ID: 5482
Updated by: derick
Old-Status: Feedback
Status: Closed
Bug Type: ODBC related
PHP Version: 4.0.1pl2
Assigned To: 

No feedback. If this problem persists with PHP 4.0.5 which
will be released next week, please reopen this report.


Previous Comments:

[2001-04-01 19:48:30] [EMAIL PROTECTED]
please try this with a recent release or snapshot of PHP 
and see if this continues for you.


[2000-07-09 12:09:54] [EMAIL PROTECTED]
There is a similar but slightly different bug report 2976 that describes parameter 
passing problems as well.

Steps to observe behaviour:

1) In MS Access (preferably 97 or 2000) create a table named PEOPLE containing two 
    username and password of any type.

2) Populate the table with a row of test data.

3) In MS Access create the following query name verifypassword:

         SELECT username
         FROM people
         WHERE username = InputUsername AND password = InputPass

        Since the DB is not going to be secured for any test cases, do NOT include the 

        WITH OWNERACCESS OPTION, as it is pointless and may not work.  When in a 
        secured database, this query will allow verification of a username and 
        combination for a user that does not have access to the PEOPLE table without 
        giving direct access to the password field.  I provide this only for a 
description of

4) Make an ODBC DSN to the DB

5) In your PHP script connect to the DSN first, save connection to $conn.

6) In your PHP script, then add:

         $prep = odbc_prepare( $conn, "SELECT * FROM VERIFYPASSWORD" );
         $params = array( "test", "case" );
         ODBC_Execute( $prep, &$params );

7) You will get a "missing parameters" error.

There is no appearant way to populate MS Access parameters from PHP.  
Since, in this case the query must be created under a user with priviledges to
a secured table, the query cannot be generated on the fly -- access will be denied.

Ideally, I should be able to populate my $params array as:
        $params = array( "InUsername" => "test", "InPassword" => "case" );

Synonymous behaviour in ASP:
In ASP the RECORDSET object supports named parameters.  
Obviously this functionality works in ASP.


ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to