Project

General

Profile

Bug #82799

Updated by Stephan Großberndt about 7 years ago

Open the FileListe module in TYPO3 v9 and v8.7 and try to edit a sys_file_storage by clicking on the icon in the tree and selecting "edit" when using a PostgreSQL database. 
 The backend form for the sys_file_storage does not open, instead you get an exception: 

 <pre> 
 An exception occurred while executing 'SELECT "uid", "pid" FROM "sys_file_storage" WHERE ("uid" = ?) AND ("sys_file_storage"."deleted" = 0)' with params ["1:\/"]: SQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid syntax for integer: »1:/« 
 </pre> 

 This is due to the wrong uid @1:/@ instead of @1@ being passed to @EditDocumentController@ in @/typo3/index.php?route=/record/edit&edit[sys_file_storage][1:/]=edit@ and a missing sanitation in @BackendUtility@. 

 This bug does not happen on MySQL as there the parameter is casted by MySQL to integer: 
 <pre> 
 SELECT uid FROM sys_file_storage WHERE uid='1:/'; 
 </pre> 
 works without issues on MySQL and fails on PostgreSQL.

Back