[TYPO3-dev] Strange escaping problem
Rik
luiheidsgoeroe at hotmail.com
Wed May 12 17:29:19 CEST 2010
Ulrich Lorenz PHZ Luzern wrote:
> Hi there
>
> The following query is spart of T3BLOG:
>
> $resContent = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
> 'uid, CType, bodytext', // SELECT ...
> 'tt_content', // FROM ...
> 'irre_parentid = ' . $row['uid'] .
> ' AND irre_parenttable=\'tx_t3blog_post\' ' .
> $this->localcObj->enableFields('tt_content'),
> 'uid', // GROUP BY ...
> 'sorting' // ORDER BY ...
> );
>
> So as you can see ' AND irre_parenttable=\'tx_t3blog_post\' ' is escaped
> correctly.
>
> Since I got no content output from T3BLOG (title, permalink etc. works
> fine) I activated SQL debug:
>
> SELECT *
> FROM tt_content
> WHERE
> tt_content.pid IN (374) AND colPos=0 AND sys_language_uid IN (0) AND
> irre_parenttable = \\'tx_t3blog_post\\' AND irre_parentid = 25 AND uid
> in ( 1060 ) AND tt_content.deleted=0 AND tt_content.t3ver_state<=0 AND
> tt_content.hidden=0 AND (tt_content.starttime<=1273656780) AND
> (tt_content.endtime=0 OR tt_content.endtime>1273656780) AND
> (tt_content.fe_group='' OR tt_content.fe_group IS NULL OR
> tt_content.fe_group='0' OR (tt_content.fe_group LIKE '%,0,%' OR
> tt_content.fe_group LIKE '0,%' OR tt_content.fe_group LIKE '%,0' OR
> tt_content.fe_group='0') OR (tt_content.fe_group LIKE '%,-1,%' OR
> tt_content.fe_group LIKE '-1,%' OR tt_content.fe_group LIKE '%,-1' OR
> tt_content.fe_group='-1'))
> ORDER BY sorting
>
> So you see it can't work because now irre_parenttable =
> \\'tx_t3blog_post\\' is even escaped twice.
>
> As an alternative I tried
>
> " AND irre_parenttable='tx_t3blog_post' "
The query you're altering is not the one you're debugging, or you're giving
us another version of the code after trying different things / altering the
code, with the output from another try. It will never generate the current
query AFAIK (a preemptive apology if it is, have not been working with Typo
very long...).
That being said: maybe disable magic_quotes_runtime in your PHP settings?
http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-runtime
--
Rik
More information about the TYPO3-dev
mailing list