Getting Error trying to Edit a Post... =(

Discussion of all aspects of the website, wiki, and forums, including support requests and new ideas.

Moderator: Forum Moderators

Post Reply
Cor'e =)
Posts: 17
Joined: June 7th, 2007, 11:46 am

Getting Error trying to Edit a Post... =(

Post by Cor'e =) »

Trying to edit a recent post i get the following error:


General Error

Error in posting

DEBUG MODE

SQL Error : 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'e =)', enable_bbcode = 0, enable_html = 0, enable_smilies = 0, enable_sig = 0 W' at line 1

UPDATE phpbb_posts SET post_username = '', post_editor = 'Cor'e =)', enable_bbcode = 0, enable_html = 0, enable_smilies = 0, enable_sig = 0 WHERE post_id = 235182

Line : 240
File : functions_post.php


Here is the post link:

http://www.wesnoth.org/forum/viewtopic.php?t=16625

Please look into and fix code issue to resolve, tia! =)
User avatar
Wintermute
Inactive Developer
Posts: 840
Joined: March 23rd, 2006, 10:28 pm
Location: On IRC as "happygrue" at: #wesnoth-mp

Re: Getting Error trying to Edit a Post... =(

Post by Wintermute »

Cor'e =) wrote:Trying to edit a recent post i get the following error:

SQL Error : 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'e =)', enable_bbcode = 0, enable_html = 0, enable_smilies = 0, enable_sig = 0 W' at line 1
I'm no expert, but perhaps it is a problem with having special characters such as ' and =) in your name. Since the error seems to be quoting part if it back at you.
"I just started playing this game a few days ago, and I already see some balance issues."
User avatar
Viliam
Translator
Posts: 1341
Joined: January 30th, 2004, 11:07 am
Location: Bratislava, Slovakia
Contact:

Re: Getting Error trying to Edit a Post... =(

Post by Viliam »

Wintermute wrote:I'm no expert, but perhaps it is a problem with having special characters such as ' and =) in your name. Since the error seems to be quoting part if it back at you.
The ' character does it. It is a string delimiter in SQL, and has to be pre-processed... and PHPBB developers probably forgot this in some places.

Seems to me that this type of error is very frequent in PHP applications. I guess it is because the language uses very long function names for the frequently used functions. For example one of the most frequently used functions is called "htmlspecialchars" -- pretty long name, isn't it? When I work in PHP, I always rename it to "h". Also for SQL I make a function "s" which takes a string and encodes it to SQL string. For example s("Cor'e =)") = "'Cor\'e =)'" or something like this. I think the function name length is very important, because if it is too long, developers will unconsciously avoid (forget) writing it.

This type of bug is also a serious security hole. I do not want to provide details, but reading this post probably give me enough information to for example delete the whole Wesnoth forum database. (Dave, did you backup it?)
Cor'e =)
Posts: 17
Joined: June 7th, 2007, 11:46 am

Post by Cor'e =) »

@Wintermute: Only error is during post edits, so since i have this ID already and have post with this ID already, and everything else, i would then say that there is nothing 'special' in my name, maybe unique. ;)

BTW, in the USA there is quite too much discrimination directed at names that have the syllabic break in them, quite a lot of the Indian nations we conquered and islands we 'occupied' and the names of immigrants from all nations have names with such syllabic breaks, it is only ignorance that perpetuates this short-sightedness, obviously only this part of the forum code has such problems.

Do you spell Hawai'i correctly? The US government t for over 150 years is just learning to spell it correctly. My US born mother has named me Cor'e and the US government is still trying to spell my name correctly so i hope you understand now.

BTW, i've always loved the name Wintermute, thxs for having it!
=)
Cor'e =)
Posts: 17
Joined: June 7th, 2007, 11:46 am

Post by Cor'e =) »

@Villiam: I did not want to say that here, but you have, please fix code, thxs. =)
Na'enthos
Posts: 401
Joined: June 13th, 2004, 8:02 pm
Location: Netherlands

Post by Na'enthos »

Ah, yes, I have had that error in the past (and today, as well). Indeed, only occurs when editing.
He who would travel happily must travel light.
-Antoine de Saint-Exupery
Post Reply