[TYPO3-dev] Strange escaping problem
Ulrich Lorenz PHZ Luzern
lorenz.ulrich at phz.ch
Wed May 19 13:28:08 CEST 2010
Hi Rik
After all we found out that you are right. I don't know why but in T3BLOG there are obviously two functions to get the content... one in the Bloglist widget class and the other one as Typoscript in the static template. We debugged the PHP class while the error was in the Typoscript code.
Thanks everyone.
Lorenz
> -----Ursprüngliche Nachricht-----
> Von: typo3-dev-bounces at lists.typo3.org [mailto:typo3-dev-
> bounces at lists.typo3.org] Im Auftrag von Rik
> Gesendet: Mittwoch, 12. Mai 2010 17:29
> An: typo3-dev at lists.typo3.org
> Betreff: Re: [TYPO3-dev] Strange escaping problem
>
> Ulrich Lorenz PHZ Luzern wrote:
>
> > Hi there
> >
> > The following query is spart of T3BLOG:
> >
> > $resContent = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
> > 'uid, CType, bodytext', // SELECT ...
> > 'tt_content', // FROM ...
> > 'irre_parentid = ' . $row['uid'] .
> > ' AND irre_parenttable=\'tx_t3blog_post\' ' .
> > $this->localcObj->enableFields('tt_content'),
> > 'uid', // GROUP BY ...
> > 'sorting' // ORDER BY ...
> > );
> >
> > So as you can see ' AND irre_parenttable=\'tx_t3blog_post\' ' is
> escaped
> > correctly.
> >
> > Since I got no content output from T3BLOG (title, permalink etc.
> works
> > fine) I activated SQL debug:
> >
> > SELECT *
> > FROM tt_content
> > WHERE
> > tt_content.pid IN (374) AND colPos=0 AND sys_language_uid IN (0) AND
> > irre_parenttable = \\'tx_t3blog_post\\' AND irre_parentid = 25 AND
> uid
> > in ( 1060 ) AND tt_content.deleted=0 AND tt_content.t3ver_state<=0
> AND
> > tt_content.hidden=0 AND (tt_content.starttime<=1273656780) AND
> > (tt_content.endtime=0 OR tt_content.endtime>1273656780) AND
> > (tt_content.fe_group='' OR tt_content.fe_group IS NULL OR
> > tt_content.fe_group='0' OR (tt_content.fe_group LIKE '%,0,%' OR
> > tt_content.fe_group LIKE '0,%' OR tt_content.fe_group LIKE '%,0' OR
> > tt_content.fe_group='0') OR (tt_content.fe_group LIKE '%,-1,%' OR
> > tt_content.fe_group LIKE '-1,%' OR tt_content.fe_group LIKE '%,-1' OR
> > tt_content.fe_group='-1'))
> > ORDER BY sorting
> >
> > So you see it can't work because now irre_parenttable =
> > \\'tx_t3blog_post\\' is even escaped twice.
> >
> > As an alternative I tried
> >
> > " AND irre_parenttable='tx_t3blog_post' "
>
> The query you're altering is not the one you're debugging, or you're
> giving
> us another version of the code after trying different things / altering
> the
> code, with the output from another try. It will never generate the
> current
> query AFAIK (a preemptive apology if it is, have not been working with
> Typo
> very long...).
>
> That being said: maybe disable magic_quotes_runtime in your PHP
> settings?
> http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-
> runtime
> --
> Rik
> _______________________________________________
> TYPO3-dev mailing list
> TYPO3-dev at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-dev
More information about the TYPO3-dev
mailing list