From:
Operating system: linux
PHP version: 5.3.10
Package: PDO related
Bug Type: Bug
Bug description:PDO complain about Invalid parameter number
Description:
------------
The query
INSERT INTO $table VALUES (\"first value\");
-- dam'd quote
INSERT INTO $table VALUES (\"foo : ba'r \"),
(\"foo.:bar\");
Throws
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter
number: no parameters were bound
But doesn't
- without first query before comment
- without comment
- with escaped quote
- with space after last colon
Test script:
---------------
// This query doesn't work
$q1 = "INSERT INTO $table VALUES (\"first value\");
-- dam'd quote
INSERT INTO $table VALUES (\"foo : ba'r \"),
(\"foo.:bar\"); ";
// But all these doesn't have any pb
$q2 = "-- dam'd quote
INSERT INTO $table VALUES (\"foo : ba'r \"),
(\"foo.:bar\"); "; // without first one (before comment)
$q3 = "INSERT INTO $table VALUES (\"first value\");
INSERT INTO $table VALUES (\"foo : ba'r \"),
(\"foo.:bar\"); "; // without comment
$q4 = "INSERT INTO $table VALUES (\"first value\");
-- dam'd quote
INSERT INTO $table VALUES (\"foo : ba\'r \"),
(\"foo.:bar\"); "; // with escaped quote
$q5 = "INSERT INTO $table VALUES (\"first value\");
-- dam'd quote
INSERT INTO $table VALUES (\"foo : ba'r \"),
(\"foo.: bar\"); "; // with space after last colon
try {
$pdo = new PDO($dsn, $user, $pass, $options);
$stmt = $pdo->prepare($query);
$stmt->execute();
}
catch (Exception $e) {
echo "Failed : " .$e->getMessage();
}
Expected result:
----------------
No warning
Actual result:
--------------
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter
number: no parameters were bound
--
Edit bug report at https://bugs.php.net/bug.php?id=61327&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=61327&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=61327&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=61327&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=61327&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=61327&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=61327&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=61327&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=61327&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=61327&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=61327&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=61327&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=61327&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=61327&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=61327&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=61327&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=61327&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=61327&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=61327&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=61327&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=61327&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=61327&r=mysqlcfg
