1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
--TEST--
MySQL PDO->prepare(), native PS, named placeholder
--SKIPIF--
<?php
require_once(__DIR__ . DIRECTORY_SEPARATOR . 'skipif.inc');
require_once(__DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
MySQLPDOTest::skip();
$db = MySQLPDOTest::factory();
?>
--FILE--
<?php
require_once(__DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
$db = MySQLPDOTest::factory();
try {
$db->exec('DROP TABLE IF EXISTS test');
$db->exec(sprintf('CREATE TABLE test(id INT, label CHAR(255)) ENGINE=%s', PDO_MYSQL_TEST_ENGINE));
$db->setAttribute(PDO::MYSQL_ATTR_DIRECT_QUERY, 0);
if (0 != $db->getAttribute(PDO::MYSQL_ATTR_DIRECT_QUERY))
printf("[002] Unable to turn off emulated prepared statements\n");
// INSERT a single row
$stmt = $db->prepare("INSERT INTO test(id, label) VALUES (100, ':placeholder')");
// Yes, there is no placeholder to bind to and named placeholder
// do not work with MySQL native PS, but lets see what happens!
// The ':placeholder' is a string constant in the INSERT statement.
// I would expect to get an error message, but this is not what happens.
$stmt->execute(array(':placeholder' => 'row1'));
if ('00000' !== $stmt->errorCode())
printf("[003] Execute has failed, %s %s\n",
var_export($stmt->errorCode(), true),
var_export($stmt->errorInfo(), true));
// Ok, what has happened: anything inserted into the DB?
$stmt = $db->prepare('SELECT id, label FROM test');
$stmt->execute();
var_dump($stmt->fetchAll(PDO::FETCH_ASSOC));
// Now the same with emulated PS.
$db->setAttribute(PDO::MYSQL_ATTR_DIRECT_QUERY, 1);
if (1 != $db->getAttribute(PDO::MYSQL_ATTR_DIRECT_QUERY))
printf("[004] Unable to turn on emulated prepared statements\n");
// Note that the "named placeholder" is enclosed by double quotes.
$stmt = $db->prepare("INSERT INTO test(id, label) VALUES(101, ':placeholder')");
// No replacement shall be made
$stmt->execute(array(':placeholder' => 'row1'));
// Again, I'd like to see an error message
if ('00000' !== $stmt->errorCode())
printf("[005] Execute has failed, %s %s\n",
var_export($stmt->errorCode(), true),
var_export($stmt->errorInfo(), true));
// Now, what do we have in the DB?
$stmt = $db->prepare('SELECT id, label FROM test ORDER BY id');
$stmt->execute();
var_dump($stmt->fetchAll(PDO::FETCH_ASSOC));
} catch (PDOException $e) {
printf("[001] %s [%s] %s\n",
$e->getMessage(), $db->errorCode(), implode(' ', $db->errorInfo()));
}
print "done!";
?>
--CLEAN--
<?php
require __DIR__ . '/mysql_pdo_test.inc';
$db = MySQLPDOTest::factory();
$db->exec('DROP TABLE IF EXISTS test');
?>
--EXPECTF--
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number in %s on line %d
[003] Execute has failed, 'HY093' array (
0 => 'HY093',
1 => NULL,
2 => NULL,
)
array(0) {
}
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in %s on line %d
[005] Execute has failed, 'HY093' array (
0 => 'HY093',
1 => NULL,
2 => NULL,
)
array(0) {
}
done!
|
