Welcome to Geeklog, Anonymous Sunday, March 03 2024 @ 09:52 am EST

Geeklog Forums

Problem with too long a group name


Status: offline

mystral-kk

Site Admin
Admin
Registered: 03/19/06
Posts: 100
Location:Japan

Hi all,
one of GL users in Japan reported that putting too long a name in group editor can cause a serious DB trouble. This happens with multibyte strings. Let me explain.

  1. You put too long a multibyte string as a name of a group into the field, which is 50 characters long.
  2. When the string is passed as $_PUT to PHP, it is already broken.
  3. The string is saved into DB at lines 464-465 (GL-1.4.1, admin/groups.php).
  4. Since the string is broken, the next SQL query (lines 466-467) fails and $grp_id is empty.
  5. Finally, SQL queries at lines 486 and 507 delete all records from the gl_access table, because $grp_id is empty.

I know this is rather a rare case, but it can cause a disastrous malfunction. How about checking the length of strings before saving them into DB?


-- mystral-kk, "Every cloud has a silver lining."
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Thanks for the report. This certainly shouldn't happen.

I've added a quick sanity check for now, but this needs more in-depth research to find out what exactly is going wrong and what we could do about it.

bye, Dirk
 Quote

Status: offline

mystral-kk

Site Admin
Admin
Registered: 03/19/06
Posts: 100
Location:Japan
Thanks for the quick reply, Dirk. We hope you'll come up with a nice solution.

-- mystral-kk, "Every cloud has a silver lining."
 Quote

Status: offline

jmucchiello

Forum User
Full Member
Registered: 08/29/05
Posts: 985
Text Formatted Code
// line 465-8 of admin/group.php
            DB_save ($_TABLES['groups'], 'grp_name,grp_descr,grp_gl_core',
                     "'$grp_name','$grp_descr',$grp_gl_core");
            $grp_id = DB_getItem ($_TABLES['groups'], 'grp_id',
                                  "grp_name = '$grp_name'");
 

The DB_getItem is the culprit. gl_groups uses an auto_incrememt primary key and as such you should be calling DB_insertId() to get that id back from the call to DB_save.

Text Formatted Code
// This code is susceptible to the same error(on line 442-4)
         // group names have to be unique, so check if this one exists already
        $g_id = DB_getItem ($_TABLES['groups'], 'grp_id',
                            "grp_name = '$grp_name'");
 

No sure how you fix that off the top of my head. Probably need to do something like:
"grp_name = '" . substr($grp_name,0,50) . "'"
 Quote

All times are EST. The time is now 09:52 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content