Bug #94562
openLink field - insufficiently checked input leads to reference index error
0%
Description
Description:
Editors try to enter a phone number without using the wizard next to the link field. This causes errors like the following when saving the content element and also during referenceindex:update.
An exception occurred while executing 'INSERT INTO `sys_refindex` (`tablename`, `recuid`, `field`, `flexpointer`, `softref_key`, `softref_id`, `sorting`, `deleted`, `workspace`, `ref_table`, `ref_uid`, `ref_string`, `hash`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' with params ["sys_file_reference", 273664,
"link", "", "typolink", "091c6845bc9ae493200c100e8a92c110:0", -1, 0, 0, "pages", 1234567890, "", "27a9027f6e7866acd34f158860fc865d"]:
Out of range value for column 'ref_uid' at row 1
This occures in TYPO3 10 and TYPO3 11.
To reproduce this problem
- Create a content element (with image field).
- In the file reference / image use the link field or use the content element link field and enter 012345678910.
- Optional: start the cli -> referenceindex:update
The number is interpreted as a content id / ref_uid.
Updated by Sybille Peters over 2 years ago
I could reproduce the problem with your description in latest master (11-dev).
The exception also occurs whenever the content element is modified in any way later.
Updated by Dennis Metz almost 2 years ago
I have the same problem with a pure link field in a separate table.
Here, too, an attempt is made to make an ID out of the telephone number.
'link' => [
'exclude' => false,
'label' => 'LINKFELD',
'config' => [
'type' => 'input',
'renderType' => 'inputLink',
'size' => 20,
'max' => 1024,
'fieldControl' => [
'linkPopup' => [
'options' => [
'title' => 'LLL:EXT:core/Resources/Private/Language/locallang_tca.xlf:sys_file_reference.link',
],
],
],
'softref' => 'typolink',
],
],
Updated by Riccardo De Contardi 24 days ago
On TYPO3 12 and 13 I got an exception with the following test:
1) Create a page
2) Create a CE (e.g. CType = header)
3) paste into the Link [header_link]
field the number: 012345678910
4) Save it
Result¶
An exception occurs:
(1/3) #1264 Doctrine\DBAL\Exception\DriverException An exception occurred while executing a query: Out of range value for column 'ref_uid' at row 1 in /var/www/html/vendor/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php line 117
By the way: the number is saved anyway...
You can avoid the issue by pasting in the field: tel:012345678910
It is better to pull out a message error (like: "link type not recognized" or whatever) instead of throwing an exception.
would it be a good idea that the field should validate only strings entered that begins with
t3:// http(s):// tel: mailto:
?