search

biow0lf / evedev-kb

Automatically exported from code.google.com/p/evedev-kb
1 stars 0 forks source link

Unhandled error condition when reading invalid syndication feed #217

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Version: 4.0.4

When reading a feed that produces invalid XML, the following errors are raised.

Database error: You have an error in your SQL syntax; check the manual that 
corresponds to your MySQL server version for the right syntax to use near 'and 
d.attributeID in (137,602)' at line 5
SQL: select itt_slot from kb3_item_types inner join kb3_dgmtypeattributes d 
where itt_id = d.value and d.typeID = and d.attributeID in (137,602);
ERROR [256] SQL error (You have an error in your SQL syntax; check the manual 
that corresponds to your MySQL server version for the right syntax to use near 
'and d.attributeID in (137,602)' at line 5
Error on line 46 in file 
/var/www/killboard.aie-universal.com/common/includes/class.dbnormalquery.php
PHP 5.3.13 (Linux), EDK 4.0.4 (Crucible)
File: 
/var/www/killboard.aie-universal.com/common/includes/class.dbnormalquery.php, 
line: 46, function: trigger_error
File: /var/www/killboard.aie-universal.com/common/includes/class.item.php, 
line: 152, class: DBNormalQuery, function: execute
File: /var/www/killboard.aie-universal.com/common/includes/class.idfeed.php, 
line: 806, class: Item, function: getSlot
File: /var/www/killboard.aie-universal.com/common/includes/class.idfeed.php, 
line: 556, class: IDFeed, function: processItem
File: /var/www/killboard.aie-universal.com/common/includes/class.idfeed.php, 
line: 485, class: IDFeed, function: processKill
File: /var/www/killboard.aie-universal.com/common/includes/class.idfeed.php, 
line: 138, class: IDFeed, function: processFeed
File: 
/var/www/killboard.aie-universal.com/common/admin/admin_idfeedsyndication.php, 
line: 155, class: IDFeed, function: read
File: 
/var/www/killboard.aie-universal.com/common/admin/admin_idfeedsyndication.php, 
line: 83, function: getIDFeed
File: /var/www/killboard.aie-universal.com/common/index.php, line: 293, 
function: include
File: /var/www/killboard.aie-universal.com/index.php, line: 27, function: 
include

The feed we are reading is for our alliance 
(http://kb.pleaseignore.com/?a=idfeed) and it is intermittently returning 
invalid XML.  Attached is the XML that is being parsed.

The error is being raised because a null value is being interpolated into the 
SQL querystring at line 152 in common/includes/class.item.php.  The 
$this->row_['typeID'] is not populated and not validatred before the query is 
built.

        // if item has no slot get the slot from parent item
        if ($this->row_['itt_slot'] == 0) {
            $qry = DBFactory::getDBQuery();
            $query = "select itt_slot from kb3_item_types
                        inner join kb3_dgmtypeattributes d
                        where itt_id = d.value
                        and d.typeID = ".$this->row_['typeID']."
                        and d.attributeID in (137,602);";
            $qry->execute($query);
            $row = $qry->getRow();

Original issue reported on code.google.com by mroga...@gmail.com on 29 Jun 2012 at 2:53

Attachments:

GoogleCodeExporter commented 9 years ago 
I ran into this problem too.... In the meantime (and I do not know the 
consequences of this) I simply put a null-check on the $this->row_['typeID'] in 
the if statement  to prevent the query if that value is null. It has solved the 
error and the killlogs import fully now, but no telling what this might be 
doing to my DB

Original comment by Ghostfro...@gmail.com on 11 Jul 2012 at 4:05

GoogleCodeExporter commented 9 years ago 
I can't reproduce the problem with that xml, but a possible null built into a 
query is a bad idea anyway.

Original comment by idun@theexecutioners.org on 16 Jan 2013 at 8:40

GoogleCodeExporter commented 9 years ago 
This issue was closed by revision 334830891714.

Original comment by idun@theexecutioners.org on 16 Jan 2013 at 8:41

GoogleCodeExporter commented 9 years ago 
Issue 214 has been merged into this issue.

Original comment by idun@theexecutioners.org on 16 Jan 2013 at 8:47

GoogleCodeExporter commented 9 years ago 
Issue 215 has been merged into this issue.

Original comment by idun@theexecutioners.org on 16 Jan 2013 at 8:47

GoogleCodeExporter commented 9 years ago 
lol ... rev 334830891714 does not fix the error AT ALL - it just HIDES it.

You guys clearly are incompetent.

Original comment by dma2...@t-online.de on 16 Jan 2013 at 4:02

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
Clearly, because returning a slot of zero for an invalid item is clearly a huge 
deal. If the xml is truly invalid other checks elsewhere catch it and fail to 
add kills. Big freakin deal.

Original comment by idun@theexecutioners.org on 17 Mar 2013 at 6:01

GoogleCodeExporter commented 9 years ago 
lol ... was that supposed to be an english sentence? Because it isnt, sorry.

Original comment by dma2...@t-online.de on 17 Mar 2013 at 12:16