We'll want to remove ALL uses of compile_update_string() and compile_insert_string(). I'll take care of this since there are 9 or 10 other instances of it.
Chris
On Sunday 02 July 2006 5:08 pm, Tony Lambregts wrote:
Chris Morgan wrote:
Is this the case when inserting data from a xinha editor into the database? Is this being seen only in application related data?
Sorry for the time you've spent investigating this, it only took a moment for me to realize what the problem was after knowing the symptoms. I should have caught this earlier.
I'm pretty sure this is an easy fix of simply not using compile_update_string() or compile_insert_string(). If you look at the use of these functions you'll see something like:
$sBlah = compile_insert(update)_string(...);
query_parameters("update/insert ".$sBlah." where '?' ...", a, b, c);
The problem is that $sBlah contains characters that are special to query_parameters() like '~', '?', '&'. Because we incorrectly put $sBlah into the format portion of query_parameters(), we insert these special characters into the format parameter of query_parameters().
So, the fix is quite simple, stop using compile_insert_string() and compile_update_string() and let query_parameters() do the work. This way we can be sure that we won't be inserting strings with special formatting characters into the format portion of the query_parameters() call.
I'll take care of fixing this as soon as I get back home.
Chris
I was not really comfortable with that solution. compile_update_string was very nice for aligning the field with the value so it looked very clean. The trouble with doing it this way is that it is more prone to errors but if you say that is OK with you then I suppose it will do for me too.
Change Log: Fix crash in updateing xinha fields.
Files changed: include/testResults.php