Description: ------------ Using prepare() on a query such as UPDATE user SET User='a\'b:+c' results in the whole of the string after 'b' being replaced by a single question mark. The problem is that the MySQL driver's value for $string_quoting is an array. The building of $ignores at the start of _skipDelimitedStrings results in array ( 'start' => '\'', 'end' => '\'', 'escape' => '\\', 'escape_pattern' => '\\', 0 => array ( 'start' => '`', 'end' => '`', 'escape' => '`', ), ... ) foreach ($ignores as $ignore) then gets '\'' as its first value for $ignore. This results in $ignore['escape'] being '\''. This results in prepare only skipping as far as the first apostrophe, because it's treated as unescaped. This results in modifyQuery() treating the colon as a placeholder. The + then seems to result in the remainder of the string being truncated. Test script: --------------- require_once 'MDB2.php'; $dsn='mysql://user:password@localhost/mysql'; $dbh = MDB2::connect($dsn, $db_options); if (MDB2::isError($dbh)) die($dbh->getMessage()); $q = $dbh->prepare("UPDATE user SET User='a\'b:+c'", null, MDB2_PREPARE_MANIP); if ($dbh->isError($q)) die($q->userinfo); echo("Test passed"); Expected result: ---------------- I expect the text "Test passed" Actual result: -------------- _doQuery: [Error message: Could not execute statement] [Last executed query: PREPARE mdb2_statement_mysql_1c2b48e2af2a575aff97b07a6b431d346f59b551e FROM 'UPDATE user SET User=\'a\\\'b?'] [Native code: 1064] [Native message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''a\'b?' at line 1]

Added patch skip_delimited_strings_fix_quoting_array.

The attached patch fixes the problem for me.

This bug should probably be marked as a duplicate of 16973.

This bug has been fixed in SVN. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better.