From 7b918120f83a3ce4ef6a6d48a880f0e07b343964 Mon Sep 17 00:00:00 2001
From: Christoph Michael Becker <cmb@php.net>
Date: Mon, 27 Jun 2016 14:12:35 +0000
Subject: [PATCH] Fix #62361: SQLite3::escapeString is not binary safe

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@339508 c90b9560-bf6c-de11-be94-00142212c4b1
---
 reference/sqlite3/sqlite3/escapestring.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/reference/sqlite3/sqlite3/escapestring.xml b/reference/sqlite3/sqlite3/escapestring.xml
index 92813d5d1b..999d798e7f 100644
--- a/reference/sqlite3/sqlite3/escapestring.xml
+++ b/reference/sqlite3/sqlite3/escapestring.xml
@@ -17,6 +17,11 @@
    Returns a string that has been properly escaped for safe inclusion in an
    SQL statement.
   </para>
+  &note.not-bin-safe;
+  <para>
+   To properly handle BLOB fields which may contain NUL characters, use
+   <function>SQLite3Stmt::bindParam</function> instead.
+  </para>
  </refsect1>
 
  <refsect1 role="parameters">