[Tickets #8364] Re: Possible Bug with Quoting in Postgress Backend

bugs at horde.org bugs at horde.org
Sun Jun 21 21:50:19 UTC 2009 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/8364
------------------------------------------------------------------------------
  Ticket             | 8364
  Updated By         | mws at mwsanders.com
  Summary            | Possible Bug with Quoting in Postgress Backend
  Queue              | Kronolith
  Version            | 2.2
  Type               | Bug
  State              | Unconfirmed
  Priority           | 1. Low
  Milestone          |
  Patch              | 1
  Owners             |
------------------------------------------------------------------------------


mws at mwsanders.com (2009-06-21 17:49) wrote:

There seems to be a quoting issue in the script provided that  
generates the following error message on an UBUNTU distro install with  
the deb packages.  The backend is a postgres SQL database...
----------- Error Message --------------
  [pid 23811 on line 422 of "/usr/share/horde3/lib/Horde/Share/sql.php"]
Jun 21 15:12:37 HORDE [error] [kronolith] MDB2 Error: no such field:  
_doQuery: [Error message: Could not execute statement]
[Last executed query: SELECT s.*  FROM kronolith_shares s  LEFT JOIN  
kronolith_shares_users AS u ON u.share_id = s.share_id LEFT JOIN  
kronolith_shares_groups AS g ON g.share_id = s.share_id WHERE  
s.share_owner = 'mwsanders' OR (s.perm_creator & 2) <> 0 OR  
(s.perm_default & 2) <> 0 OR ( u.user_uid = 'mwsanders' AND (u.perm &  
2) <> 0) OR ( g.group_uid IN ("2") AND (g.perm & 2) <> 0) ORDER BY  
s.attribute_name ASC]
[Native message: ERROR:  column "2" does not exist
LINE 1: ...ders' AND (u.perm & 2)  0) OR ( g.group_uid IN ("2") AND (...
-------------- End Error Message ---------------------

The attached script resolves the issue for this platform, but should  
probably be implemented with a DB->Quote call....   Not a PHP  
programmer....  Don't know if this was already addressed in following  
2.3.x releases.


--------------------  Change in sql.php / @ Line 623 ------------------
/* Old Line ---
                 $where .= ' OR ( g.group_uid IN ("' . implode('","',  
array_keys($groups)) . '")' */
/* New Line */
		$where .= ' OR ( g.group_uid IN (\'' . implode('\',\'',  
array_keys($groups)) . '\')'
---------------------- End change -------------------------------------

Respectfully,
Matthew Wells Sanders

More information about the bugs mailing list