Hi each time i go to my admin page on WP i get this error on apache logs :
Sorry for the message size! (A spoil bbcode could be useful here)
this message seems to be related to a user that has an ' on his name.
AH01071: Got error 'PHP message: Erreur de la base de donn\xc3\xa9es WordPress You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Air','eutoposWildcat','JulietBravo','Bourrinopathe') ORDER BY user_id DESC' at line 1 pour la requ\xc3\xaate SELECT username, user_avatar, user_avatar_type ........... ........... FROM phpbb_users WHERE username IN('IceMaKeR','Ghostrider','Pollux','Jaj'Air','eutoposWildcat','JulietBravo','Bourrinopathe') ORDER BY user_id DESC faite par require_once('wp-admin/admin.php'), require_once('wp-admin/admin-header.php'), do_action('in_admin_header'), wp_admin_bar_render, do_action_ref_array, wp_admin_bar_my_account_item, get_avatar, apply_filters('get_avatar'), WP_w3all_phpbb::wp_w3all_phpbb_custom_avatar, WP_w3all_phpbb::wp_w3all_assoc_phpbb_wp_users, WP_w3all_phpbb::w3all_get_phpbb_avatars_url\n', referer: http://preprod.checksix-fr.com/wp-admin ... ussion.php
SQL syntax error with W3all
-
axew3
- w3all User
- Posts: 2712
- Joined: Fri Jan 22, 2016 5:15 pm
- Location: Italy
- Contact:
Re: SQL syntax error with W3all
Ok within today will be fixed.
Seem just an escape that is not done when executing query:
the user 'Jaj'Air' due to the fact contain the char ' inside, cause the bug.
Thank x bug report, within today will be fixed, together with something else, as soon is possible let you know.
Seem just an escape that is not done when executing query:
the user 'Jaj'Air' due to the fact contain the char ' inside, cause the bug.
Thank x bug report, within today will be fixed, together with something else, as soon is possible let you know.
-
axew3
- w3all User
- Posts: 2712
- Joined: Fri Jan 22, 2016 5:15 pm
- Location: Italy
- Contact:
Re: SQL syntax error with W3all
Assuming we want to get compatible with older wp_w3all installs and the plugin to be compatible about logins/registrations on both systems, the unique easy way (as WP_w3all was/is coded, and as WordPress work (if you try to add or login an username like my'use'r'name into WP, it will return error (while wp_w3all will continue to work and login usernames like [myusern]ame OR *test*[?^)): to resolve all problems, best way is to not add into WP these usernames containing not allowed chars, and setup phpBB on ACP (for new users) under
BOARD CONFIGURATION -> User registration settings -> Limit username chars: DO NOT choose Any character, or ASCII option, choose instead as option, between other available: Any letter, Number and Spacers, or others Alphanumeric options.
This problem not affect if on phpBB the above option about usernames was already setup as needed, like on this example here at axew3.com.
WP_w3all 1.5.2 will be released in very short time by this post, it also resolve the avatar problem about related issue, and another important about user addition into WP.
This below has been added on main WP_w3all faq help install page, and you should maybe read:
FROM 1.5.2 > Notice: if there are existent usernames in phpBB that contain characters not allowed on WordPress, like my'nice'name, that is a possible username in phpBB, the user will NOT be added into WordPress (while phpBB usernames like [myusern]ame OR *test*[?name^ will still be added and logged in by WP_w3all). The user with unwanted char in WP will be noticed about the problem, on any WP header page, asking him to report about the issue the administrator. To avoid this problem with new users that register in phpBB side, as above mentioned, setup phpBB on ACP under
BOARD CONFIGURATION -> User registration settings -> Limit username chars: DO NOT choose Any character, or ASCII option, choose instead as option, between other available: Any letter, Number and Spacers, or Alphanumeric options.
FROM 1.5.2 > Usernames in phpBB that contain characters not allowed on WordPress: if there are previously registered phpBB usernames with unwanted chars in WP (like my'nice'name) these users aren't added into WordPress. The easy solution to resolve this unlucky situation, without adding code into WP_w3all, is to leave all as is for the user in phpBB, and create or inform him that a new account is necessary to be integrated with other site, or delete the user into phpBB, retaining his posts if there are, and than recreating for him an account without unwanted chars. If there are users that have been added into WP before WP_w3all 1.5.2 version, reporting errors with there username in WP, please delete these users in WordPress.
https://www.axew3.com/w3/cms-plugins-scr ... tegration/
BOARD CONFIGURATION -> User registration settings -> Limit username chars: DO NOT choose Any character, or ASCII option, choose instead as option, between other available: Any letter, Number and Spacers, or others Alphanumeric options.
This problem not affect if on phpBB the above option about usernames was already setup as needed, like on this example here at axew3.com.
WP_w3all 1.5.2 will be released in very short time by this post, it also resolve the avatar problem about related issue, and another important about user addition into WP.
This below has been added on main WP_w3all faq help install page, and you should maybe read:
FROM 1.5.2 > Notice: if there are existent usernames in phpBB that contain characters not allowed on WordPress, like my'nice'name, that is a possible username in phpBB, the user will NOT be added into WordPress (while phpBB usernames like [myusern]ame OR *test*[?name^ will still be added and logged in by WP_w3all). The user with unwanted char in WP will be noticed about the problem, on any WP header page, asking him to report about the issue the administrator. To avoid this problem with new users that register in phpBB side, as above mentioned, setup phpBB on ACP under
BOARD CONFIGURATION -> User registration settings -> Limit username chars: DO NOT choose Any character, or ASCII option, choose instead as option, between other available: Any letter, Number and Spacers, or Alphanumeric options.
FROM 1.5.2 > Usernames in phpBB that contain characters not allowed on WordPress: if there are previously registered phpBB usernames with unwanted chars in WP (like my'nice'name) these users aren't added into WordPress. The easy solution to resolve this unlucky situation, without adding code into WP_w3all, is to leave all as is for the user in phpBB, and create or inform him that a new account is necessary to be integrated with other site, or delete the user into phpBB, retaining his posts if there are, and than recreating for him an account without unwanted chars. If there are users that have been added into WP before WP_w3all 1.5.2 version, reporting errors with there username in WP, please delete these users in WordPress.
https://www.axew3.com/w3/cms-plugins-scr ... tegration/
-
axew3
- w3all User
- Posts: 2712
- Joined: Fri Jan 22, 2016 5:15 pm
- Location: Italy
- Contact:
Resolved: SQL syntax error with W3all
WP_w3all 1.5.2 has been released, please update as soon!
P.S if still any problem with some evil phpBB username char come out, it will be very easy to resolve now in seconds, so just in case report!
P.S if still any problem with some evil phpBB username char come out, it will be very easy to resolve now in seconds, so just in case report!