Cotonti / Open Source PHP Content Management FrameworkContent Management Framework

Forums / Cotonti / Extensions / Support / Attachments plugin shows SQL error 42000

#1 2013-10-28 13:31

Hi everyone,

Here's a plugin I try to inplement on my Siena 0.9.14:

While editing a page, I choose which images to upload, click "Submit" on the very bottom of the page, and see the error report:

Fatal error

2013-10-28 13:25

SQL error 42000: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE att_user = 1' at line 1

Any thoughts on how to deal with it? I would gladly see any of the solutions.

#2 2013-10-28 14:48
Приходится бежать со всех ног, чтобы только оставаться на месте. А чтобы куда-то попасть, приходится бежать еще быстрее...
...Sorry for my english...
Бесплатные расширения для Cotonti:
#3 2013-10-29 08:15

Hi Alex300,

That's right, thanks for it. That seems the first version of Attachments is still not being fully ported for Siena, and Attachments 2 are way fresher.

Allright, I installed the Attachments 2. But, that's what I see when clicking on the "Upload files" link: As you can see, it's not a sort of pop-up window, but a separate page. So is any of the js files missing?

Second (but probably it's a sequence of the above issue), the attaching the files is not working: Of course, the uploads folder is under CHMOD 777, and again, that seems, some js is missing, but which one? I'll appreciate any help on my issue.

Добавлено 33 минуты спустя:

This could help: in the Opera Dragonfly, after clicking Upload, I catch this 500 Server response:


500 Internal Server Error

...while is fine.

Добавлено 2 часа спустя:

Moreover, take a look:

SQL error 42S22: Column not found: 1054 Unknown column 'att_area' in 'where clause'</p><pre style="overflow:auto">#0  cot_diefatalColumn not found: 1054 Unknown column 'att_area' in 'where clause') called at [/var/www/staleo/data/www/]
#1  CotDB->query(SELECT * FROM cot_attach
   WHERE att_area = ? AND att_item = ? ORDER BY att_order, Array ([0] => page,[1] => 17)) called at [/var/www/staleo/data/www/]

That seems like an SQL-field att_area is somehow missing.

Добавлено 2 часа спустя:

The solution for me was to run an SQL-injection from here:

For some reason, it wasn't mentioned on the plugin description page.

Anyway, opening the uploading form on a separate page (instead of the floating window on the dark background) is still an issue, how do you think it's being solved?

This post was edited by staleo (2013-10-29 13:03, 7 years ago)