Relationship Graph

View IssueDependency GraphShow Summary
Relationship Graph
related to related to child of child of duplicate of duplicate of

View Issue Details

WikiRelated ChangesetsJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0015264mantisbtcustom fieldspublic2012-12-06 10:112014-09-23 18:05
Reporternimmich Assigned Todregad  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version1.2.12 
Target Version1.2.13Fixed in Version1.2.13 
Summary0015264: custom_field_get_id_from_name() broken since 1.2.12
Description

custom_field_get_id_from_name() always returns false since mantisbt version 1.2.12 if the field name is longer than one character.

Reason:
db_query_bound() is called with a string as second parameter instead of an array in line 651 of custom_field_api.php.

Patch:

--- mantisbt-1.2.12\core\custom_field_api.php 2012-11-12 00:10:00.000000000 +0100
+++ mantisbt-1.2.12-new\core\custom_field_api.php 2012-12-06 16:00:27.000000000 +0100
@@ -645,13 +645,13 @@

history record created after 1.1.0a4 has the correct field

    # size (see #8002)
    $query = "SELECT id FROM $t_custom_field_table WHERE name LIKE " . db_param();
    $c_field_name = $p_field_name . '%';
}
  • $t_result = db_query_bound( $query, $c_field_name );

  • $t_result = db_query_bound( $query, array( $c_field_name ) );

    if( db_num_rows( $t_result ) == 0 ) {
    return false;
    }

    $row = db_fetch_array( $t_result );

TagsNo tags attached.

Relationships

Relationship GraphDependency Graph
related to 0015721 closedgrangeway Functionality to consider porting to master-2.0.x 

Activities

dregad

dregad

2012-12-06 10:54

developer   ~0034500

Oops :-o

Thanks for the bug report and the patch, I'll fix it right away.
grangeway

grangeway

2013-04-05 17:56

reporter   ~0036108

Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch

Related Changesets

MantisBT: master-1.2.x 6a7db340

2012-08-31 03:38

dregad


Details Diff		 Fix SQL error when sorting by custom field containing special char

Incorrect behavior is due to unnecessarily escaping of special chars by
calling db_prepare_string() on the custom field's name before attempting
to retrieve it's id with custom_field_get_id_from_name(). This causes a
double-escaping which prevents a match.

Even though this is not strictly necessary to fix the issue at hand,
this commit also replaces db_query() call by db_query_bound() in
custom_field_get_id_from_name().

Fixes 0012170		 Affected Issues
0012170, 0015264
mod - core/custom_field_api.php Diff File
mod - core/filter_api.php Diff File

MantisBT: master-1.2.x 8c9038f7

2012-12-06 10:57

dregad


Details Diff		 Fix custom_field_get_id_from_name() always returning false

Commit 6a7db3403d42cf58e8c5ebb50b60a7c090906c36 introduced an error in
the call to db_query_bound(), passing the param as a scalar value
instead of an array.

Thanks to user nimmich for noticing the issue and providing a patch.

Fixes 0015264		 Affected Issues
0015264
mod - core/custom_field_api.php Diff File

MantisBT: master d0807051

2012-12-06 10:57

dregad


Details Diff		 Fix custom_field_get_id_from_name() always returning false

Commit 6a7db3403d42cf58e8c5ebb50b60a7c090906c36 introduced an error in
the call to db_query_bound(), passing the param as a scalar value
instead of an array.

Thanks to user nimmich for noticing the issue and providing a patch.

Fixes 0015264		 Affected Issues
0015264
mod - core/custom_field_api.php Diff File