pg_send_query_params converts all elements in 'params' to strings
| Bug #43279 | pg_send_query_params converts all elements in 'params' to strings | ||||
|---|---|---|---|---|---|
| Submitted: | 2007-11-13 17:51 UTC | Modified: | 2007-11-13 20:08 UTC | ||
| From: | TheRealAL at gmail dot com | Assigned: | |||
| Status: | Closed | Package: | PostgreSQL related | ||
| PHP Version: | 5.2.5 | OS: | Debian GNU/Linux | ||
| Private report: | No | CVE-ID: | None | ||
[2007-11-13 17:51 UTC] TheRealAL at gmail dot com
Description:
------------
Is seems pg_send_query_params internally converts all parameters passed in array 'params' to strings.
It's very strange, because 'params' is passed by-value. And much more strange - if 'params' was passed from some wrapper function (in which it was passed by-value), original value of this array will be modified even outside wrapper.
Configure Command => './configure' '--prefix=/usr/local/php5-mod' '--disable-all' '--with-apxs2=/usr/local/apache2-php5/bin/apxs' '--enable-cli' '--disable-cgi' '--disable-ipv6' '--with-pcre-regex' '--with-zlib' '--enable-hash' '--enable-mbstring' '--with-pgsql' '--enable-session' '--enable-wddx' '--enable-libxml' '--enable-xml'
Reproduce code:
---------------
function query($dbh, $sql, $params)//$params: passed by value!!!
{
pg_send_query_params($dbh, $sql, $params);
// ...
}
$dbh = pg_connect('host=localhost dbname=esp user=esp password=pass');
$foo = array(5, 10);
var_dump($foo);
query($dbh, 'SELECT data FROM test WHERE id = $1 OR id = $2', $foo);
var_dump($foo);
pg_close($dbh);
Expected result:
----------------
array(2) {
[0]=>
int(5)
[1]=>
int(10)
}
array(2) {
[0]=>
int(5)
[1]=>
int(10)
}
Actual result:
--------------
array(2) {
[0]=>
int(5)
[1]=>
int(10)
}
array(2) {
[0]=>
string(1) "5"
[1]=>
string(2) "10"
}
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2007-11-13 20:08 UTC] iliaa@php.net