Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
D
doctrine-dbal
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Tomáš Trávníček
doctrine-dbal
Commits
e7c381ac
Commit
e7c381ac
authored
Sep 15, 2017
by
Sergei Morozov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Removed the "OCI8: SQL Queries with Question Marks" section
parent
a0cc581b
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
0 additions
and
29 deletions
+0
-29
known-vendor-issues.rst
docs/en/reference/known-vendor-issues.rst
+0
-29
No files found.
docs/en/reference/known-vendor-issues.rst
View file @
e7c381ac
...
@@ -138,35 +138,6 @@ difference is subtle but can be potentially very nasty. Derick
...
@@ -138,35 +138,6 @@ difference is subtle but can be potentially very nasty. Derick
Rethans explains it very well
Rethans explains it very well
`in a blog post of his <http://derickrethans.nl/storing-date-time-in-database.html>`_.
`in a blog post of his <http://derickrethans.nl/storing-date-time-in-database.html>`_.
OCI8: SQL Queries with Question Marks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We had to implement a question mark to named parameter translation
inside the OCI8 DBAL Driver. It works as a very simple parser with two states: Inside Literal, Outside Literal.
From our perspective it should be working in all cases, but you have to be careful with certain
queries:
.. code-block:: sql
SELECT * FROM users WHERE name = 'bar?'
Could in case of a bug with the parser be rewritten into:
.. code-block:: sql
SELECT * FROM users WHERE name = 'bar:oci1'
For this reason you should always use prepared statements with
Oracle OCI8, never use string literals inside the queries. A query
for the user 'bar?' should look like:
.. code-block:: php
$sql = 'SELECT * FROM users WHERE name = ?'
$stmt = $conn->prepare($sql);
$stmt->bindValue(1, 'bar?');
$stmt->execute();
OCI-LOB instances
OCI-LOB instances
~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment