View Issue Details

IDProjectCategoryView StatusLast Update
0019374mantisbtinstallationpublic2018-07-09 17:22
ReporterdregadAssigned Todregad 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version 
Target VersionFixed in Version1.3.0-rc.1 
Summary0019374: Install with mysqli driver triggers warning when generating SQL
Description

When generating the SQL statements instead of executing them directly, the Mantis installer throws a PHP warning

SYSTEM WARNING
'mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given' in '...\mantisbt\library\adodb\drivers\adodb-mysqli.inc.php' line 231

Tagspatch

Relationships

related to 0019635 closeddregad Update ADOdb to 5.20 

Activities

dregad

dregad

2015-02-16 08:54

developer   ~0048840

This is due to the behavior of mysqli_real_escape_string(), which differs from mysql_real_escape_string(). The former requires a valid mysqli DB connection object, while the latter has a fallback mechanism which attempts to generate a connection when given NULL.

In our case, when generating SQL $t_dict->_connectionID == false so we get the warning when ADOConnection::qstr() calls mysqli_real_escape_string().

This is an ADOdb bug which needs to be fixed upstream.

dregad

dregad

2015-02-16 09:36

developer  

adodb-mysqli.patch (1,018 bytes)
diff --git a/drivers/adodb-mysqli.inc.php b/drivers/adodb-mysqli.inc.php
index 6de3e7f..0a42973 100644
--- a/drivers/adodb-mysqli.inc.php
+++ b/drivers/adodb-mysqli.inc.php
@@ -227,16 +227,16 @@ class ADODB_mysqli extends ADOConnection {
 	{
 		if (is_null($s)) return 'NULL';
 		if (!$magic_quotes) {
-	    	if (PHP_VERSION >= 5)
+			if (PHP_VERSION >= 5 && $this->_connectionID)
 	      		return "'" . mysqli_real_escape_string($this->_connectionID, $s) . "'";
 
-		if ($this->replaceQuote[0] == '\\')
-			$s = adodb_str_replace(array('\\',"\0"),array('\\\\',"\\\0"),$s);
-	    return  "'".str_replace("'",$this->replaceQuote,$s)."'";
-	  }
-	  // undo magic quotes for "
-	  $s = str_replace('\\"','"',$s);
-	  return "'$s'";
+			if ($this->replaceQuote[0] == '\\')
+				$s = adodb_str_replace(array('\\',"\0"),array('\\\\',"\\\0"),$s);
+			return  "'".str_replace("'",$this->replaceQuote,$s)."'";
+		}
+		// undo magic quotes for "
+		$s = str_replace('\\"','"',$s);
+		return "'$s'";
 	}
 
 	function _insertid()
adodb-mysqli.patch (1,018 bytes)
dregad

dregad

2015-02-16 11:23

developer   ~0048845

Upstream bug report for reference https://github.com/ADOdb/ADOdb/issues/79

atrol

atrol

2018-07-09 17:11

developer   ~0060234

Last edited: 2018-07-09 17:12

View 2 revisions

Fixed in ADOdb since 5.20.0.
5.20.0 used in Mantis since 1.3.0-rc.1, see 0019635

Issue History

Date Modified Username Field Change
2015-02-16 08:42 dregad New Issue
2015-02-16 08:54 dregad Status new => confirmed
2015-02-16 08:54 dregad Note Added: 0048840
2015-02-16 09:36 dregad File Added: adodb-mysqli.patch
2015-02-16 09:36 dregad Tag Attached: patch
2015-02-16 11:23 dregad Note Added: 0048845
2015-02-16 11:25 dregad Description Updated View Revisions
2015-03-02 08:04 vitsaadmin Issue cloned: 0019444
2018-07-09 17:11 atrol Assigned To => atrol
2018-07-09 17:11 atrol Status confirmed => resolved
2018-07-09 17:11 atrol Resolution open => fixed
2018-07-09 17:11 atrol Fixed in Version => 1.3.0-rc.1
2018-07-09 17:11 atrol Note Added: 0060234
2018-07-09 17:11 atrol Assigned To atrol => dregad
2018-07-09 17:12 atrol Relationship added related to 0019635
2018-07-09 17:12 atrol Note Edited: 0060234 View Revisions
2018-07-09 17:22 atrol Status resolved => closed