Projects ⇒ Bugs ⇒ #668: get_pic_data() parses LIMIT clause incorrectly ⇒ CPG Dragonfly™ CMS
Bug #668 get_pic_data() parses LIMIT clause incorrectly
Project: Dragonfly 9.0.3 -> 9.3 Category: Coppermine
Submitted: Saturday, November 19, 2005 (17:38:10) Modified: Tuesday, November 22, 2005 (21:43:47)
Status: Closed Assigned to: akamu
PHP Version: 4.4 HTTPD Server: Apache 2.0

View/Vote Add Comment

by: darkgrue
Description:
------------
The get_pic_data() clause in file html/includes/coppermine/functions.inc (v9.19 and earlier) appears to parse the LIMIT clause incorrectly. This problem became critical as a result of changes to html/modules/coppermine/displayimage.php 9.8 => 9.9, which now result in a SQL error when the slideshow function is used.

Reproduce code:
---------------
I had to deduce the function's semantic from it's usage, but assuming that the $limit1=offset and $limit2=number to return, replace in file html/includes/coppermine/functions.inc Lines 363-364:

$limit = ($limit1 >= 0) ? ' LIMIT ' . $limit1 : '';
$limit .= ($limit2 > 0) ? ' ,' . $limit2 : '';


with:

$limit = ($limit2 > 0) ? ' LIMIT '.(($limit1 >= 0) ? "$limit1, " : '').$limit2 : '';



Expected result:
----------------
The fixed code should result in a properly formed LIMIT clause.

Actual result:
--------------
Code currently results in the following example error. Note the " ,1000" terminating the SQL query:

On /coppermine/displayimage/album=5/pid=156/slideshow=5000.html
While executing query "SELECT pid, filepath, filename, p.title, keywords, url_prefix, filesize, pwidth, pheight, ctime, p.aid, p.title, caption, hits, description from cms_cpg_pictures as p INNER JOIN cms_cpg_albums AS a ON (a.aid = 5 AND visibility IN (0,3)) WHERE p.aid='5' AND approved='YES' ORDER BY filename ASC ,1000"

the following error occured: Unknown column '1000' in 'order clause'

In: /usr/local/apache2/htdocs.tcf/includes/coppermine/functions.inc on line: 380

Guest information:
User id: 1
Username: Anonymous
Admin: No
IP: 68.142.251.87
Host: lj2477.inktomisearch.com
by: akamu
This bug has been fixed in the CVS.

Snapshots of the sources are packaged every 6 hours; this change
will be in the next snapshot. You can grab the snapshot at the
Downloads section.

Thank you for the report, and for helping us to make CPG-Nuke 9.0.3 -> 9.1 better.

/cvs/html/includes/coppermine/functions.inc new revision: 9.20
/cvs/html/includes/coppermine/slideshow.inc new revision: 9.2
User Info

Welcome Anonymous



(Register)
Community

Support for DragonflyCMS in a other languages:

Deutsch
Español