ID: 49381
Comment by: eprayner at gmail dot com
Reported By: eprayner at gmail dot com
Status: Open
Bug Type: PDO related
Operating System: Linux
PHP Version: 5.2SVN-2009-08-27 (SVN)
New Comment:
MYSQL Server version: 5.0.67-0ubuntu6 (Ubuntu)
>From reading other bugs, I'm beginning to think this is a MySQL bug,
rather than a PHP bug.
Previous Comments:
------------------------------------------------------------------------
[2009-08-27 03:31:03] eprayner at gmail dot com
Description:
------------
When using PDO prepare for mysql, quotes are incorrectly inserted
around column names, resulting in errors or unexpected results. This
problem would have been _much_ easier to diagonise if there was a way of
seeing the actual statement. Something like:
$string PDOStatement::executeString()---returns the statement that
would have been executed by PDOStatement::execute().
Reproduce code:
---------------
//given a mysql connection $pdo
//and a database table 'myTable' with columns: id, col1, col2, col3
//with a row: 1, value1, value2, value3.
$stmt=$pdo->prepare("SELECT ? FROM myTable WHERE id=?");
$myColumn = 'col1';
$stmt->execute(array($myColumn, 1));
$row=$stmt->fetch();
print_r($row);
Expected result:
----------------
I'd expect to see: "value1" displayed, as you'd expect for the
statement: "SELECT col1 FROM myTable WHERE id=1"
Actual result:
--------------
What is displayed is: "col1", as you'd expect for the statement:
"SELECT 'col1' FROM myTable WHERE id=1"
Other statements result in errors. Example:
$stmt=$pdo->prepare("UPDATE myTable SET ?=? WHERE id=?");
$stmt->execute(array($myColumn, $myValue, $myId));
is a syntax error, as is the SQL:
UPDATE myTable SET 'col1'=3 WHERE id=1;
This problem means that I cant use prepare and execute statements at
all.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=49381&edit=1
