[TYPO3-dev] TYPO3 and MySQL Strict Mode
Jigal van Hemert
jigal at xs4all.nl
Sat Jul 11 17:27:46 CEST 2009
Ingo Schmitt wrote:
> We discovered some errors by generated SQL statments, where the field
> type is not correct set, e.g. when an SQL integer is filled by a ''.
>
> I tracked this issue down, and dicovered that in this case the boolean
> php Variable was passed to the TYPO3-DB exec_INSERT_query method. Here
> automatically all fields are quoted.
Yet another issue that could be solved by using something like PDO (PHP
Data Objects), which is also supported by AdoDB. Parameter binding in
prepared statements in PDO solves the entire escaping and quoting issue.
Regards,
--
Jigal van Hemert.
More information about the TYPO3-dev
mailing list