Doctrine andWhere orWhere doesn't seem to bind more than one parameter

I have a query like this:

 $name = "field1";
 $name2 = 开发者_如何学JAVA"field2";
 $value = "searchTerm";

 $query->select('*')->
         from("TableName")->
         where($name . " = ?", array($value))->
         andWhere($name2 . " = ?", array($value));

I was suprised to see that when this executes the query generates MS SQL Error 102 (syntax error) because the query sent to sql server looks like this:

SELECT * FROM TableName WHERE field1 = 'searchTerm' AND field2 = ?

The question mark was taken literally in each additional condition added to the query! :o

Perhaps I am doing something wrong and someone can set me straight here.

Whew! I found the answer!

For whatever reason doctrine does not use PDO's prepared statement functionality for SQL server. Connection/Mssql.php substitutes any parameters within the query string and passes an empty array to Connection::execute. This would be fine:

1. If the prepared statements didn't work (maybe they didn't work in sql 2000 when the connection driver was first written?) :/
2. If the substitution actually successfully substituted more than one value! :o

The fix is easy:

in Connection/Mssql.php on line 314 change the execute function below:

 public function execute($query, array $params = array())
 {
      if(! empty($params)) {
           $query = $this->replaceBoundParamsWithInlineValuesInQuery($query, $params);
      }

      return parent::execute($query, array());
 }

to:

 public function execute($query, array $params = array())
 {          
      return parent::execute($query, $params);
 }

You could just as easily remove the overridden function.

Don't forget to make the same changes to exec which appears just below the execute function in the same code file.

Also, you may wish to test this before using it with versions of SQL server earlier than 2005 as I have not tested this solution with that version.