Hi all,
as it is now (for a long time), the PDO parser supports the proprietary
backslash escapes for (double-)quotes in SQL string literals (the
standard way to escape quootes in SQL strings is to double them). This
causes string terminating quotes to be not recognized as such whenever
they are immediately preceeded by a backslash. This has been reported
as bug #79276[1], which shows a perfectly valid SQL query, which is not
parsed correctly by the PDO parser. Another example which does
currently not work as expected is part of the accompanying pull request[2].
Since I have not received much feedback on this so far, I'm bringing it
up on the list:
I think we should completely drop support for backslash escapes in the
PDO parser as of PHP 8. If it was possible to support these without
breaking other standard conforming SQL queries, it would be nice to keep
it, but that doesn't seem to be possible.
Thoughts?
[1] https://bugs.php.net/79276
[2]
https://github.com/php/php-src/pull/5190/files#diff-b2f83b3b89d4f41975f391afb509f92b
--
Christoph M. Becker
Hi Christoph,
I think we should completely drop support for backslash escapes in the
PDO parser as of PHP 8. If it was possible to support these without
breaking other standard conforming SQL queries, it would be nice to keep
it, but that doesn't seem to be possible.Thoughts?
Thanks for bringing it up. I suppose it's about time to start conforming
to the SQL standards, but maybe we should have gone through a
deprecation stage first?
Cheers
Matteo Beccati
Development & Consulting - http://www.beccati.com/
Am 19.03.2020 um 09:38 schrieb Matteo Beccati php@beccati.com:
I think we should completely drop support for backslash escapes in the
PDO parser as of PHP 8. If it was possible to support these without
breaking other standard conforming SQL queries, it would be nice to keep
it, but that doesn't seem to be possible.Thoughts?
Thanks for bringing it up. I suppose it's about time to start conforming
to the SQL standards, but maybe we should have gone through a
deprecation stage first?
I second this.
- Chris