Zikula: A Flexible Open Source Content Management System
home | forum | contact us

Dizkus

Bottom
NS-AddStory MySQL errors with ' FIX
  • Posted: 27.06.2004, 19:47
     
    _hp_
    rank:
    Freshman Freshman
    registered:
     September 2003
    Status:
    offline
    last visit:
    17.07.04
    Posts:
    9
    Running:
    PostNuke 0.750RC-3 (problem occured when we were running 0.726 too)
    Red Hat Enterprise
    PHP Version 4.3.7
    Apache/1.3.31 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.7 FrontPage/5.0.2.2634a mod_ssl/2.8.18 OpenSSL/0.9.7a
    MySQL Version 3.23.49

    Every time a larger news article is posted we get this error:

    Code

    stories->postAdminStory: Error accesing to the database
    Program: [webroot]/modules/NS-AddStory/admin.php - Line N.: 1097
    Database: edkingdo_site
    Error (1064) : You have an error in your SQL syntax. Check the manual that corresponds to your mysql server version for the right syntax to use near 'Best Visual Effects in a TV series'...

    The error usually occurs around places where there are apostrophes. Posting something short without any HTML in it works. I believe the problem is in the apostrophes, however I have failed to solve it. Any ideas?
    Top
  • Posted: 28.06.2004, 18:28
     
    _hp_
    rank:
    Freshman Freshman
    registered:
     September 2003
    Status:
    offline
    last visit:
    17.07.04
    Posts:
    9
    Anyone?
    Top
  • Posted: 28.06.2004, 20:29
     
    mhalbrook
    rank:
    Legend Legend
    registered:
     December 1969
    Status:
    online
    Posts:
    6534
    Link to a phpinfo report?
    Top
  • Posted: 28.06.2004, 21:45
     
    _hp_
    rank:
    Freshman Freshman
    registered:
     September 2003
    Status:
    offline
    last visit:
    17.07.04
    Posts:
    9
    http://www.3dkingdom.org/info.php
    Top
  • Posted: 29.06.2004, 22:04
     
    _hp_
    rank:
    Freshman Freshman
    registered:
     September 2003
    Status:
    offline
    last visit:
    17.07.04
    Posts:
    9
    Problem fixed.

    Fix:
    In modules/NS-AddStory/admin.php

    Lines 1004 - 1012 are:

    Code

    '" . pnVarPrepForStore($subject) . "',
    now(),
    '" . pnVarPrepForStore($hometext) . "',
    '" . pnVarPrepForStore($bodytext) . "',
    '0',
    '0',
    '" . pnVarPrepForStore($topic) . "',
    '" . pnVarPrepForStore($name) . "',
    '" . pnVarPrepForStore($notes) . "',
    '" . pnVarPrepForStore($ihome) . "',


    Replace with:

    Code

    '" . mysql_escape_string(pnVarPrepForStore($subject)) . "',
    now(),
    '" . mysql_escape_string(pnVarPrepForStore($hometext)) . "',
    '" . mysql_escape_string(pnVarPrepForStore($bodytext)) . "',
    '0',
    '0',
    '" . pnVarPrepForStore($topic) . "',
    '" . pnVarPrepForStore($name) . "',
    '" . mysql_escape_string(pnVarPrepForStore($notes)) . "',


    For explanation look into the PHP manual. Search for mysql_escape_string
    Top

Extensions Moderation

Main Menu

Extensions Database

Documentation

Development

Login

Donate to Zikula

Donate to the Zikula Foundation