I have some front page blocks based on nodeprofile fields which seem to be working fine and returning expected results. However my drupal logs are filling up with php errors on every view of the front page.
The original sql block code is:
SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5
whereas the php error log messages are like this:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3' at line 3 query: SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=) AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3; in /home/mysite/public_html/includes/database.mysql.inc on line 172.
as you can see, the WHERE part of the query is being mangled. What could cause this? As I say, the blocks seem to be working perfectly so I don't get why the php errors are filling out my log files and why the WHERE part of the query is getting altered.
Regards
Neil
Hi,
Where this SQL request is defined ?
According to php error you have an HTML encoding of the SQL string sent to mysql (' for "'" ... < for "<" ...). You must decode string before use with something like html_entity_decode();
Gwen
Neil: esl-lounge.com wrote:
I have some front page blocks based on nodeprofile fields which seem to be working fine and returning expected results. However my drupal logs are filling up with php errors on every view of the front page.
The original sql block code is:
SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5
whereas the php error log messages are like this:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3' at line 3 query: SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=) AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3; in /home/mysite/public_html/includes/database.mysql.inc on line 172.
as you can see, the WHERE part of the query is being mangled. What could cause this? As I say, the blocks seem to be working perfectly so I don't get why the php errors are filling out my log files and why the WHERE part of the query is getting altered.
Regards
Neil
Hi,
this is put into a block code text box, with php code filter applied. Here is the whole block code:
<?php global $user; $result=db_query("SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5; "); while ($u = db_fetch_object($result)) { $items[]="<li class=\"member-list\">"; $items[]="<a class=\"members-link\" href=\"user/$u->uid\">$u->name</a>"; $items[]=" <a href=\"/search/user-search?filter1=$u->field_country_value\" class=\"geo-link\">$u->field_country_value</a>"; $items[]="</li>"; } return theme('front_page_geo_blocks', $items, "From my country"); ?>
is the problem the ordering of my filters for the php filter? Where would I need to place the html_entity_decode() to prevent the code getting mangled? I don't understand how the blocks are performing as per design if the code is getting altered? :-S
Thanks
Neil
----- Original Message ----- From: "Saint-Genest Gwenael" gwenael.saint-genest@makina-corpus.com To: support@drupal.org Sent: Friday, June 06, 2008 6:07 PM Subject: Re: [support] Block php errors from Drupal Logs
Hi,
Where this SQL request is defined ?
According to php error you have an HTML encoding of the SQL string sent to mysql (' for "'" ... < for "<" ...). You must decode string before use with something like html_entity_decode();
Gwen
Neil: esl-lounge.com wrote:
I have some front page blocks based on nodeprofile fields which seem to be working fine and returning expected results. However my drupal logs are filling up with php errors on every view of the front page.
The original sql block code is:
SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5
whereas the php error log messages are like this:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3' at line 3 query: SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=) AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3; in /home/mysite/public_html/includes/database.mysql.inc on line 172.
as you can see, the WHERE part of the query is being mangled. What could cause this? As I say, the blocks seem to be working perfectly so I don't get why the php errors are filling out my log files and why the WHERE part of the query is getting altered.
Regards
Neil
Set vars directly into SQL query is not a good choice (see [1]). You can set $user->uid as parameter and '%d' into SQL string. I'm not sure that's your error but you can try with this syntax.
Gwen
[1] http://api.drupal.org/api/function/db_query/5
Neil: esl-lounge.com wrote:
Hi,
this is put into a block code text box, with php code filter applied. Here is the whole block code:
<?php global $user; $result=db_query("SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5; "); while ($u = db_fetch_object($result)) { $items[]="<li class=\"member-list\">"; $items[]="<a class=\"members-link\" href=\"user/$u->uid\">$u->name</a>"; $items[]=" <a href=\"/search/user-search?filter1=$u->field_country_value\" class=\"geo-link\">$u->field_country_value</a>"; $items[]="</li>"; } return theme('front_page_geo_blocks', $items, "From my country"); ?>
is the problem the ordering of my filters for the php filter? Where would I need to place the html_entity_decode() to prevent the code getting mangled? I don't understand how the blocks are performing as per design if the code is getting altered? :-S
Thanks
Neil
(Sorry if this reply was sent twice, I had an email glitch)
On 6/6/08, Neil: esl-lounge.com neil@esl-lounge.com wrote:
Hi,
this is put into a block code text box, with php code filter applied. Here is the whole block code:
<?php global $user; $result=db_query("SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY
From your error message, you can see that $user->uid comes empty. If it was supposed to contain the current user, make sure that you have declared $user as a global before running the query:
global $user;
HTML entity 049 is the single quote and I am not sure where it comes from. Also you could use != instead of <>. But maybe these are just side effects of the first problem.
users_1.uid DESC LIMIT 5; "); while ($u = db_fetch_object($result)) { $items[]="<li class="member-list">"; $items[]="<a class="members-link" href="user/$u->uid">$u->name</a>"; $items[]=" <a href="/search/user-search?filter1=$u->field_country_value" class="geo-link">$u->field_country_value</a>"; $items[]="</li>"; } return theme('front_page_geo_blocks', $items, "From my country"); ?>
is the problem the ordering of my filters for the php filter? Where would I need to place the html_entity_decode() to prevent the code getting mangled? I don't understand how the blocks are performing as per design if the code is getting altered? :-S
Thanks
Neil
----- Original Message ----- From: "Saint-Genest Gwenael" gwenael.saint-genest@makina-corpus.com To: support@drupal.org Sent: Friday, June 06, 2008 6:07 PM Subject: Re: [support] Block php errors from Drupal Logs
Hi,
Where this SQL request is defined ?
According to php error you have an HTML encoding of the SQL string sent to mysql (' for "'" ... < for "<" ...). You must decode string before use with something like html_entity_decode();
Gwen
Neil: esl-lounge.com wrote:
I have some front page blocks based on nodeprofile fields which seem to be
working fine and returning expected results. However my drupal logs are filling up with php errors on every view of the front page.
The original sql block code is:
SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5
whereas the php error log messages are like this:
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near ') AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3' at line 3
query: SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=) AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3; in /home/mysite/public_html/includes/database.mysql.inc on line 172.
as you can see, the WHERE part of the query is being mangled. What could cause this? As I say, the blocks seem to be working perfectly so I don't get why the php errors are filling out my log files and why the WHERE part
of the query is getting altered.
Regards
Neil
-- Gwenael Saint-Genest MAKINA CORPUS - www.makina-corpus.com 44 boulevard des Pas Enchantés FR-44230 Saint Sébastien sur Loire Tel : +33 (0) 2 40 94 96 08 -- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
Hmmm, I did declare global $user as you can see in my original code. I've seen that I'm producing possibly insecure code, so have decided to post this block job on the Paid Dev forum instead.
Thanks
Neil
----- Original Message ----- From: "Cog Rusty" cog.rusty@gmail.com To: support@drupal.org Sent: Sunday, June 08, 2008 1:28 PM Subject: Re: [support] Block php errors from Drupal Logs
(Sorry if this reply was sent twice, I had an email glitch)
On 6/6/08, Neil: esl-lounge.com neil@esl-lounge.com wrote:
Hi,
this is put into a block code text box, with php code filter applied. Here is the whole block code:
<?php global $user; $result=db_query("SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY
From your error message, you can see that $user->uid comes empty. If it was supposed to contain the current user, make sure that you have declared $user as a global before running the query:
global $user;
HTML entity 049 is the single quote and I am not sure where it comes from. Also you could use != instead of <>. But maybe these are just side effects of the first problem.
users_1.uid DESC LIMIT 5; "); while ($u = db_fetch_object($result)) { $items[]="<li class="member-list">"; $items[]="<a class="members-link" href="user/$u->uid">$u->name</a>"; $items[]=" <a href="/search/user-search?filter1=$u->field_country_value" class="geo-link">$u->field_country_value</a>"; $items[]="</li>"; } return theme('front_page_geo_blocks', $items, "From my country"); ?>
is the problem the ordering of my filters for the php filter? Where would I need to place the html_entity_decode() to prevent the code getting mangled? I don't understand how the blocks are performing as per design if the code is getting altered? :-S
Thanks
Neil
----- Original Message ----- From: "Saint-Genest Gwenael" gwenael.saint-genest@makina-corpus.com To: support@drupal.org Sent: Friday, June 06, 2008 6:07 PM Subject: Re: [support] Block php errors from Drupal Logs
Hi,
Where this SQL request is defined ?
According to php error you have an HTML encoding of the SQL string sent to mysql (' for "'" ... < for "<" ...). You must decode string before use with something like html_entity_decode();
Gwen
Neil: esl-lounge.com wrote:
I have some front page blocks based on nodeprofile fields which seem to be
working fine and returning expected results. However my drupal logs are filling up with php errors on every view of the front page.
The original sql block code is:
SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=$user->uid) AND ((users_1.uid)<>$user->uid)) ORDER BY users_1.uid DESC LIMIT 5
whereas the php error log messages are like this:
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near ') AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3' at line 3
query: SELECT content_type_nodeprofile.field_country_value, users_1.name, users_1.uid FROM ((users INNER JOIN content_type_nodeprofile ON users.uid = content_type_nodeprofile.field_uid_value) INNER JOIN content_type_nodeprofile AS content_type_nodeprofile_1 ON content_type_nodeprofile.field_country_value = content_type_nodeprofile_1.field_country_value) INNER JOIN users AS users_1 ON content_type_nodeprofile_1.field_uid_value = users_1.uid WHERE (((users.uid)=) AND ((users_1.uid)<>)) ORDER BY users_1.uid DESC LIMIT 3; in /home/mysite/public_html/includes/database.mysql.inc on line 172.
as you can see, the WHERE part of the query is being mangled. What could cause this? As I say, the blocks seem to be working perfectly so I don't get why the php errors are filling out my log files and why the WHERE part
of the query is getting altered.
Regards
Neil
-- Gwenael Saint-Genest MAKINA CORPUS - www.makina-corpus.com 44 boulevard des Pas Enchantés FR-44230 Saint Sébastien sur Loire Tel : +33 (0) 2 40 94 96 08 -- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
-
Cog Rusty -
Neil: esl-lounge.com -
Saint-Genest Gwenael