View Full Version : What does this mean??
MistyMeanor
07-27-2003, 06:24 PM
What does this mean?? This member has said that she gets kicked off the forum every 5 minutes, and can't view the link we have for our Signature Tags. But no one else seems to be having this problem??
Database error in vBulletin 2.2.9:
Invalid SQL: UPDATE webtemplates SET lastvisitorname='Lovin' Momma', lastvisittime='01:17 PM' WHERE title='sig_tags'
mysql error: You have an error in your SQL syntax near 'Momma', lastvisittime='01:17 PM' WHERE title='sig_tags'' at line 1
mysql error number: 1064
Date: Sunday 27th of July 2003 01:17:00 PM
Script: http://www.eotc-pets.com/vb/forums/vb/forums/show.php?pg=sig_tags
Referer: http://www.eotc-pets.com/vb/forums/index.php?s=&menu=2
grog6
07-27-2003, 07:00 PM
You have installed a hack using the webtemplate table ...
Moreover the query used for this hack isn't correct whith the name of your membre which is : Lovin' Momma
The ' included in his username makes the query wrong, try using
UPDATE webtemplates SET lastvisitorname="Lovin' Momma", lastvisittime="01:17 PM" WHERE title="sig_tags"
;)
Xenon
07-28-2003, 09:56 AM
seems someone has forgotten to do a addslashes() around the usernames...
Erwin
07-28-2003, 10:00 AM
You can add the addslashed function to the $bbuserinfo[username] bit of the code, or just change the member's username from Lovin' Momma to Lovin Momma (remove the ' which is causing the problem).
Xenon
07-28-2003, 10:10 AM
the webtemplate hack is by logician, who normaly bugfixes his hacks asap, so you should post in his supportthread so he will know that there's a bug
Logician
07-29-2003, 06:59 AM
1- To fix it, edit show.php, find line:
else {$gettemp1=$DB_site->query("UPDATE webtemplates SET lastvisitorname='$user_username', lastvisittime='$timenow' WHERE title='$pg'");}
Replace it as:
else {$gettemp1=$DB_site->query("UPDATE webtemplates SET lastvisitorname='".addslashes($user_username)"', lastvisittime='$timenow' WHERE title='$pg'");}
2- You are using old version of webtemplates, I would suggest upgrade to new 2.x version
3- Please report bugs in hack threads. I run into that messagely accidently and I would never know about it.
4- Congratulations because you catch a bug in a script which is 1.5 years old. lol. I wonder how come nobody ever run into this bug before, very weird! :)
Xenon
07-29-2003, 09:37 AM
noone els has users with a ' in it ^^
vBulletin® v3.8.12 by vBS, Copyright ©2000-2024, vBulletin Solutions Inc.