Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error while executing statement... fehlendes Escaping mit geschütztem Keyword key #1448

Open
alxndr-w opened this issue Aug 11, 2023 · 0 comments
Open

Error while executing statement... fehlendes Escaping mit geschütztem Keyword key #1448

alxndr-w opened this issue Aug 11, 2023 · 0 comments

Comments

@alxndr-w
Copy link
Contributor

Ich habe das hier lokal getestet - funktioniert.

https://github.com/FriendsOfREDAXO/tricks/pull/339/files?short_path=eef534d#diff-eef534d4c1b41df7165f639f60f9a4f182777c813315f6c67b57dcaf1b4d602b

Jedoch, auf einem anderen Server erhalte ich folgende Fehlermeldung:

rex_sql_exception: Error while executing statement "SELECT * from rex_wizard WHERE key="20fced4037235414c7a6e072e6877c9e907db61d6bf766cf"" using params []! SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'key="20fced4037235414c7a6e072e6877c9e907db61d6bf766cf"' at line 1
File: redaxo/src/core/lib/sql/sql.php
Line: 406

Stacktrace
Function File Line
rex_sql->execute redaxo/src/core/lib/sql/sql.php 449
rex_sql->setQuery redaxo/src/addons/yform/lib/yform.php 298
rex_yform->executeFields redaxo/src/addons/yform/lib/yform.php 269
rex_yform->getForm rex:///module/12/output 66
require redaxo/cache/addons/structure/58.1.content 94
require redaxo/src/addons/structure/plugins/content/lib/article_content.php 123
rex_article_content->getArticle rex:///template/4 88
require redaxo/src/addons/structure/plugins/content/lib/article_content_base.php 456
rex_article_content_base->{closure} redaxo/src/core/lib/util/timer.php 56
rex_timer::measure redaxo/src/addons/structure/plugins/content/lib/article_content_base.php 457
rex_article_content_base->getArticleTemplate redaxo/src/addons/structure/plugins/content/boot.php 58
rex_package::{closure} redaxo/src/core/lib/extension.php 52
rex_extension::{closure} redaxo/src/core/lib/util/timer.php 56
rex_timer::measure redaxo/src/core/lib/extension.php 63
rex_extension::registerPoint redaxo/src/core/frontend.php 22
require redaxo/src/core/boot.php 155
require index.php 9
System report (REDAXO 5.15.1, PHP 8.1.21, MariaDB 10.4.30)
REDAXO
Version 5.15.1
PHP
Version 8.1.21
OPcache yes
Xdebug no
Database
Version MariaDB 10.4.30
Character set utf8mb4
Server
OS Linux
SAPI fpm-fcgi
Webserver Apache
Request
Browser Chrome/115.0.0.0
Protocol HTTP/1.1
HTTPS yes
Packages
auto_delete 1.0-dev
backup 2.9.0
be_style 3.2.0
be_style/customizer 3.2.0
be_style/redaxo 3.2.0
bloecks 3.1.1
bloecks/cutncopy 3.1.1
bloecks/dragndrop 3.1.1
bloecks/status 3.1.1
cronjob 2.10.0
cronjob/article_status 2.10.0
cronjob/optimize_tables 2.10.0
debug 1.3.0
install 2.11.1
maintenance 2.9.2
media_manager 2.14.0
mediapool 2.13.0
metainfo 2.10.0
phpmailer 2.12.0
project dev
redactor 2.3.0
structure 2.15.0
structure/content 2.15.0
structure/history 2.15.0
users 2.10.0
yform 4.1.1
yform/email 4.1.1
yform/manager 4.1.1
yform/rest 4.1.1
yform/tools 4.1.1
yform_field 2.3.1
yrewrite 2.10.0

Es liegt wohl daran, dass der Feldname im where namens key hier nicht escaped wird scheinbar.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alxndr-w