ID: 48290 Comment by: kexianbin at diyism dot com Reported By: kexianbin at diyism dot com Status: Open Bug Type: Feature/Change Request Operating System: Irrelevant PHP Version: 5.3.0RC2 New Comment:
You will say to use PDO, but these code is so ugly: $sql=$pdo->prepare("select * from sem_SearchChangeShow where Keyword=:Keyword and BatchNum=:BatchNum and OldChannelID=:ApvChannelID_old and OldCategoryID=:ApvCategoryID_old "); $sql->execute(array(':Keyword'=>$v['Keyword'], ':BatchNum'=>$v['BatchNum'], ':ApvChannelID_old'=>$v['ApvChannelID_old'], ':ApvCategoryID_old'=>$v['ApvCategoryID_old'] ) ); $tmp=$sql->fetch(PDO::FETCH_ASSOC); Previous Comments: ------------------------------------------------------------------------ [2009-05-15 05:49:52] kexianbin at diyism dot com Description: ------------ Provide a function to get variables from caller scope. I knew ticket 47454, 40339, 34210 are similar, but this is indeed a useful function that was overlooked. Reproduce code: --------------- Currently: $name="myname"; $value="lk,jdsk'jlkjdf"; function safe($sql) {$sql=strtr($sql, array('"'=>'\"', '\\'=>'\\\\')); return 'return "'.preg_replace(array('/\{#(.*?)\}/'), array('".addslashes($\1)."'), $sql).'";'; } $sql="insert into z_test (name, value) values ('{$name}', '{#value}')"; mysql_query(eval(safe($sql))); If we have function get_caller_vars() in caller's scope: (similar to get_defined_vars() in current scope) $name="myname"; $value="lk,jdsk'jlkjdf"; function mysql_query_safe($sql) {extract(get_caller_vars()); $sql=strtr($sql, array('"'=>'\"', '\\'=>'\\\\')); return 'return "'.preg_replace(array('/\{#(.*?)\}/'), array('".addslashes($\1)."'), $sql).'";'; $sql=eval($sql); mysql_query($sql); } $sql="insert into z_test (name, value) values ('{$name}', '{#value}')"; mysql_query_safe($sql); Expected result: ---------------- We have a function to get variables in caller scope. Actual result: -------------- No such function. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=48290&edit=1