ID: 35368 Comment by: SGSHJ at EJK dot COM Reported By: lists at cyberlot dot net Status: Suspended Bug Type: PDO related Operating System: * PHP Version: 6CVS, 5CVS Assigned To: wez New Comment:
<p>I think I will try to recommend this post to my friends and family, cuz it¡¯s really helpful.<br /><a href="http://www.mytobling.com/">Uggs on sale</a></p> Previous Comments: ------------------------------------------------------------------------ [2009-10-22 03:53:15] 1 at yahoo dot com http://www.hotuggsale.co.uk/ugg-sandals/black-halendi-ugg-sandals.html Black Halendi Ugg Sandals ttp://www.hotuggsale.co.uk/classic-mini-ugg-boots/chestnut-classic-mini-ugg-boots.html Chestnut Classic Mini Ugg Boots http://www.hotuggsale.co.uk/infants-erin-ugg-boots/baby-pink-infants-erin-ugg-boots.html Baby Pink Infants Erin Ugg Boots ------------------------------------------------------------------------ [2009-10-21 08:20:41] joycesharing at yahoo dot cn <strong><a href="http://www.cheapugg2sale.com/">UGG</a></strong> <strong><a href="http://www.cheapugg2sale.com/">UGG Boots</a></strong> <strong><a href="http://www.cheapugg2sale.com/">UGGS</a></strong> <strong><a href="http://www.cheapugg2sale.com/">Cheap UGG Boots</a></strong> <strong><a href="http://www.cheapugg2sale.com/">Discount UGG Boots</a></strong> ------------------------------------------------------------------------ [2005-11-27 22:11:06] w...@php.net We managed to reproduce the problem; it's a problem with the query rewriter when it maps :name to ?. If the string is embedded in the SQL using single quotes, but has double quotes backslashed, the string it too tricky for the parser to follow, and it ends up transforming parts of the serialized string that it shouldn't. There are three possible workarounds for this issue, in order of preference: - Don't embed serialized data into the query string; use bound parameters (that's what they're there for). In future versions of PDO, prepared statements may be cacheable in persistent connections, leading to a performance gain. - Use PDO::quote() to correctly quote the string - Use PDO::exec() to fire off this UPDATE/INSERT statement; it uses an alternate API that doesn't need to handle parameters. ------------------------------------------------------------------------ [2005-11-25 16:40:35] tony2...@php.net This is fixed in CVS, get a fresh snapshot and try again. ------------------------------------------------------------------------ [2005-11-25 16:32:07] lists at cyberlot dot net To try and narrow this down and be able to play with the code more I recompiled PHP 5.1 without pdo support then compiled seperate modules however I could not get pdo_mysql to compile. I phpized ./configure and make and get the following error checking for MySQL support for PDO... yes, shared checking for mysql_config... /usr/bin/mysql_config checking for mysql_query... no configure: error: mysql_query missing!? Might be related? So I forced a install of pdo_mysql RC2 The bug goes away, Same exact script but everything is working... So its either a diffrence between pdo_mysql RC2 or some wierd issue with shared vs compiled in. I hope that helps somehow? ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/35368 -- Edit this bug report at http://bugs.php.net/?id=35368&edit=1