myDBR Forums » Known issues

Block of static values in editable reports?

(6 posts) (2 voices)

Tags:

No tags yet.

  1. duane, Member

    I've not found an issue that might also have been introduced due to tighter security.

    I have dbr.editable statements like:
    SELECT 'dbr.editable', 'field_name', 'sp_DBR_posting_update', 'inPostHashCode=PostHashEncoded', 'inFieldType="text"', 'inFieldName="field_name"';

    I do this so I can have one update routine for one form (vs one routine for each field!). Before updating to the latest myDBR version this worked perfectly for the last year+. Now it seems broken. What happens is an error something along the lines of:

    (1064): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'NULL' at line 1
    SQL: call sp_DBR_posting_update('username','my scrambled id==',null,null,'my value from form');

    the 'null,null' shows it isn't picking up the static values like it did before. What can be done to fix this?

  2. myDBR Team, Key Master

    It seems to be a PHP version issue. It has been fixed in the latest build.

    Just to make sure, what was the PHP version you were running?
    --
    myDBR Team

  3. duane, Member

    CREATE DEFINER=`user`@`localhost` PROCEDURE `sp_DBR_posting_update`(inLogin varchar(100), inPostHashCode varchar(255), inFieldType varchar(50), inFieldName varchar(100), inFieldValue varchar(2000)) BEGIN

    DECLARE vPostHashEncoded varchar(255) DEFAULT IFNULL(inPostHashCode, ''); DECLARE vPostHashDecoded varchar(75) DEFAULT IF(vPostHashEncoded <> '', DECODE(FROM_BASE64(vPostHashEncoded), 'fjpk3y!'), '');

    DECLARE vFieldValue varchar(2000) DEFAULT ''; DECLARE vUpdateExtraFields TEXT DEFAULT ''; DECLARE vUpdateQuery TEXT DEFAULT ''; DECLARE vOldValue varchar(255) DEFAULT ''; DECLARE vChanged TEXT DEFAULT ''; DECLARE vPayStatus varchar(255) DEFAULT '';

    SET vFieldValue = TRIM(CHAR(9) FROM REPLACE(REPLACE(REPLACE(IFNULL(TRIM(inFieldValue), ""), "\b", "\\"), '"', '""'), "'", "\'")); SET vFieldValue = stripHTML(clean_txt(vFieldValue));

    SET @OldValue = ''; SET @ChangedValue = ''; SET vUpdateQuery = CONCAT( "SELECT IFNULL(j.", inFieldName, ", ''), IFNULL(j.changed, ''), t.status INTO @OldValue, @ChangedValue, @PayStatus FROM mydb.mytable t WHERE t.hash = '", vPostHashDecoded, "'");

    #SELECT vUpdateQuery; PREPARE dynquery FROM vUpdateQuery; EXECUTE dynquery; DEALLOCATE PREPARE dynquery;

    END

  4. myDBR Team, Key Master

    See the answer and the question above.

    --
    myDBR Team

  5. duane, Member

    > Just to make sure, what was the PHP version you were running?

    PHP 8.1 (upgraded from 7.3)

  6. duane, Member

    Just updated - seemed to fix the issue - thanks again :-)

    (there are a few other issues I spotted which may be solved by this or may be separate issues so I'll raise those as separate threads if you wish)


Reply

You must log in to post.