[Solar-talk] Patch for Solar_Content_Abstract

Paul M Jones pmjones at solarphp.com
Mon Oct 2 14:43:30 PDT 2006 

On Oct 2, 2006, at 4:31 PM, Travis Swicegood wrote:

> Travis Swicegood wrote:
>> The article does make sense.  The kicker, as we discussed earlier, is
>> that SQLite doesn't seem to like the following SQL:
>>
>> HAVING COUNT(id) = "1"
>>
>> But it will accept:
>>
>> HAVING COUNT(id) = 1
>>
>> Seems that version SQLite 3.2.8 has issues with quotes around numeric
>> values.  Anyone else hit this problem?
>>
>> The solution, of course, is to not quote that value.  The having()  
>> call
>> can be modified to the following:
>>
>> ->having('COUNT(nodes.id = ' . count(tags))
>>
>> But that doesn't fix the larger issue, that all integers that are  
>> passed
>> through the quoting mechanisms will (may?) not work properly.  The  
>> long
>> term solution is to fix the SQL escaping to look to is_numeric()  
>> or some
>> other similar function to figure out if it should be escaped.
>>
>> Anyone have any comments on this?  There's a bug open at in Trac:
>>     http://solarphp.com/trac/ticket/10
>
> This looks like it might be an issue with PDO.  I imagine PDO  
> should be
> smart enough to know how to escape the various types for use in a  
> query,
> but it seems to want to escape integers which SQLite doesn't like.
>
> Any thoughts on not using PDO's native escape mechanism when dealing
> with integers?  It's already overridden to some extent for handling  
> arrays.

My only concern there goes something like this:  You have a varchar  
column, and you want to populate it with a numeric value (which will  
of course be stored as a string).  If the numeric value is not  
quoted, will the DB choke on that at insert/update time?

That is, do all the supported DBMSes see these as equally valid?

     UPDATE table SET char_col = 123;
     UPDATE table SET char_col = '123';

Any ideas here?



--

Paul M. Jones  <http://paul-m-jones.com>

Solar: Simple Object Library and Application Repository
for PHP5.   <http://solarphp.com>

Savant: The simple, elegant, and powerful solution for
templates in PHP.   <http://phpsavant.com>

More information about the solar-talk mailing list