Forum Menu

Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

1 new Stories in the last 2 weeks

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Friday, May 24 2013 @ 07:07 PM EDT

 Forum Index > General Discussions > Feedback New Topic Post Reply
 Problem with too long a group name
   
mystral-kk
 02/24/08 03:38AM (Read 1988 times)  
++++-
Regular Poster

Status: offline


Registered: 03/19/06
Posts: 89

Hi all,

one of GL users in Japan reported that putting too long a name in group editor can cause a serious DB trouble. This happens with multibyte strings. Let me explain.



  1. You put too long a multibyte string as a name of a group into the field, which is 50 characters long.

  2. When the string is passed as $_PUT to PHP, it is already broken.

  3. The string is saved into DB at lines 464-465 (GL-1.4.1, admin/groups.php).

  4. Since the string is broken, the next SQL query (lines 466-467) fails and $grp_id is empty.

  5. Finally, SQL queries at lines 486 and 507 delete all records from the gl_access table, because $grp_id is empty.



I know this is rather a rare case, but it can cause a disastrous malfunction. How about checking the length of strings before saving them into DB?

-- mystral-kk, "Every cloud has a silver lining."
 
Profile Email Website
 Quote
Dirk
 02/24/08 04:25PM  
AAAAA
Admin

Status: offline


Registered: 01/12/02
Posts: 13027
Thanks for the report. This certainly shouldn't happen.

I've added a quick sanity check for now, but this needs more in-depth research to find out what exactly is going wrong and what we could do about it.

bye, Dirk

 
Profile Email Website
 Quote
mystral-kk
 02/24/08 04:46PM  
++++-
Regular Poster

Status: offline


Registered: 03/19/06
Posts: 89
Thanks for the quick reply, Dirk. We hope you'll come up with a nice solution.
-- mystral-kk, "Every cloud has a silver lining."
 
Profile Email Website
 Quote
jmucchiello
 02/24/08 04:56PM  
+++++
Full Member

Status: offline


Registered: 08/29/05
Posts: 985
PHP Formatted Code
// line 465-8 of admin/group.php
            DB_save ($_TABLES['groups'], 'grp_name,grp_descr,grp_gl_core',
                     "'$grp_name','$grp_descr',$grp_gl_core");
            $grp_id = DB_getItem ($_TABLES['groups'], 'grp_id',
                                  "grp_name = '$grp_name'");
 

The DB_getItem is the culprit. gl_groups uses an auto_incrememt primary key and as such you should be calling DB_insertId() to get that id back from the call to DB_save.

PHP Formatted Code
// This code is susceptible to the same error(on line 442-4)
         // group names have to be unique, so check if this one exists already
        $g_id = DB_getItem ($_TABLES['groups'], 'grp_id',
                            "grp_name = '$grp_name'");
 

No sure how you fix that off the top of my head. Probably need to do something like:
"grp_name = '" . substr($grp_name,0,50) . "'"

 
Profile Email
 Quote
Content generated in: 0.97 seconds
New Topic Post Reply

Normal Topic Normal Topic
Sticky Topic Sticky Topic
Locked Topic Locked Topic
New Post New Post
Sticky Topic W/ New Post Sticky Topic W/ New Post
Locked Topic W/ New Post Locked Topic W/ New Post
View Anonymous Posts 
Able to post 
Filtered HTML Allowed 
Censored Content