#33233 [Bgs]: mysqli_bind_param/simple_xml interaction problem
ID: 33233
User updated by: blockcipher at yahoo dot com
Reported By: blockcipher at yahoo dot com
Status: Bogus
Bug Type: SimpleXML related
Operating System: Windows 2000
PHP Version: 5.0.4
New Comment:
Well, the problem is that in the tutorial on the Zend web site, there
was no indication that you had to cast to a string. Also, I see no
reason that the mysqli_param should change the data type of the data
being fed to it. If nothing else, please make the documentation more
clear and perhaps even fix the tutorial so that it's clearer that you
need to cast to a string.
Previous Comments:
[2005-06-12 14:37:53] [EMAIL PROTECTED]
You need to cast the simplexml text to a string first.
[2005-06-07 21:11:46] blockcipher at yahoo dot com
There was no difference in behavior.
[2005-06-03 21:23:28] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5-STABLE-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php5.0-win32-latest.zip
[2005-06-03 20:14:41] blockcipher at yahoo dot com
Here's a quick test case based on the problem. It demonstrates the
changing of the data type from an object to a string, but not the
crash.
test";
$xmlObj = simplexml_load_string($xmltext);
$tempArray['username'] = $xmlObj->user;
$dbh = new mysqli('localhost','username','password','mysql');
$stmt = $dbh->prepare('select host from user where user = ? LIMIT 1');
print "Before: ";
var_dump($tempArray);
print "Result: ";
$stmt->bind_param('s', $tempArray['username']);
$stmt->execute();
$stmt->bind_result($temp);
$stmt->fetch();
$stmt->close;
print "$tempAfter: ";
var_dump($tempArray);
$dbh->close;
?>
[2005-06-03 16:06:01] blockcipher at yahoo dot com
Description:
It appears that I found an interesting interaction between the
simple_xml library and the mysqli_bind_param function. The values
contained within an XML tag are returned as simple_xml object, not
strings (which is what I inferred from the Zend tutorial.) This had an
adverse side-effect when combined with the mysqli_bind_param function.
Please note that this may affect other functions/libraries as well.
The steps are as follows:
1. Copy the value of an XML element into a variable.
2. Use the element in a prepared mysqli statement, binding it to the
statement as a string.
3. Run the query.
4. Repeat steps 2 and 3, possibly with a different query.
After the bind or perhaps after I was done with the query, the actual
data was changed from a simple_xml object to a very odd looking string.
This would crash the apache web server approximately 80-90% of the time
when accessed.
Original variable data:
["username"]=>
object(SimpleXMLElement)#3 (1) {
[0]=>
string(4) "test"
}
Modified variable data:
["username"]=>
string(64) "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
"
Reproduce code:
---
No code provided since it is being developed for the company I work
for.
--
Edit this bug report at http://bugs.php.net/?id=33233&edit=1
#33233 [Fbk->Opn]: mysqli_bind_param/simple_xml interaction problem
ID: 33233
User updated by: blockcipher at yahoo dot com
Reported By: blockcipher at yahoo dot com
-Status: Feedback
+Status: Open
Bug Type: SimpleXML related
Operating System: Windows 2000
PHP Version: 5.0.4
New Comment:
There was no difference in behavior.
Previous Comments:
[2005-06-03 21:23:28] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5-STABLE-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php5.0-win32-latest.zip
[2005-06-03 20:14:41] blockcipher at yahoo dot com
Here's a quick test case based on the problem. It demonstrates the
changing of the data type from an object to a string, but not the
crash.
test";
$xmlObj = simplexml_load_string($xmltext);
$tempArray['username'] = $xmlObj->user;
$dbh = new mysqli('localhost','username','password','mysql');
$stmt = $dbh->prepare('select host from user where user = ? LIMIT 1');
print "Before: ";
var_dump($tempArray);
print "Result: ";
$stmt->bind_param('s', $tempArray['username']);
$stmt->execute();
$stmt->bind_result($temp);
$stmt->fetch();
$stmt->close;
print "$tempAfter: ";
var_dump($tempArray);
$dbh->close;
?>
[2005-06-03 16:06:01] blockcipher at yahoo dot com
Description:
It appears that I found an interesting interaction between the
simple_xml library and the mysqli_bind_param function. The values
contained within an XML tag are returned as simple_xml object, not
strings (which is what I inferred from the Zend tutorial.) This had an
adverse side-effect when combined with the mysqli_bind_param function.
Please note that this may affect other functions/libraries as well.
The steps are as follows:
1. Copy the value of an XML element into a variable.
2. Use the element in a prepared mysqli statement, binding it to the
statement as a string.
3. Run the query.
4. Repeat steps 2 and 3, possibly with a different query.
After the bind or perhaps after I was done with the query, the actual
data was changed from a simple_xml object to a very odd looking string.
This would crash the apache web server approximately 80-90% of the time
when accessed.
Original variable data:
["username"]=>
object(SimpleXMLElement)#3 (1) {
[0]=>
string(4) "test"
}
Modified variable data:
["username"]=>
string(64) "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
"
Reproduce code:
---
No code provided since it is being developed for the company I work
for.
--
Edit this bug report at http://bugs.php.net/?id=33233&edit=1
#33233 [Opn]: mysqli_bind_param/simple_xml interaction problem
ID: 33233
User updated by: blockcipher at yahoo dot com
Reported By: blockcipher at yahoo dot com
Status: Open
Bug Type: Reproducible crash
Operating System: Windows 2000
PHP Version: 5.0.4
New Comment:
Here's a quick test case based on the problem. It demonstrates the
changing of the data type from an object to a string, but not the
crash.
test";
$xmlObj = simplexml_load_string($xmltext);
$tempArray['username'] = $xmlObj->user;
$dbh = new mysqli('localhost','username','password','mysql');
$stmt = $dbh->prepare('select host from user where user = ? LIMIT 1');
print "Before: ";
var_dump($tempArray);
print "Result: ";
$stmt->bind_param('s', $tempArray['username']);
$stmt->execute();
$stmt->bind_result($temp);
$stmt->fetch();
$stmt->close;
print "$tempAfter: ";
var_dump($tempArray);
$dbh->close;
?>
Previous Comments:
[2005-06-03 19:53:15] blockcipher at yahoo dot com
Thank you for your quick reply. I will try to produce some example
code, however I don't know of any other function except the
mysqli_bind_param function that this error occurs with. Most likely,
I'll create a short script that can use know mysql tables.
[2005-06-03 16:09:23] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
[2005-06-03 16:06:01] blockcipher at yahoo dot com
Description:
It appears that I found an interesting interaction between the
simple_xml library and the mysqli_bind_param function. The values
contained within an XML tag are returned as simple_xml object, not
strings (which is what I inferred from the Zend tutorial.) This had an
adverse side-effect when combined with the mysqli_bind_param function.
Please note that this may affect other functions/libraries as well.
The steps are as follows:
1. Copy the value of an XML element into a variable.
2. Use the element in a prepared mysqli statement, binding it to the
statement as a string.
3. Run the query.
4. Repeat steps 2 and 3, possibly with a different query.
After the bind or perhaps after I was done with the query, the actual
data was changed from a simple_xml object to a very odd looking string.
This would crash the apache web server approximately 80-90% of the time
when accessed.
Original variable data:
["username"]=>
object(SimpleXMLElement)#3 (1) {
[0]=>
string(4) "test"
}
Modified variable data:
["username"]=>
string(64) "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
"
Reproduce code:
---
No code provided since it is being developed for the company I work
for.
--
Edit this bug report at http://bugs.php.net/?id=33233&edit=1
#33233 [Fbk->Opn]: mysqli_bind_param/simple_xml interaction problem
ID: 33233
User updated by: blockcipher at yahoo dot com
Reported By: blockcipher at yahoo dot com
-Status: Feedback
+Status: Open
Bug Type: Reproducible crash
Operating System: Windows 2000
PHP Version: 5.0.4
New Comment:
Thank you for your quick reply. I will try to produce some example
code, however I don't know of any other function except the
mysqli_bind_param function that this error occurs with. Most likely,
I'll create a short script that can use know mysql tables.
Previous Comments:
[2005-06-03 16:09:23] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
[2005-06-03 16:06:01] blockcipher at yahoo dot com
Description:
It appears that I found an interesting interaction between the
simple_xml library and the mysqli_bind_param function. The values
contained within an XML tag are returned as simple_xml object, not
strings (which is what I inferred from the Zend tutorial.) This had an
adverse side-effect when combined with the mysqli_bind_param function.
Please note that this may affect other functions/libraries as well.
The steps are as follows:
1. Copy the value of an XML element into a variable.
2. Use the element in a prepared mysqli statement, binding it to the
statement as a string.
3. Run the query.
4. Repeat steps 2 and 3, possibly with a different query.
After the bind or perhaps after I was done with the query, the actual
data was changed from a simple_xml object to a very odd looking string.
This would crash the apache web server approximately 80-90% of the time
when accessed.
Original variable data:
["username"]=>
object(SimpleXMLElement)#3 (1) {
[0]=>
string(4) "test"
}
Modified variable data:
["username"]=>
string(64) "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
"
Reproduce code:
---
No code provided since it is being developed for the company I work
for.
--
Edit this bug report at http://bugs.php.net/?id=33233&edit=1
#33233 [NEW]: mysqli_bind_param/simple_xml interaction problem
From: blockcipher at yahoo dot com
Operating system: Windows 2000
PHP version: 5.0.4
PHP Bug Type: Reproducible crash
Bug description: mysqli_bind_param/simple_xml interaction problem
Description:
It appears that I found an interesting interaction between the simple_xml
library and the mysqli_bind_param function. The values contained within
an XML tag are returned as simple_xml object, not strings (which is what I
inferred from the Zend tutorial.) This had an adverse side-effect when
combined with the mysqli_bind_param function. Please note that this may
affect other functions/libraries as well.
The steps are as follows:
1. Copy the value of an XML element into a variable.
2. Use the element in a prepared mysqli statement, binding it to the
statement as a string.
3. Run the query.
4. Repeat steps 2 and 3, possibly with a different query.
After the bind or perhaps after I was done with the query, the actual data
was changed from a simple_xml object to a very odd looking string. This
would crash the apache web server approximately 80-90% of the time when
accessed.
Original variable data:
["username"]=>
object(SimpleXMLElement)#3 (1) {
[0]=>
string(4) "test"
}
Modified variable data:
["username"]=>
string(64) "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
"
Reproduce code:
---
No code provided since it is being developed for the company I work for.
--
Edit bug report at http://bugs.php.net/?id=33233&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=33233&r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=33233&r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=33233&r=trysnapshot51
Fixed in CVS:http://bugs.php.net/fix.php?id=33233&r=fixedcvs
Fixed in release:http://bugs.php.net/fix.php?id=33233&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=33233&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=33233&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=33233&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=33233&r=support
Expected behavior: http://bugs.php.net/fix.php?id=33233&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=33233&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=33233&r=submittedtwice
register_globals:http://bugs.php.net/fix.php?id=33233&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=33233&r=php3
Daylight Savings:http://bugs.php.net/fix.php?id=33233&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=33233&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=33233&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=33233&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=33233&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=33233&r=mysqlcfg
