Loading...
 

PDOException: SQLSTATE[HY093] - when reloading a session (after database transfer SQL format)

Status
Open
Subject
PDOException: SQLSTATE[HY093] - when reloading a session (after database transfer SQL format)
Version
4.x
Category
  • Error
  • Consistency
Feature
All / Undefined
Resolution status
New
Rating
(0)
Description

Hello,

This happens in the same context as my others tracks (3029 - 3057).

This is a problem that is completely identified.
In my opinion it is important.

Context

system

The database has been saved in SQL and loaded with upgraded versions of mysql and php 5.3.2.
There is in my opinion no relation with the system context.

Program execution

During start the current session prefs contained into cache participate to generation of the query launch to reinit the context of previous current session.

ERROR

__A fatal error occurs in tikisession-pdo.php on line 44 function write statement <$sth->execute();>

Message

PDOException: SQLSTATEHY093: Invalid parameter number: no parameters were bound in D:\Trebly\Teawik-ld8-422a\lib\tikisession-pdo.php on line 44__

Analyze

The var_dump($qry) in "prepare" function (see my interface in Class TikiDb_Pdo) gives (extract)

''object(PDOStatement)42
public 'queryString' => string 'update sessions set data='need_reload_prefs|b:0;serialized_prefs|a:9:{i:0;s:27:"feature....''

Problem identified

The problem comes from the fact that into the session->data you can find the HOMEPAGE article "title" which is, in this case (French):

s:46:"Page d'accueil spécifique des administrateurs";

so the " ' " not escaped generates the crash of the request.

Solution ?

Proposal, basis :

When the titles of articles (or any text which can occur into prefs or any query) are stored the " ' " must be escaped into the database.

Proposal for compatibility :

  1. identify any text which can be used into queries
  2. be sure that these text have " ' " escaped everywhere, if not

- upgrade database
- upgrade display for these text with escaped " ' "
- upgrade when text is got from forms the data transfer to database with the escaped " ' "
- set a test on syntax queries to catch this error. A simple test of " ' " into query which display error message (because it is impossible to execute a validate successful query).

Note :

Note : Temporarily I have implemented for me a syntax control and a validation test for " ' " into the query which escapes the incongruous " ' " with a warning message. This because with this title the content will not be found... but the query don't answers in a right manner.
To execute completely I have suppressed in my test database the " ' " into the titles. This can't be used in an operational config.

This occurs because I use for test an homepage which depend of the main group of users of the user.
So I have severals homepages managed as articles with a link to categories.

On his homepage a user can in this way find :

  1. his main homepage
  2. links to secondary homepages depending of his roles into the site

Priority
25
Demonstrate Bug (Tiki 19+)
Please demonstrate your bug on show2.tiki.org
 About show2.tiki.org

To help developers solve the bug, we kindly request that you demonstrate your bug on a show2.tiki.org instance. To start, simply select a version and click on "Create show2.tiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show2.tiki.org.

Version: Create show2.tiki.org instance
Demonstrate Bug (older Tiki versions)
Please demonstrate your bug on show.tikiwiki.org
 About show.tikiwiki.org

To help developers solve the bug, we kindly request that you demonstrate your bug on a show.tikiwiki.org instance. To start, simply select a version and click on "Create show.tikiwiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show.tikiwiki.org.

Version: Create show.tikiwiki.org instance
Created
Wednesday 14 April, 2010 00:16:29 GMT-0000
by Bernard TREMBLAY
LastModif
Wednesday 14 April, 2010 00:16:29 GMT-0000

Attachments

 filenamecreatedhitscommentversionfiletype 
No attachments for this item


Keywords

The following is a list of keywords that should serve as hubs for navigation within the Tiki development and should correspond to documentation keywords.

Each feature in Tiki has a wiki page which regroups all the bugs, requests for enhancements, etc. It is somewhat a form of wiki-based project management. You can also express your interest in a feature by adding it to your profile. You can also try out the Dynamic filter.

Accessibility (WAI & 508)
Accounting
Administration
Ajax
Articles & Submissions
Backlinks
Banner
Batch
BigBlueButton audio/video/chat/screensharing
Blog
Bookmark
Browser Compatibility
Calendar
Category
Chat
Comment
Communication Center
Consistency
Contacts Address book
Contact us
Content template
Contribution
Cookie
Copyright
Credits
Custom Home (and Group Home Page)
Database MySQL - MyISAM
Database MySQL - InnoDB
Date and Time
Debugger Console
Diagram
Directory (of hyperlinks)
Documentation link from Tiki to doc.tiki.org (Help System)
Docs
DogFood
Draw -superseded by Diagram
Dynamic Content
Preferences
Dynamic Variable
External Authentication
FAQ
Featured links
Feeds (RSS)
File Gallery
Forum
Friendship Network (Community)
Gantt
Group
Groupmail
Help
History
Hotword
HTML Page
i18n (Multilingual, l10n, Babelfish)
Image Gallery
Import-Export
Install
Integrator
Interoperability
Inter-User Messages
InterTiki
jQuery
Kaltura video management
Kanban
Karma
Live Support
Logs (system & action)
Lost edit protection
Mail-in
Map
Menu
Meta Tag
Missing features
Visual Mapping
Mobile
Mods
Modules
MultiTiki
MyTiki
Newsletter
Notepad
OS independence (Non-Linux, Windows/IIS, Mac, BSD)
Organic Groups (Self-managed Teams)
Packages
Payment
PDF
Performance Speed / Load / Compression / Cache
Permission
Poll
Profiles
Quiz
Rating
Realname
Report
Revision Approval
Scheduler
Score
Search engine optimization (SEO)
Search
Security
Semantic links
Share
Shopping Cart
Shoutbox
Site Identity
Slideshow
Smarty Template
Social Networking
Spam protection (Anti-bot CATPCHA)
Spellcheck
Spreadsheet
Staging and Approval
Stats
Survey
Syntax Highlighter (Codemirror)
Tablesorter
Tags
Task
Tell a Friend
Terms and Conditions
Theme
TikiTests
Federated Timesheets
Token Access
Toolbar (Quicktags)
Tours
Trackers
TRIM
User Administration
User Files
User Menu
Watch
Webmail and Groupmail
WebServices
Wiki History, page rename, etc
Wiki plugins extends basic syntax
Wiki syntax text area, parser, etc
Wiki structure (book and table of content)
Workspace and perspectives
WYSIWTSN
WYSIWYCA
WYSIWYG
XMLRPC
XMPP




Useful Tools