Bug #5468
SQL error during injection : unascape values
| Status: | New | Start date: | 02/24/2016 | |
|---|---|---|---|---|
| Priority: | Urgent | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | - |
Description
During insertion of computers data's, we have an insertion error due to unescape chars "'".
The following error occurs :
- MySQL query error:
SQL: UPDATE `glpi_computers`
SET `comment` = \'
CR04003 - CRB Local multimédia
Pc fixe Pas d\'utilisateur Attitré\' WHERE `id` =\'33478\'
Error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'utilisateur Attitré' WHERE `id` ='33478'' at line 2
Backtrace :
inc/commondbtm.class.php:357
inc/commondbtm.class.php:1116 CommonDBTM->updateInDB()
...injection/inc/commoninjectionlib.class.php:1501 CommonDBTM->update()
...injection/inc/commoninjectionlib.class.php:1415 PluginDatainjectionCommonInjectionLib->effectiveAddOrUpdate()
...atainjection/inc/computerinjection.class.php:90 PluginDatainjectionCommonInjectionLib->processAddOrUpdate()
plugins/datainjection/inc/engine.class.php:145 PluginDatainjectionComputerInjection->addOrUpdateObject()
...datainjection/inc/clientinjection.class.php:249 PluginDatainjectionEngine->injectLine()
...datainjection/inc/clientinjection.class.php:204 PluginDatainjectionClientInjection::processInjection()
...datainjection/front/clientinjection.form.php:38 PluginDatainjectionClientInjection::showInjectionForm()
GLPI : 0.90
DataInjection : 2.4.1