1--TEST--
2mysqli_real_escape_string() - SQL Mode NO_BACKSLASH_ESCAPE
3--SKIPIF--
4<?php
5require_once('skipif.inc');
6require_once('skipifconnectfailure.inc');
7?>
8--FILE--
9<?php
10    require_once("connect.inc");
11    require_once('table.inc');
12
13    if (!mysqli_query($link, 'SET @@sql_mode="NO_BACKSLASH_ESCAPES"'))
14        printf("[001] Cannot set NO_BACKSLASH_ESCAPES, [%d] %s\n", mysqli_errno($link), mysqli_error($link));
15
16    if ('\\' !== ($tmp = mysqli_real_escape_string($link, '\\')))
17        printf("[002] Expecting \\, got %s\n", $tmp);
18
19    if ('"' !== ($tmp = mysqli_real_escape_string($link, '"')))
20        printf("[003] Expecting \", got %s\n", $tmp);
21
22    if ("''" !== ($tmp = mysqli_real_escape_string($link, "'")))
23        printf("[004] Expecting '', got %s\n", $tmp);
24
25    if ("\n" !== ($tmp = mysqli_real_escape_string($link, "\n")))
26        printf("[005] Expecting \\n, got %s\n", $tmp);
27
28    if ("\r" !== ($tmp = mysqli_real_escape_string($link, "\r")))
29        printf("[006] Expecting \\r, got %s\n", $tmp);
30
31    assert("foo" . chr(0) . "bar" === "foo" . chr(0) . "bar");
32    if ("foo" . chr(0) . "bar" !== ($tmp = mysqli_real_escape_string($link, "foo" . chr(0) . "bar")))
33        printf("[007] Expecting %s, got %s\n", "foo" . chr(0) . "bar", $tmp);
34
35    if (!mysqli_query($link, sprintf('INSERT INTO test(id, label) VALUES (100, "%s")',
36            mysqli_real_escape_string($link, "\\"))))
37        printf("[009] Cannot INSERT, [%d] %s\n", mysqli_errno($link), mysqli_error($link));
38
39    if (!($res = mysqli_query($link, 'SELECT label FROM test WHERE id = 100')) ||
40            !($row = mysqli_fetch_assoc($res)))
41        printf("[010] [%d] %s\n", mysqli_errno($link), mysqli_error($link));
42
43    var_dump($row);
44    mysqli_free_result($res);
45
46    if (!mysqli_query($link, 'SET @@sql_mode=""'))
47        printf("[011] Cannot disable NO_BACKSLASH_ESCAPES, [%d] %s\n", mysqli_errno($link), mysqli_error($link));
48
49    if ('\\\\' !== ($tmp = mysqli_real_escape_string($link, '\\')))
50        printf("[012] Expecting \\, got %s\n", $tmp);
51
52    if ("foo\\0bar" !== ($tmp = mysqli_real_escape_string($link, "foo" . chr(0) . "bar")))
53        printf("[013] Expecting %s, got %s\n", "foo" . chr(0) . "bar", $tmp);
54
55    mysqli_close($link);
56
57    print "done!";
58?>
59--EXPECT--
60array(1) {
61  ["label"]=>
62  string(1) "\"
63}
64done!
65