Description: ------------ prepare doesn't allow a way to escape the placeholders within the query string. Reproduce code: --------------- $compiled = $db->prepare("SELECT * FROM grades WHERE COURSE='Speech \& Debate'"); $result = $dbh->execute($compiled); Expected result: ---------------- (nothing) Actual result: -------------- DB Error: insufficient data supplied Backtrace: [0]=> array(5) { ["file"]=> string(24) "/disk/web/lib/php/DB.php" ["line"]=> int(642) ["function"]=> string(10) "pear_error" ["class"]=> string(8) "db_error" ["type"]=> string(2) "->" } [1]=> array(5) { ["file"]=> string(26) "/disk/web/lib/php/PEAR.php" ["line"]=> int(525) ["function"]=> string(8) "db_error" ["class"]=> string(8) "db_error" ["type"]=> string(2) "->" } [2]=> array(5) { ["file"]=> string(31) "/disk/web/lib/php/DB/common.php" ["line"]=> int(298) ["function"]=> string(10) "raiseerror" ["class"]=> string(4) "pear" ["type"]=> string(2) "::" } [3]=> array(5) { ["file"]=> string(31) "/disk/web/lib/php/DB/common.php" ["line"]=> int(608) ["function"]=> string(10) "raiseerror" ["class"]=> string(8) "db_mysql" ["type"]=> string(2) "->" } [4]=> array(5) { ["file"]=> string(31) "/disk/web/lib/php/DB/common.php" ["line"]=> int(559) ["function"]=> string(19) "executeemulatequery" ["class"]=> string(8) "db_mysql" ["type"]=> string(2) "->" }

Using PEAR DB version >= 1.6.0 your code works fine. Though do note that your example uses $db to prepare and $dbh to execute, so I changed the execute line to: $result = $db->execute($compiled);