Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quoted DB expression when used in param #6382

Closed
klevron opened this issue Dec 5, 2014 · 15 comments
Closed

Quoted DB expression when used in param #6382

klevron opened this issue Dec 5, 2014 · 15 comments
Labels
ext:debug type:bug Bug

Comments

@klevron
Copy link
Contributor

klevron commented Dec 5, 2014

Hello

DB Expression is quoted when used in param, e.g.

MyModel::deleteAll("expire < :expire", [':expire' => new Expression('NOW()')]);

This will make the following query :

DELETE FROM `expire` WHERE expire < 'NOW()';

Be careful, debug tool will log the correct one :

DELETE FROM `expire` WHERE expire < NOW();

http://stackoverflow.com/questions/27312579/odd-behavior-of-now-and-db-expression-in-yii2-mysql
@samdark
Copy link
Member

samdark commented Dec 5, 2014

Debug tool should be adjusted.

@samdark samdark added this to the 2.0.x milestone Dec 5, 2014
@klevron
Copy link
Contributor Author

klevron commented Dec 5, 2014

Well, it is a bug, not a feature : DB expression should not be quoted

@klevron klevron changed the title Quoted DB expression when used in param Bug: Quoted DB expression when used in param Dec 5, 2014
@samdark samdark added the type:bug Bug label Dec 5, 2014
@samdark
Copy link
Member

samdark commented Dec 5, 2014

Yes, that is true as well.

@klevron klevron changed the title Bug: Quoted DB expression when used in param Quoted DB expression when used in param Dec 5, 2014
@mdmunir
Copy link
Contributor

mdmunir commented Dec 5, 2014

Corect me, params is native fiture of PDO, not originaly Yii. So everyting that inserted to param should be known as PDO TYPE (PDO::PARAM_XXX). If not it will be treatment as PDO::PARAM_STR.
The code should be

MyModel::deleteAll("expire < NOW()");
// or
MyModel::deleteAll(['<','expire',new Expression('NOW()')]);

Sory for my english

@klevron
Copy link
Contributor Author

klevron commented Dec 5, 2014

We should not care about pdo/yii here, and the three should be logically the same :

MyModel::deleteAll("expire < NOW()");
MyModel::deleteAll(['<','expire',new Expression('NOW()')]);
MyModel::deleteAll("expire < :expire", [':expire' => new Expression('NOW()')]);

@qiangxue
Copy link
Member

qiangxue commented Dec 5, 2014

Where did you get this from? DELETE FROMtest_expireWHERE expire < 'NOW()';?

@klevron
Copy link
Contributor Author

klevron commented Dec 5, 2014

From mysql server log (since yii debug doesn't show the real query)

PS : test_expire was a typo of course

@mdmunir
Copy link
Contributor

mdmunir commented Dec 5, 2014

We should not care about pdo/yii here, and the three should be logically the same.

Ideally yes. But to handle this, yii must create his own parser. I am neutral here.

@qiangxue
Copy link
Member

qiangxue commented Dec 5, 2014

As explained by @mdmunir, this is expected behavior since you are using parameter binding, a native feature of PDO. The DB expression will be converted into a string before being bound to the parameter. We can't do anything about this.

The debug tool should be adjusted to reflect the true SQL being executed.

@klevron
Copy link
Contributor Author

klevron commented Dec 5, 2014

There should be at least an InvalidParamException

@samdark samdark modified the milestones: 2.0.1, 2.0.x, 2.0.2 Dec 5, 2014
@qiangxue
Copy link
Member

qiangxue commented Dec 5, 2014

There should be at least an InvalidParamException

Nope. It is good as is. We just need to fix the debug tool display if the issue is verified.

@klevron
Copy link
Contributor Author

klevron commented Dec 5, 2014

I don't see the meaning of binding a db expression if it is quoted after, there should be an exception.

@cebe cebe modified the milestones: 2.0.x, 2.0.2 Jan 10, 2015
@dmitriy-krista dmitriy-krista mentioned this issue Jan 29, 2015
Closed
@bionoren
Copy link

I suspect this is because yii\db\mysql\QueryBuilder:183 is looking for Expression in the current namespace (\yii\db\mysql), but the class actually exists in \yii\db, so that instanceof check always fails. Can somebody fix that to either fully qualify Expression or use it?

@cebe
Copy link
Member

cebe commented Jun 1, 2015

@bionoren why do you write under a totally unrelated issue? please report a new one next time. This has been fixed by #8596 already.

@cebe cebe removed this from the 2.0.x milestone Jan 24, 2016
@cebe cebe added ext:debug and removed ext:debug labels Jan 24, 2016
@yii-bot yii-bot mentioned this issue Jan 24, 2016
Open
@yii-bot
Copy link

yii-bot commented Jan 24, 2016

Issue moved to yiisoft/yii2-debug#78

@yii-bot yii-bot closed this as completed Jan 24, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ext:debug type:bug Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add condition to getRawSql(), Fixes #6382
7 participants
@samdark @cebe @bionoren @qiangxue @klevron @mdmunir @yii-bot