3

I accidentally put a PHP statement into MySQL:

select * from info where id={${intval(17a)}}

MySQL gave me the error message:

ERROR 1054 (42S22): Unknown column '17a' in 'where clause'

Why does MySQL not issue a syntax error, empty result, or show {${intval(17a)}} in the error message? The column in the id value is {${intval(17a)}} but mysql says column '17a'? Are the curly braces and dollar sign special characters in MySQL?

Demo

iehrlich
  • 3,572
  • 4
  • 34
  • 43
while true
  • 816
  • 1
  • 11
  • 26
  • @chris85 yes php report same error.this one is from phpmyadmin.i'm aware php will evaluate code.but in this case i want to know why this mysql query act that way.i change image and now that is php error – while true Mar 30 '17 at 03:47
  • @chris85 as i said i know how to fix the query.i'm aware of double quates .but what i'm asking is why mysql query like `select * from info where id={${intval(17a)}}` act that way .why it doesn't report any syntax error?why it says about a column name `17a`?why not column name `intval(17a)` or something like that?and why it say about column column '17a' at all?it not a column it's value id is the column in the query – while true Mar 30 '17 at 04:09
  • @chris85 yes right sorry for adding php tag.thanks for the edit – while true Mar 30 '17 at 04:15
  • The comparison is being run against the inner most value for some reason. It says column because `17a` isn't quoted so it presumes it is a column. Try `select * from info where id={${intval('17a')}}` and you won't get an error. I'm not sure what the `{${intval(` and `)}}`is doing. – chris85 Mar 30 '17 at 04:26
  • I think it's something to do with ODBC escape sequences. No idea how the `$` fits in though. It can be reduced to `{$(17a)}` and still exhibit the same behaviour. – miken32 Mar 30 '17 at 04:37
  • This is just straight up busted code. That it does anything is kind of scary. – tadman Mar 30 '17 at 05:41

1 Answers1

-4

That $ sign is PHP Specific Syntax.

I think you are just looking for this

select * from info where id='17a';
Usman Shahid
  • 302
  • 1
  • 9
  • I know it's php syntax but why mysql act that way.i know how to fix the query but i'm interested in mysql error report – while true Mar 30 '17 at 03:37
  • http://stackoverflow.com/questions/5370426/how-does-affect-a-mysql-query-in-php - hopefully this explains it better than I can. If this is helpful mark my answer as correct please! – Usman Shahid Mar 30 '17 at 03:52
  • that's not what i'm asking as i said i know in php if i write query like "select * from info where id='$x';" then php will replace id with value of `$x`.how ever in my example i'm running query `select * from info where id={${intval(17a)}}`.so my question is not how to evaluate intval and then run the query.my question is this query report an error but i expect syntax error or empty result. – while true Mar 30 '17 at 04:00
  • 1
    The question is `why` not `how` and it isn't PHP related. That was incorrectly tagged. – chris85 Mar 30 '17 at 04:28