From: spaze-bugs at exploited dot cz Operating system: PHP version: 5.1.1 PHP Bug Type: PDO related Bug description: MySQL driver quotes strings incorrectly with ANSI SQL mode
Description: ------------ I'm running MySQL in ANSI SQL mode [1], which includes the ANSI_QUOTES mode. That means /Treat " as an identifier quote character (like the ` quote character) and not as a string quote character./ When I use ie. prepared statements I get these queries in the general query log INSERT INTO "t_images" ("hash", "width", "height", "imageformat_id") VALUES ("ff2204530628d3c589843ef0b37d344a", "500", "500", NULL) Which is bad, the strings (the hash) in the VALUES (...) section should be quoted by the ' character. Don't know what would be the best solution, but I think some documented MySQL specific PDO attribute would be Ok. Thanks for reviewing this issue. [1] http://dev.mysql.com/doc/refman/4.1/en/server-sql-mode.html Reproduce code: --------------- $dbh = new PDO('mysql:host=mysql41;dbname=test', 'root', ''); $dbh->exec("SET SESSION sql_mode='ANSI'"); echo $dbh->quote('foo'); Expected result: ---------------- 'foo' Actual result: -------------- "foo" -- Edit bug report at http://bugs.php.net/?id=35795&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=35795&r=trysnapshot44 Try a CVS snapshot (PHP 5.1): http://bugs.php.net/fix.php?id=35795&r=trysnapshot51 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=35795&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=35795&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=35795&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=35795&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=35795&r=needscript Try newer version: http://bugs.php.net/fix.php?id=35795&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=35795&r=support Expected behavior: http://bugs.php.net/fix.php?id=35795&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=35795&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=35795&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=35795&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=35795&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=35795&r=dst IIS Stability: http://bugs.php.net/fix.php?id=35795&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=35795&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=35795&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=35795&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=35795&r=mysqlcfg