search

adelahmd / mollify

Automatically exported from code.google.com/p/mollify
0 stars 0 forks source link

Public shared link not working: malformed SQL query #581

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Create a collection and make a link to share it "public, no restriction"
2. Log off
3. Access the link
4. You get "The requested share was not found" and in the log you see a 
malformed SQL query

[Fri Dec 19 14:05:52 2014] [error] MOLLIFY DEBUG: DB QUERY: SELECT name, value, 
user_id, subject FROM (SELECT value, name, user_id, subject, (case when subject 
= '' then 2 else 1 end) as cat1, (IF(user_id = '', 1, IF(user_id = '0', 3, 2))) 
as cat2, 0 as cat3 FROM mollify_permission WHERE name ='filesystem_item_access' 
AND (subject = '' OR subject = '54917ae0c0afe') AND (user_id in (0,))) as u 
ORDER BY name ASC, u.cat1 ASC, u.cat2 ASC, u.cat3 ASC, u.value DESC
[Fri Dec 19 14:05:52 2014] [error] MOLLIFY ERROR: ServiceException: 
INVALID_CONFIGURATION=Error executing query (SELECT name, value, user_id, 
subject FROM (SELECT value, name, user_id, subject, (case when subject = '' 
then 2 else 1 end) as cat1, (IF(user_id = '', 1, IF(user_id = '0', 3, 2))) as 
cat2, 0 as cat3 FROM mollify_permission WHERE name ='filesystem_item_access' 
AND (subject = '' OR subject = '54917ae0c0afe') AND (user_id in (0,))) as u 
ORDER BY name ASC, u.cat1 ASC, u.cat2 ASC, u.cat3 ASC, u.value DESC): You have 
an error in your SQL syntax; check the manual that corresponds to your MySQL 
server version for the right syntax to use near '))) as u ORDER BY name ASC, 
u.cat1 ASC, u.cat2 ASC, u.cat3 ASC, u.value DESC' at line 1
[Fri Dec 19 14:05:52 2014] [error] MOLLIFY ERROR: 
{0:{file:/htdocs/docs/backend/include/permissions/PermissionsDao.class.php, 
line:97, function:query, class:MySQLIDatabase, type:->, args:{0:SELECT name, 
value, user_id, subject FROM (SELECT value, name, user_id, subject, (case when 
subject = '' then 2 else 1 end) as cat1, (IF(user_id = '', 1, IF(user_id = '0', 
3, 2))) as cat2, 0 as cat3 FROM mollify_permission WHERE name 
='filesystem_item_access' AND (subject = '' OR subject = '54917ae0c0afe') AND 
(user_id in (0,))) as u ORDER BY name ASC, u.cat1 ASC, u.cat2 ASC, u.cat3 ASC, 
u.value DESC}}, 
1:{file:/htdocs/docs/backend/include/permissions/PermissionsDao.class.php, 
line:21, function:getEffectiveFilesystemPermissions, 
class:Mollify_PermissionsDao, type:->, args:{0:filesystem_item_access, 
1:FILESYSTEMITEM Folder (LocalFilesystem): [54917ae0c0afe] = 'Citrix' (), 2:, 
3:{}}}, 
2:{file:/htdocs/docs/backend/include/permissions/PermissionsController.class.php
, line:148, function:getFilesystemPermission, class:Mollify_PermissionsDao, 
type:->, args:{0:filesystem_item_access, 1:FILESYSTEMITEM Folder 
(LocalFilesystem): [54917ae0c0afe] = 'Citrix' (), 2:, 3:{}}}, 
3:{file:/htdocs/docs/backend/include/permissions/PermissionsController.class.php
, line:187, function:getFilesystemPermission, 
class:Mollify_PermissionsController, type:->, args:{0:filesystem_item_access, 
1:FILESYSTEMITEM Folder (LocalFilesystem): [54917ae0c0afe] = 'Citrix' ()}}, 
4:{file:/htdocs/docs/backend/include/filesystem/FilesystemController.class.php, 
line:235, function:hasFilesystemPermission, 
class:Mollify_PermissionsController, type:->, args:{0:filesystem_item_access, 
1:FILESYSTEMITEM Folder (LocalFilesystem): [54917ae0c0afe] = 'Citrix' (), 
2:r}}, 
5:{file:/htdocs/docs/backend/include/filesystem/FilesystemController.class.php, 
line:250, function:hasRights, class:FilesystemController, type:->, 
args:{0:FILESYSTEMITEM Folder (LocalFilesystem): [54917ae0c0afe] = 'Citrix' (), 
1:r}}, 
6:{file:/htdocs/docs/backend/include/filesystem/FilesystemController.class.php, 
line:360, function:isFolderValid, class:FilesystemController, type:->, 
args:{0:{id:2, type:local, name:Citrix, path:citrix}}}, 
7:{file:/htdocs/docs/backend/plugin/ItemCollection/dao/ItemCollectionDao.class.p
hp, line:141, function:item, class:FilesystemController, type:->, 
args:{0:54917d78cc831}}, 
8:{file:/htdocs/docs/backend/plugin/ItemCollection/dao/ItemCollectionDao.class.p
hp, line:31, function:items, class:ItemCollectionDao, type:->, 
args:{0:{0:54917d78cc831, 1:549408202f172}}}, 
9:{file:/htdocs/docs/backend/plugin/ItemCollection/ItemCollectionHandler.class.p
hp, line:76, function:getItemCollection, class:ItemCollectionDao, type:->, 
args:{0:9}}, 10:{file:/htdocs/docs/backend/plugin/Share/ShareHandler.class.php, 
line:276, function:getShareInfo, class:ItemCollectionHandler, type:->, 
args:{0:9, 1:{id:A43A6756D4FB4647B751A86C0C2F841E, name:prueba5, item_id:ic_9, 
active:1, restriction:pw}}}, 
11:{file:/htdocs/docs/backend/plugin/Share/ShareHandler.class.php, line:159, 
function:getCustomShareInfo, class:ShareHandler, type:->, args:{0:ic, 1:9, 
2:{id:A43A6756D4FB4647B751A86C0C2F841E, name:prueba5, item_id:ic_9, active:1, 
restriction:pw}}}, 
12:{file:/htdocs/docs/backend/plugin/Share/ShareHandler.class.php, line:149, 
function:doGetSharePublicInfo, class:ShareHandler, type:->, 
args:{0:{id:A43A6756D4FB4647B751A86C0C2F841E, name:prueba5, item_id:ic_9, 
active:1, restriction:pw}}}, 
13:{file:/htdocs/docs/backend/plugin/Share/PublicShareServices.class.php, 
line:27, function:getPublicShareInfo, class:ShareHandler, type:->, 
args:{0:A43A6756D4FB4647B751A86C0C2F841E}}, 
14:{file:/htdocs/docs/backend/include/services/ServicesBase.class.php, line:53, 
function:processGet, class:PublicShareServices, type:->, args:{}}, 
15:{file:/htdocs/docs/backend/include/MollifyBackend.class.php, line:85, 
function:processRequest, class:ServicesBase, type:->, args:{}}, 
16:{file:/htdocs/docs/backend/r.php, line:63, function:processRequest, 
class:MollifyBackend, type:->, args:{0:Request}}}
[Fri Dec 19 14:05:52 2014] [error] MOLLIFY DEBUG: RESPONSE error {0:105, 
1:Invalid configuration, 2:403} Error executing query (SELECT name, value, 
user_id, subject FROM (SELECT value, name, user_id, subject, (case when subject 
= '' then 2 else 1 end) as cat1, (IF(user_id = '', 1, IF(user_id = '0', 3, 2))) 
as cat2, 0 as cat3 FROM mollify_permission WHERE name ='filesystem_item_access' 
AND (subject = '' OR subject = '54917ae0c0afe') AND (user_id in (0,))) as u 
ORDER BY name ASC, u.cat1 ASC, u.cat2 ASC, u.cat3 ASC, u.value DESC): You have 
an error in your SQL syntax; check the manual that corresponds to your MySQL 
server version for the right syntax to use near '))) as u ORDER BY name ASC, 
u.cat1 ASC, u.cat2 ASC, u.cat3 ASC, u.value DESC' at line 1

What is the expected output? What do you see instead?

Download the file 

What version of the product are you using? On what operating system?

product 2.5.17
operating system OpenBSD 5.5

Please provide any additional information below.

The function "getEffectiveFileSystemPermissions" in "PermissionsDao.class.php" 
expects 4 parameters. In this case the parameter "$userId" has no value so this 
line here:

$userIds = array(0, $userId);

makes a comma terminated array, which is invalid in the SQL query:

AND (user_id in (0,)))

Original issue reported on code.google.com by joaki...@gmail.com on 19 Dec 2014 at 1:12

GoogleCodeExporter commented 8 years ago 
Fixed in 2.5.18

Original comment by samuli.j...@gmail.com on 29 Dec 2014 at 8:36