Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.9.3

Bug #1099 db_common->prepare() doesn't allow escaped ?&!
Submitted: 2004-03-30 21:46 UTC
From: wingetr at cs dot byuh dot edu Assigned: danielc
Status: Bogus Package: DB
PHP Version: 4.3.4 OS: Fedora Core 1 (linux)
Roadmaps: (Not assigned)    
Subscription  


 [2004-03-30 21:46 UTC] wingetr at cs dot byuh dot edu
Description: ------------ prepare doesn't allow a way to escape the placeholders within the query string. Reproduce code: --------------- $compiled = $db->prepare("SELECT * FROM grades WHERE COURSE='Speech \& Debate'"); $result = $dbh->execute($compiled); Expected result: ---------------- (nothing) Actual result: -------------- DB Error: insufficient data supplied Backtrace: [0]=> array(5) { ["file"]=> string(24) "/disk/web/lib/php/DB.php" ["line"]=> int(642) ["function"]=> string(10) "pear_error" ["class"]=> string(8) "db_error" ["type"]=> string(2) "->" } [1]=> array(5) { ["file"]=> string(26) "/disk/web/lib/php/PEAR.php" ["line"]=> int(525) ["function"]=> string(8) "db_error" ["class"]=> string(8) "db_error" ["type"]=> string(2) "->" } [2]=> array(5) { ["file"]=> string(31) "/disk/web/lib/php/DB/common.php" ["line"]=> int(298) ["function"]=> string(10) "raiseerror" ["class"]=> string(4) "pear" ["type"]=> string(2) "::" } [3]=> array(5) { ["file"]=> string(31) "/disk/web/lib/php/DB/common.php" ["line"]=> int(608) ["function"]=> string(10) "raiseerror" ["class"]=> string(8) "db_mysql" ["type"]=> string(2) "->" } [4]=> array(5) { ["file"]=> string(31) "/disk/web/lib/php/DB/common.php" ["line"]=> int(559) ["function"]=> string(19) "executeemulatequery" ["class"]=> string(8) "db_mysql" ["type"]=> string(2) "->" }

Comments

 [2004-03-30 23:10 UTC] danielc
Using PEAR DB version >= 1.6.0 your code works fine. Though do note that your example uses $db to prepare and $dbh to execute, so I changed the execute line to: $result = $db->execute($compiled);