter number: no parameters were bound in
Reproduce code:
---------------
<?php
$db = new PDO('mysql:host=localhost;dbname=DATABASE', 'USER',
'PASSWORD');
$sth = $db->prepare("SELECT * FROM `TABLE` WHERE (login =
'?\'')");
$sth->execute();
var_dump($sth->fetch());
Expected result:
----------------
Array or false
Actual result:
--------------
Exception: PDOStatement::execute() [function.PDOStatement-execute]:
SQLSTATE[HY093]: Invalid parameter number: no parameters were bound in
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=44251&edit=1
