Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bind variables does not recognize strings #16398

Closed
Klap-in opened this issue Oct 11, 2020 · 3 comments
Closed

bind variables does not recognize strings #16398

Klap-in opened this issue Oct 11, 2020 · 3 comments
Assignees
@williamdes
Labels
Bug A problem or regression with an existing feature
Projects
issues
Milestone
5.1.2

Comments

@Klap-in
Copy link

Klap-in commented Oct 11, 2020
edited by williamdes

Describe the bug

In my SQL query I used :placeholders for some debugging of existing code via the Phpmyadmin interface. The placeholder are replaced different in the phpmyadmin interface than via bindparam() or execute($replacements) functions would happen in my understanding of bind variables.

http://localhost/phpmyadmin/doc/html/faq.html#i-see-bind-parameters-checkbox-in-the-sql-page-how-do-i-write-parameterized-sql-queries
first implementation: 8cb8281
https://www.php.net/manual/en/pdostatement.bindparam.php (type of input parameters can be set)
https://www.php.net/manual/en/pdostatement.execute.php (all input parameters are treated as strings)

To Reproduce

Steps to reproduce the behavior:

  1. Go to 'SQL' to create a query on a database
  2. Input your query e.g.
SELECT A.*
FROM plugins A
WHERE A.plugin = :plugin_name
  1. Check the checkbox 'bind parameters'
  2. The field :plugin_name appears, fill in info.
  3. Execute the query
  4. You got the error:
Fout
SQL-query: 

SELECT A.*
FROM plugins A
WHERE A.plugin = info LIMIT 0, 25

MySQL meldt: 

#1054 - Onbekende kolom 'info' in where clause -> translated: Unknown column 'info' in where clause

Expected behavior

When the query is executed, :plugin_name should be replaced with 'info' and not with info.
If in the inputfield also quotes are typed, these are escaped correctly. So the local implementation in the phpmyadmin-interface of the bind parameters seems not to recognize strings.

Screenshots

none

Server configuration

  • Operating system: Ubuntu 20.04 Desktop
  • Web server: Server version: Apache/2.4.41 (Ubuntu), Server built: 2020-08-12T19:46:17
  • Database version:MySQL, 8.0.21-0ubuntu0.20.04.4 - (Ubuntu)
  • PHP version:
    Apache/2.4.41 (Ubuntu)
    Cliëntversie van database: libmysql - mysqlnd 7.4.5
    PHP-uitbreiding: mysqliDocumentatie curlDocumentatie mbstringDocumentatie
    PHP-versie: 7.4.5
  • phpMyAdmin version: 4.9.5deb2

Client configuration

  • Browser: Chrome 85.0.4183.121 (Officiële build) (64-bits)
  • Operating system: Ubuntu 20.04

Additional context

none
@williamdes
Copy link
Member

Hi,
Thank you for the report, someone should have a look sortly.

@williamdes williamdes added the Bug A problem or regression with an existing feature label Oct 21, 2020
@williamdes williamdes added this to Needs triage in issues via automation Oct 21, 2020
@williamdes williamdes assigned williamdes and unassigned ibennetch Jul 27, 2021
@williamdes
Copy link
Member

image

Just tried out on 5.1.1 and I can not confirm the bug, so I am closing this one
Let me know If you still can reproduce this issue

issues automation moved this from Needs triage to Closed Jul 27, 2021
@williamdes williamdes reopened this Jul 27, 2021
issues automation moved this from Closed to Needs triage Jul 27, 2021
@williamdes
Copy link
Member

I had not tried it correctly, sorry for that
image

@williamdes williamdes moved this from Needs triage to Reproduced in issues Jul 27, 2021
@williamdes williamdes added this to the 5.1.2 milestone Jul 27, 2021
williamdes added a commit that referenced this issue Jul 27, 2021
@williamdes
Add a test for #16398
a92a9c2 
Signed-off-by: William Desportes <williamdes@wdes.fr>
williamdes added a commit that referenced this issue Jul 27, 2021
@williamdes
Add a ChangeLog entry for #16398
436e0da 
Signed-off-by: William Desportes <williamdes@wdes.fr>
issues automation moved this from Reproduced to Closed Jul 27, 2021
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@williamdes williamdes

Labels
Bug A problem or regression with an existing feature
Projects
issues
  
Closed
Milestone
5.1.2
Development

No branches or pull requests
3 participants
@Klap-in @ibennetch @williamdes