Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 2.5.0b5

Bug #8538 single quotes in prepared query cause syntax error
Submitted: 2006-08-22 21:57 UTC
From: astle at lexi dot net Assigned: lsmith
Status: Closed Package: MDB2 (version 2.2.1)
PHP Version: 5.1.4 OS: irrelevant
Roadmaps: (Not assigned)    
Subscription  


 [2006-08-22 21:57 UTC] astle at lexi dot net (William Astle)
Description: ------------ Using the mysqli driver and the prepare/execute method of doing a query fails if the prepared query has single quotes in it. Rewriting the query to parameterize the single-quoted constant allows the query to work as expected. It should not be required to parameterize a constant in a query. Test script: --------------- # Assuming a working connection in $db: $sth = $db -> prepare("SELECT * FROM table WHERE column = 'value' AND othercolumn = ?"); Expected result: ---------------- A usable statement object in $sth Actual result: -------------- An error object indicating a "syntax error".

Comments

 [2006-08-23 06:21 UTC] User who submitted this comment has not confirmed identity
If you submitted this note, check your email.If you do not have a message, click here to re-send
MANUAL CONFIRMATION IS NOT POSSIBLE.  Write a message to pear-dev@lists.php.net
to request the confirmation link.  All bugs/comments/patches associated with this

email address will be deleted within 48 hours if the account request is not confirmed!