Project

General

Profile

Actions
Copy link

Bug #27761

closed

adodb doesn't quote simple quotes correctly

Added by Anonymous over 13 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2011-06-29
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.5
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

The adodb drivers are very cool and stuff but there are some problems with the quoting of parameters. For example, everytime you put a simple quote ( ' ) into a parameter, the string is wrong quoted <<<<<<<and the query parsing throws an error.

This happens with dbal using adodb driver mssql and, as far as I have seen it, it might fail for every other driver too where the "replaceString" isn't defined properly.

Currently the replaceString for the mssql driver and mssqlnative driver is '' (two simple quotes). This should be replaced by \'\' (two escaped double quotes) I think.

Greets

Tizian

Actions
Copy link
 #1

Updated by Jonas Felix over 13 years ago

Did there change anything?

Actions
Copy link
 #2

Updated by Xavier Perseguers over 13 years ago

Did not investigate yet. You told me you found some problems when this change is performed from a FE or a BE perspective. Would be useful to put this information here.

Actions
Copy link
 #3

Updated by Anonymous over 13 years ago

Hello Xavier,

in facts this the "reescaping" of the quotes is not a proper solution and should not be pursued.

I finally figured out that the problem is more likely to be solved in the dbal parser instead of the adodb core.

Greets Tizian

Actions
Copy link
 #4

Updated by Alexander Opitz about 10 years ago

  • Status changed from New to Needs Feedback
  • Is Regression set to No

Hi,

as this issue is very old. Does the problem still exists within newer versions of TYPO3 CMS (6.2.4)?

Actions
Copy link
 #5

Updated by Tizian Schmidlin about 10 years ago

We once posted a patch for this but I'm not sure it made it through gerrit.

It seems that actually, the method "replaceString" has been completely removed from the 6.2.x version, so this may or may not be an issue anymore.

As we'll be probably performing an update to 6.2 for a system using dbal, we might be able to tell you more about it about that time (2-3 months from now).

Best Regards
Tizian

Actions
Copy link
 #6

Updated by Alexander Opitz almost 10 years ago

Hi,

3 month are over ... so anything to report?

Actions
Copy link
 #7

Updated by Tizian Schmidlin almost 10 years ago

Yes, sorry about that.

We had to postpone said update, I won't be able to give any feedback before March or April 2015.

Best Regards

Tizian

Actions
Copy link
 #8

Updated by Alexander Opitz almost 10 years ago

  • Status changed from Needs Feedback to Closed

So I close this issue for now.
If you have upgraded and the issue occurs feel free to open a new issue.

Thanks for your help.

Actions
Copy link

Also available in: Atom PDF