Issue Type: Bug Created: 2006-06-29T12:28:42.000+0000 Last Updated: 2007-07-05T14:44:30.000+0000 Status: Closed Fix version(s): Reporter: Asger Hallas (asgerhallas) Assignee: Gavin (gavin) Tags: - Zend_Db
Related issues: Attachments:
Using SQlite, when I try to do something like this:
$colName='test'; $sql=db->quoteInto("SELECT DISTINCT ? FROM sometable", $colName);
it will result in a string like this:
"SELECT DISTINCT 'test' FROM sometable"
which in sqlite will return a row with one coloumn named 'test' with the value 'test' no matter what's in the database in the coloums 'test'.
Posted by Gavin (gavin) on 2006-06-29T19:46:00.000+0000
Also, prepared queries do not normally allow binding column and table names (e.g. MySQL 5 does not permit this). Nevertheless, the framework should facilitate quoting/escaping column and table names.
Posted by Gavin (gavin) on 2006-07-03T17:25:42.000+0000
No further comments received. Closing this duplicate.
Have you found an issue?
See the Overview section for more details.