-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Listing] Question mark and colon in condition in addConditionParam() are always interpreted as prepated statement parameters #11857
Conversation
This contains a commit from PR #11817 |
@BlackbitNeueMedien Since this is a bug, could you please rebase this to 10.3 branch ? |
a49116c
to
b851c27
Compare
@aryaantony92 Is now for 10.3 branch. |
@BlackbitNeueMedien Thanks for rebasing. But even after applying the patch/commit, when I try to do $listing->addConditionParam('name="Brand: Test product"'); Or I can still see the error message "SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens" |
Sorry, regex was not correct, now it should work, even for $listing->addConditionParam('name="Brand: " and o_path=? and o_key="test?"', ['/']); |
I'd say this is quite a critical thing that should be covered by a test, could you please add one for all the possible cases? Thanks in advance! |
@BlackbitNeueMedien btw. writing tests is now super easy, see: #11872 and https://pimcore.com/docs/pimcore/current/Development_Documentation/Development_Tools_and_Details/Testing/Core_Tests.html Thanks in advance! |
@BlackbitNeueMedien 🏓 one more try 😉 |
Yep, did not forget it. Currently implementing #10924, try to come back to this PR here for the tests (or perhaps you would be so kind and create this?) |
@BlackbitNeueMedien ah cool 👍 then we wait until you're finished with the other topic 😉 Thanks in advance! |
@brusch I added the tests. |
Thank you very much! |
Step to reproduce:
This will result in an SQL error / PDO exception:
SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens
The reason is that in
pimcore/lib/Model/Listing/AbstractListing.php
Lines 258 to 266 in da43b3f
:
or a?
in the SQL condition that this is a query parameter.So the same problem appears when
Above are simplified examples, of course normally you would use
but sometimes this is not easily possible.
An alternative solution would be to add
Listing::addCondition()
to add conditions without parameters.Imho, it is not a BC break, so if you want I could also rebase to
10.3
branch.