Uploaded image for project: 'CMS CONTENIDO'
  1. CMS CONTENIDO
  2. CON-1902

Frontend search with single quotation mark throws sql error

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Major
          • Resolution: Fixed
          • Affects Version/s: CONTENIDO 4.9.4
          • Fix Version/s: CONTENIDO 4.9.5
          • Component/s: Core Code
          • Labels:
            None

            Description

            Search keyword:
            Test'Artikel

            [2014-08-14 12:34:03] Warning: "Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel SELECT keyword, auto FROM con_keywords WHERE idlang=1 AND keyword REGEXP 'test'artikel'
            " at reportHalt() [class.db.driver.handler.php(977)]
            reportHalt() called in file class.db.driver.handler.php(949)
            halt() called in file class.db.driver.handler.php(677)
            query() called in file class.search.php(351)
            searchIndex() called in file class.module.search_result.php(212)
            _performSearch() called in file class.module.search_result.php(146)
            __construct() called in file include.front_content.php(660) : eval()'d code(622)
            eval() called in file include.front_content.php(660)
            include() called in file front_content.php(62)

            [14-Aug-2014 10:34:03 UTC] PHP Warning: Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel SELECT keyword, auto FROM con_keywords WHERE idlang=1 AND keyword REGEXP 'test'artikel'
            in contenido\includes\functions.general.php on line 1329
            [2014-08-14 12:34:03] Warning: "Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel next_record called with no query pending in Module ID 30.
            " at reportHalt() [class.db.driver.handler.php(977)]
            reportHalt() called in file class.db.driver.handler.php(949)
            halt() called in file class.db.driver.handler.php(693)
            nextRecord() called in file class.search.php(353)
            searchIndex() called in file class.module.search_result.php(212)
            _performSearch() called in file class.module.search_result.php(146)
            __construct() called in file include.front_content.php(660) : eval()'d code(622)
            eval() called in file include.front_content.php(660)
            include() called in file front_content.php(62)

            [14-Aug-2014 10:34:03 UTC] PHP Warning: Database failure: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'artikel'' at line 1) - /cms/front_content.php?idart=20&idlang=1&search_term=Test%27Artikel next_record called with no query pending in Module ID 30.
            in contenido\includes\functions.general.php on line 1329

              Attachments

                Issue Links

                is cloned by

                FFBCON-642 Loading...

                  Activity

                    People

                    • Assignee:
                      frederic.schneider Frederic Schneider
                      Reporter:
                      frederic.schneider Frederic Schneider
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      1 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: