#44251 [NEW]: Question mark and an escaped singel quote lead to an exception

Tue, 26 Feb 2008 03:11:25 -0800 

From:             om at viazenetti dot de
Operating system: Linux
PHP version:      5.2.5
PHP Bug Type:     PDO related
Bug description:  Question mark and an escaped singel quote lead to an exception

Description:
------------
If a question mark and an escaped singel quote appear in a where statement
as value, the PDO method prepare tries to bind a value to the question
mark.

Because no values are passed, pdo throws an exception (Only tested with
where statements):

PDOStatement::execute() [function.PDOStatement-execute]: SQLSTATE[HY093]:
Invalid parameter number: no parameters were bound in

Reproduce code:
---------------
<?php

    $db  = new PDO('mysql:host=localhost;dbname=DATABASE', 'USER',
'PASSWORD');
    $sth = $db->prepare("SELECT * FROM `TABLE` WHERE (login = '?\'')");

    $sth->execute();

    var_dump($sth->fetch());

Expected result:
----------------
Array or false

Actual result:
--------------
Exception: PDOStatement::execute() [function.PDOStatement-execute]:
SQLSTATE[HY093]: Invalid parameter number: no parameters were bound in

-- 
Edit bug report at http://bugs.php.net/?id=44251&edit=1
-- 
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=44251&r=trysnapshot52
Try a CVS snapshot (PHP 5.3): 
http://bugs.php.net/fix.php?id=44251&r=trysnapshot53
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=44251&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=44251&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=44251&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=44251&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=44251&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=44251&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=44251&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=44251&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=44251&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=44251&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=44251&r=globals
PHP 4 support discontinued:   http://bugs.php.net/fix.php?id=44251&r=php4
Daylight Savings:             http://bugs.php.net/fix.php?id=44251&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=44251&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=44251&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=44251&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=44251&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=44251&r=mysqlcfg

Reply via email to