Bug #11303 | sql bug | ||
---|---|---|---|
Submitted: | 14 Jun 2005 1:40 | Modified: | 14 Jun 2005 13:50 |
Reporter: | liang zhao | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server: Optimizer | Severity: | S1 (Critical) |
Version: | 4.1 | OS: | Windows (windows) |
Assigned to: | CPU Architecture: | Any |
[14 Jun 2005 1:40]
liang zhao
[14 Jun 2005 13:50]
Hartmut Holzgraefe
This is a mix of auto conversion and operator precedence, and the result is perfectly ok. As '=' has a higher precedence than 'OR' the WHERE condition is equivalent to (user = '') = '') OR '' user='' evaluates to false, or numeric 0 => (0 = '') OR '' now we have a comparison between a number and a string, so the string is converted into a number. the empty string doesn't contain any digits so its numeric equivalent is 0 => (0 = 0) OR '' 0 = 0 is obviously true, or numeric 1 => 1 OR '' the left side of the OR expression is true already, no need to look further, the result is also true so your expression is always true and the query matches every row