1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
--TEST--
Bug #54929 (Parse error with single quote in sql comment (pdo-mysql))
--SKIPIF--
<?php
require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'skipif.inc');
require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
MySQLPDOTest::skip();
?>
--FILE--
<?php
require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
$pdodb = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt');
function testQuery($query) {
global $pdodb;
$stmt = $pdodb->prepare($query);
if (!$stmt->execute(array("foo"))) {
var_dump($stmt->errorInfo());
} else{
var_dump($stmt->fetch(PDO::FETCH_ASSOC));
}
}
testQuery("/* ' */ select ? as f1 /* ' */");
testQuery("/* '-- */ select ? as f1 /* *' */");
testQuery("/* ' */ select ? as f1 --';");
testQuery("/* ' */ select ? as f1 -- 'a;");
testQuery("/*'**/ select ? as f1 /* ' */");
testQuery("/*'***/ select ? as f1 /* ' */");
testQuery("/*'**a ***b / ****
******
**/ select ? as f1 /* ' */");
?>
--EXPECTF--
array(1) {
["f1"]=>
string(3) "foo"
}
array(1) {
["f1"]=>
string(3) "foo"
}
Warning: PDOStatement::execute(): SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your %s server version for the right syntax to use near '--'' at line 1 in %s on line %d
array(3) {
[0]=>
string(5) "42000"
[1]=>
int(1064)
[2]=>
string(149) "You have an error in your SQL syntax; check the manual that corresponds to your %s server version for the right syntax to use near '--'' at line 1"
}
array(1) {
["f1"]=>
string(3) "foo"
}
array(1) {
["f1"]=>
string(3) "foo"
}
array(1) {
["f1"]=>
string(3) "foo"
}
array(1) {
["f1"]=>
string(3) "foo"
}
|
