Uploaded image for project: 'CMS CONTENIDO'
  1. CMS CONTENIDO
  2. CON-1902

Frontend search with single quotation mark throws sql error

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: CONTENIDO 4.9.4
    • Fix Version/s: CONTENIDO 4.9.5
    • Component/s: Core Code
    • Labels:
      None

      Description

      Search keyword:
      Test'Artikel

      [2014-08-14 12:34:03] Warning: "Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel SELECT keyword, auto FROM con_keywords WHERE idlang=1 AND keyword REGEXP 'test'artikel'
      " at reportHalt() [class.db.driver.handler.php(977)]
      reportHalt() called in file class.db.driver.handler.php(949)
      halt() called in file class.db.driver.handler.php(677)
      query() called in file class.search.php(351)
      searchIndex() called in file class.module.search_result.php(212)
      _performSearch() called in file class.module.search_result.php(146)
      __construct() called in file include.front_content.php(660) : eval()'d code(622)
      eval() called in file include.front_content.php(660)
      include() called in file front_content.php(62)

      [14-Aug-2014 10:34:03 UTC] PHP Warning: Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel SELECT keyword, auto FROM con_keywords WHERE idlang=1 AND keyword REGEXP 'test'artikel'
      in contenido\includes\functions.general.php on line 1329
      [2014-08-14 12:34:03] Warning: "Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel next_record called with no query pending in Module ID 30.
      " at reportHalt() [class.db.driver.handler.php(977)]
      reportHalt() called in file class.db.driver.handler.php(949)
      halt() called in file class.db.driver.handler.php(693)
      nextRecord() called in file class.search.php(353)
      searchIndex() called in file class.module.search_result.php(212)
      _performSearch() called in file class.module.search_result.php(146)
      __construct() called in file include.front_content.php(660) : eval()'d code(622)
      eval() called in file include.front_content.php(660)
      include() called in file front_content.php(62)

      [14-Aug-2014 10:34:03 UTC] PHP Warning: Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel next_record called with no query pending in Module ID 30.
      in contenido\includes\functions.general.php on line 1329

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                frederic.schneider Frederic Schneider
                Reporter:
                frederic.schneider Frederic Schneider
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: