I have recently upgraded Joomla from 2.5 to 3.0 and also upgraded my JomSocial to the latest version. Immediately after upgrading, everything worked fine. I then woke up this morning to a SQL error. There is as follows:
1064 You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'AND memberid=1293' at line 1 SQL=DELETE FROM
d8whn_community_groups_members WHERE groupid= AND memberid=1293
because of this error I cannot get to my admin page anymore. I get this error on both the main site and the admin site.
I think this is being caused by JomSocial since it references the community_groups_members table. So I attempted to manually remove all of the components and plugins, and modules, as well as all of the tables that contained _community in the database. So My question is two fold.
Has anyone experienced this and do you possibly have a solution?
Is there a way that I can directly pinpoint which file the error is coming from?
This is a critical problem as it has my site completely down. Can anyone help me?
THanks so much for your time.
The error is caused by a model having incomplete information about the user: it is trying to access user 1293 group memberships, but it has no groupid available; also, the error would be easily preventable if the statement were written like this:
'... where groupid='.$db->quote($groupid).' AND memberid='. $db->quote($memberid)
That said, removing jomsocial entirely should get rid of it. Did you follow their upgrade guide which lists the plugins you need to uninstall? Search for the following strings in the plugin manager to find all:
joms
commu
zend
azrul
Else if you want to spot the error and keep jomsocial on your site, or should this procedure not get rid of the error, simply find the following strings in your site:
groupid
memberid
#__community_groups_members
the latter being easiest to spot with only 81 occurrences in the latest jomsocial version. I checked a few files, and many escape values properly. This means you can most likely solve by upgrading jomsocial to the latest version. If the error is still there it could be in a custom plugin / module / template, but it will show up in the search for the above strings.
Related
Bit of a back story, I was using MySQL Server 5.X on an old server. Retired server and migrated all data to a new server with MySQL 8.0.11 (now 8.0.12) installed. Used Legacy authentication to reduce issues.
This seemed to work and all my programs open/ran as expected. I've been editing them and publishing without any issues as well, however in that time I have not had any reason to change any of the data sources.
I've gone to change the data source today though and can not get it to work for the life of me.
If I try and make any changes I get the error "Configure TableAdapter tbl_users failed. Specified cast is not valid.". Obviously the table name varies and this happens regardless of which table (even trying to add a new table that I've just created).
It seems to work though, but on closer inspection, the delete and update commands are not created which means if I try and run the application I just get errors.
I've currently got:
Visual Studio 2015
MySQL Connector Net 6.9.8
MySQL for Visual Studio 1.2.7
Thanks in advance for any help/ideas.
#A Tyler. I suggest trying to update the MySQL for Visual Studio and MySQL connector to the newest versions. Have you tried that?
I think this issue is somehow related with the one described here.
https://bugs.mysql.com/bug.php?id=31338
This bug dates back to version 5.1 of the connector and VS 2005... should have been fixed right now, but the symptoms are very similar.
Maybe you found any other solution?
Update:
I 'slept' with the problem and found a workaround on the next day. This does not really solve the issue but made it possible to continue with the project.
I went to the 'properties' window of a table adapter and manually edited select and update commands there. It caused the table adapter to reflect these changes and I could use the new table field in my program. For me, this is good enough.
I get following message when trying to first install the typo3 7.6 LTS version.
I have tried several new databases, they are all empty and I still keep getting this error:
**Error:
Duplicate entry '1' for key 'PRIMARY'**
You could try to empty that table by hand and execute the shown sql query by hand. Maybe you can identify the error.
You also should compare the definition of the table in question.
maybe your mysql(?) has some problems creating the tables as expected.
I was able to access the backend by calling the URL, even without making it to step5 (100%) the backend opens up. Step 4/5 would reload and redirect so I tried logging into the backend without finishing to the last step. It seems to work.
I am using PhpStorm 2016.1.2 and have been comfortably using PhpStorm for a couple of years. I have my Storm set up with the Database connection and displaying the MySQL database that my PHP pages connect to. The SQL is usually written within the PHP page in custom functions via a database connection class.
An example code chunk:
$checkData = $dataBaseSecure->getSelect(
"SELECT check_login.fail_id, UNIX_TIMESTAMP(check_login.last_action) AS timer
FROM check_login WHERE check_login.ip_addr = ? AND check_login.check_drop = ? ",
$data, TRUE);
Don't worry about the database PHP wrapper, this style and layout of SQL in PHP has been around on my work for a couple of years, in PhpStorm and works completely and accurately on the server and on all testings.
As Of Yesterday (17th June 2016)
I don't know what's changed but suddenly PhpStorm is now telling me, on all my SQL strings, across all my Projects:
Unable to resolve symbol '<table name>'
or
Unable to resolve column '<column name>'
And also (due to this) PhpStorm no longer carries out any auto-complete or organisation functions as I work on my SQL code.
Solutions I've tried
I have already tried to invalidate and revalidate my caches based on this answer to a similar question. But that hasn't helped.
I have very carefully explored my settings but the PhpStorm Database tab successfully connects to the database, and as far as I'm aware I made no changes to cause this change in behaviour.
I have looked over the various (and many) settings in PhpStorm preferences but seen nothing that has shone any light on this issue, or the changes I have tweaked have not resolved it.
I have found this answer but this does not seem to apply as my table names are not variables. I have also found this post, which while dated 2014 shows a similar issue but not a suitable solution.
I only have one database connection in most projects, but the number of databases doesn't seem to effect if this issue occurs.
Fully escaping SQL queries with appropriate backticks around named entities does not resolve the issue.
I have correctly configured my SQL dialect to the correct MySQL.
Reading related posts I'm found on Stack Overflow has provided no useful information.
I have no plugins in PhpStorm that relate to this issue or PHP/MySQL interaction.
If you have any ideas how to resolve this please tell me. If you have specific preferences you'd like me to check please let me know and I can add them into the question, (there are so many preferences in PhpStorm I won't post them all here right now, as I'm sure most are not related to this issue).
The Key is that this system was working perfectly two days ago!!!
Please try re-synchronizing your DB schemas -- just in case if it somehow got corrupted or invalid.
If it did not give any visual results -- try more radical version of it:
close IDE
open .idea subfolder for this project (the place where this project settings are stored)
delete dataSources.ids file
re-open project in IDE
re-sync DB structure / re-create DB connection from scratch.
None of the above worked for me - what eventually did was...
Selecting a portion of the SQL string that would run and then right clicking and selecting "Execute" and selecting the schema.
For some reason that allowed PHPStorm (more like light
drizzle) to figure out what it should be looking at.
I been using mysql 5.6 for a while now,
Sometimes when I make some changes in the procedure , table or function and try to save them MySQL refuses to save them and shows a error message like "No Changes detected". here I am not talking about changing cases or managing spacing. Even If I add some new column and add new condition in the procedure its unable to detect the change
Can anybody help me out with this MySQL bug
I have even upgraded to MySQL 5.7 but still problem persist.
I overcome this bug by removing the "DEFINER=root#localhost" part from the editor and then click on "Apply". It works 99% of times.
Eg: For a function or procedure, below is the declaration you see at top. Just remove the DEFINER string as described above and try it.
CREATE DEFINER=root#localhost FUNCTION/PROCEDURE
Since this is not a MySQL server error response, I assume you are trying to update your procedures with the MySQL visual tool workbench (http://www.mysql.com/products/workbench/)
I found bug reports on mysql.com pointing out similar issues. http://bugs.mysql.com/bug.php?id=68434
Those might be fixed with the latest version 6.0 of MySQL workbench.
If not, a possible workaround would be to drop and recreate procedures.
If you are using MySQL Work bench this means that the SQL script is identical to the copy in the database.
This generally happens for 1 of 2 reasons
Either the Files are Identical, or the script failed to parse as valid SQL and its has then defaulted to the original script. if you check the message log then the second one should say
Action:Apply changes to [scriptName]_SYNTAX_ERROR
Message:No changes detected
this can be confusing as the Commit Dialogue only displays the message not the action
I just needed some help regarding validating links for sql injection automatically.
For instance:
There is a site so called as
http://www.example.com/news.php?id=13
After inserting quotation at the end we get an MySql error like this
http://www.example.com/news.php?id=13'
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' order by Sort DESC Limit 0,12' at line 1
So i was wondering is there any way by which i can check these links for errors automated. Like before the injected url execution it should show normal status but after injection it should show abnormal status.
NOTE: I am not talking about my website. I am developing an application online that will be free for developers for checking there site security.
Any help will be appreciated :)
Validating has nothing to do with injections.
Validating and injection protection are completely different tasks.
You may validate your data whatever way you like, but injection protection is completely different matter. It is data independent.
Your code have to be able to insert whatever data - links, numbers, HTML codes, binary objects - whatever.
I've explained the whole matter earlier, so, I won't repeat myself.
As for the validation - you may check your links to be valid - with http:// in front and such. but again, it has nothing to do with injections.
I am developing an application online that will be free for developers for checking there site security.
Gosh! Are you sure you are experienced enough?