From: denis dot gasparin at edistar dot com Operating system: Linux PHP version: 5.3.20 Package: PDO related Bug Type: Bug Bug description:Incorrect escape of query when using PDO::ATTR_EMULATE_PREPARES
Description: ------------ I have a table with two varchar fields: create table test( a varchar, b varchar ); When I execute an insert query where the following conditions are met: - the first field contains a string like this \\''a - the second field containts a ? character - the PDO attribute PDO::ATTR_EMULATE_PREPARES is passed to PDO::prepare method I get the following error: Invalid parameter number: no parameters were bound in php shell code on line 1 I don't know if the problem is bound to postgresql databases only or other ones. Test script: --------------- $db = new PDO("pgsql:host=localhost;port=5432;dbname=test;"); $sql = "insert into test values ('\\''a','?')"; $res = $db->prepare($sql,array(PDO::PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT => 1)); $res->execute(); Expected result: ---------------- The query should be executed correctly Actual result: -------------- Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: no parameters were bound in php shell code on line 1 -- Edit bug report at https://bugs.php.net/bug.php?id=63972&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=63972&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=63972&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=63972&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=63972&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=63972&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=63972&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=63972&r=needscript Try newer version: https://bugs.php.net/fix.php?id=63972&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=63972&r=support Expected behavior: https://bugs.php.net/fix.php?id=63972&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=63972&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=63972&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=63972&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63972&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=63972&r=dst IIS Stability: https://bugs.php.net/fix.php?id=63972&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=63972&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=63972&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=63972&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=63972&r=mysqlcfg