Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suspicious concatenation #90

Closed
AppChecker opened this issue Feb 15, 2017 · 1 comment
Closed

Suspicious concatenation #90

AppChecker opened this issue Feb 15, 2017 · 1 comment
Assignees
@fiammybe
Labels
bug

Comments

@AppChecker
Copy link

AppChecker commented Feb 15, 2017
edited
Loading

Hi.

Please look this section of code:

		$sql =  "   SELECT b.* " .
                "   FROM " . $xoopsDB->prefix("newblocks_bak") . " AS b LEFT JOIN " . $xoopsDB->prefix('block_instance') . " AS i ON b.bid = i.bid " .
                "   WHERE i.instanceid IS NULL";
                "   GROUP BY b.dirname, b.bid";

String " GROUP BY b.dirname, b.bid" is not involved in the concatenation operation.

Probably, it should be:

		$sql =  "   SELECT b.* " .
                "   FROM " . $xoopsDB->prefix("newblocks_bak") . " AS b LEFT JOIN " . $xoopsDB->prefix('block_instance') . " AS i ON b.bid = i.bid " .
                "   WHERE i.instanceid IS NULL".
                "   GROUP BY b.dirname, b.bid";

This possible defect found with AppChecker
@fiammybe
Copy link
Member

very very old code, probably never used anymore (migration from old XOOPS sites). Typo that breaks the select visibly.

@fiammybe fiammybe self-assigned this May 17, 2017
@fiammybe fiammybe added the bug label May 17, 2017
@fiammybe fiammybe added this to the v1.3.11 milestone May 17, 2017
@fiammybe fiammybe removed this from the v1.3.11 milestone Mar 19, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fiammybe fiammybe

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fiammybe @AppChecker