search

poggit-orphanage / FactionsPro

By Tethered
21 stars 69 forks source link

Breaking / Placing Block causes error which kicks user due to internal server error? #74

Open exprez135 opened 5 years ago

exprez135 commented 5 years ago 
14:05:34 <Server thread/Critical> ErrorException: "SQLite3::query(): Unable to prepare statement: 1, near "s": syntax error" (EXCEPTION) in "plugins/FactionsPro/src/FactionsPro/FactionMain" at line 438

14:05:34 <Server thread/Debug> #0 (): pocketmine\utils\Utils::errorExceptionHandler(integer 2, string SQLite3::query(): Unable to prepare statement: 1, near "s": syntax error, string /_[[Local Path]]_/plugins/FactionsPro/src/FactionsPro/FactionMain.php, integer 438, array Array())

14:05:34 <Server thread/Debug> #1 plugins/FactionsPro/src/FactionsPro/FactionMain(438): SQLite3->query(string SELECT faction FROM plots WHERE 216 <= x1 AND 216 >= x2 AND -150 <= z1 AND -150 >= z2 AND world = 'Vonky's Worldmap1';)

14:05:34 <Server thread/Debug> #2 plugins/FactionsPro/src/FactionsPro/FactionListener(99): FactionsPro\FactionMain->pointIsInPlot(integer 216, integer -150, string Vonky's Worldmap1)

14:05:34 <Server thread/Debug> #3 src/pocketmine/plugin/MethodEventExecutor(38): FactionsPro\FactionListener->factionBlockBreakProtect(pocketmine\event\block\BlockBreakEvent object)

14:05:34 <Server thread/Debug> #4 src/pocketmine/plugin/RegisteredListener(98): pocketmine\plugin\MethodEventExecutor->execute(FactionsPro\FactionListener object, pocketmine\event\block\BlockBreakEvent object)

14:05:34 <Server thread/Debug> #5 src/pocketmine/event/Event(99): pocketmine\plugin\RegisteredListener->callEvent(pocketmine\event\block\BlockBreakEvent object)

14:05:34 <Server thread/Debug> #6 src/pocketmine/level/Level(1900): pocketmine\event\Event->call()

14:05:34 <Server thread/Debug> #7 src/pocketmine/Player(2606): pocketmine\level
\Level->useBreakOn(pocketmine\math\Vector3 object, pocketmine\item\Pickaxe object, pocketmine\Player object, boolean 1)

14:05:34 <Server thread/Debug> #8 src/pocketmine/network/mcpe/PlayerNetworkSessionAdapter(156): pocketmine\Player->handleInventoryTransaction(pocketmine\network\mcpe\protocol\InventoryTransactionPacket object)

14:05:34 <Server thread/Debug> #9 src/pocketmine/network/mcpe/protocol/InventoryTransactionPacket(158): pocketmine\network\mcpe\PlayerNetworkSessionAdapter->handleInventoryTransaction(pocketmine\network\mcpe\protocol\InventoryTransactionPacket object)

14:05:34 <Server thread/Debug> #10 src/pocketmine/network/mcpe/PlayerNetworkSessionAdapter(116): pocketmine\network\mcpe\protocol\InventoryTransactionPacket->handle(pocketmine\network\mcpe\PlayerNetworkSessionAdapter object)

14:05:34 <Server thread/Debug> #11 src/pocketmine/network/mcpe/protocol/BatchPacket(127): pocketmine\network\mcpe\PlayerNetworkSessionAdapter->handleDataPacket(pocketmine\network\mcpe\protocol\InventoryTransactionPacket object)

14:05:34 <Server thread/Debug> #12 src/pocketmine/network/mcpe/PlayerNetworkSessionAdapter(116): pocketmine\network\mcpe\protocol\BatchPacket->handle(pocketmine\network\mcpe\PlayerNetworkSessionAdapter object)

14:05:34 <Server thread/Debug> #13 src/pocketmine/Player(3378): pocketmine\network\mcpe\PlayerNetworkSessionAdapter->handleDataPacket(pocketmine\network\mcpe\protocol\BatchPacket object)

14:05:34 <Server thread/Debug> #14 src/pocketmine/network/mcpe/RakLibInterface(169): pocketmine\Player->handleDataPacket(pocketmine\network\mcpe\protocol\BatchPacket object)

14:05:34 <Server thread/Debug> #15 vendor/pocketmine/raklib/src/server/ServerHandler(99): pocketmine\network\mcpe\RakLibInterface->handleEncapsulated(string _[[Player IP Address]]_ 63030, raklib\protocol\EncapsulatedPacket object, integer 0)

14:05:34 <Server thread/Debug> #16 src/pocketmine/network/mcpe/RakLibInterface(109): raklib\server\ServerHandler->handlePacket()

14:05:34 <Server thread/Debug> #17 src/pocketmine/network/mcpe/RakLibInterface(99): pocketmine\network\mcpe\RakLibInterface->process()

14:05:34 <Server thread/Debug> #18 vendor/pocketmine/snooze/src/SleeperHandler(123): pocketmine\network\mcpe\RakLibInterface->pocketmine\network\mcpe{closure}()

14:05:34 <Server thread/Debug> #19 vendor/pocketmine/snooze/src/SleeperHandler(85): pocketmine\snooze\SleeperHandler->processNotifications()

14:05:34 <Server thread/Debug> #20 src/pocketmine/Server(2392): pocketmine\snooze\SleeperHandler->sleepUntil(double 1558620334.6051)

14:05:34 <Server thread/Debug> #21 src/pocketmine/Server(2297): pocketmine\Server->tickProcessor()

14:05:34 <Server thread/Debug> #22 src/pocketmine/Server(1875): pocketmine\Server->start()

14:05:34 <Server thread/Debug> #23 src/pocketmine/PocketMine(266):pocketmine\Server->__construct(BaseClassLoader object, pocketmine\utils\MainLogger object, string _[[Local Path]]_, string _[[Local Path]]_/plugins/)

14:05:34 <Server thread/Debug> #24 (1): require_once(string phar://_[[Local Path]]_/PocketMine-MP.phar/src/pocketmine/PocketMine.php)

14:05:34 <Server thread/Debug> [PurePerms] Unregistering player _[[Player Name]]_...

14:05:34 <Server thread/Info> _[[Player Name]]_ left the game

14:05:34 <Server thread/Info> _[[Player Name]]_[/_[[Player IP Address]]_:63030] logged out due to Internal server error

14:05:34 <RakLibServer thread/Notice> Blocked _[[Player IP Address]]_ for 5 seconds

Note: I've removed usernames and put: [[Player Name]] Replaced Player's IP address with: [[Player IP Address]] And my user path to my server directory with: [[Local Path]]

Awzaw commented 5 years ago

It's a very bad idea to use an apostrophe in your world name... I doubt this is the only plugin with which you'll have problems doing that.

SOF3 commented 5 years ago

It is an even worse idea to leave holes for SQL injection.

exprez135 commented 5 years ago

@Awzaw, I was stupid by downloading a pre-built world to use and not renaming it first. Do you think this is the problem causing the error?

@SOF3, luckily, this server is just for a few friends and myself.

Thank you both for helping.

Awzaw commented 5 years ago

Between the two versions of FactionsPro there are 105 queries that need updating with prepared statements and bound parameters :-(