View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0004911 | mantisbt | sql | public | 2004-11-27 21:44 | 2004-12-11 03:02 |
Reporter | vboctor | Assigned To | vboctor | ||
Priority | normal | Severity | block | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | git trunk | ||||
Fixed in Version | 0.19.2 | ||||
Summary | 0004911: db_prepare_string() doesn't work with mysqli | ||||
Description | Environment:
The updated code for the handling of mysqli in db_prepare_string() is as follows: For some reason mysqli_escape_string( $p_string ) always returns an emptystring. This is happening with PHP v5.0.2.@@@ Consider using ADODB escaping for all databases.case 'mysqli': | ||||
Tags | No tags attached. | ||||
Isn't this a bug with PHP/MySQLi then? Is there any reason against not using ADODB escaping for all databases? |
|
I am not aware of a reason why we shouldn't use ADODB. The only trick is that ADODB puts the prepared string inside quotes, while our code assumes the quotes are not added. Hence, a work around would be to have db_prepare_string() remove the quotes, like what I implemented for MySQLi. But I guess this can be done as a separate issue. |
|
Or change the assumption? |
|