Discussion Forum
You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 November 6, 2019 12:16pm
- joeshu
- Member
- Registered: June 13, 2018
- Posts: 16
Open Graph Fields
It seems like the Open Graph Fields are not being escaped correctly. Any apostrophe in the Title or Description (these are the ones we noticed) seems to throw a SQL error. The error does not bubble up and display, but acts like the page saves without actually saving anything. There is even an audit record created from track but no pending changes for the table. Removing the apostrophe from those fields seems to have fixed the issues.
Last edited by joeshu (November 6, 2019 12:16pm)
Offline
#2 November 6, 2019 12:36pm
- timbuckingham
- Administrator
- From: Baltimore, MD
- Registered: April 2, 2012
- Posts: 974
Re: Open Graph Fields
I tested this in my local BigTree 4.4.7 instance and didn't run into any trouble saving apostrophes or double quotes into open graph title and description fields. The BigTreeAdmin::handleOpenGraph call is using the default SQL::insert method that auto escapes all the fields so it shouldn't be a SQL injection/encoding issue. I'd put a die(); on line 127 of /core/admin/modules/pages/update.php and
print_r(SQL::$Errors);right before that and see what it's doing.
Offline
#3 November 6, 2019 12:37pm
- timbuckingham
- Administrator
- From: Baltimore, MD
- Registered: April 2, 2012
- Posts: 974
Re: Open Graph Fields
Oh, I just misread you! Pending pages data does indeed seem to be failing. I'll look into that now!
Offline
#4 November 6, 2019 12:44pm
- joeshu
- Member
- Registered: June 13, 2018
- Posts: 16
Re: Open Graph Fields
Oh okay! Here is some debugging info if you need it.
I noticed this because I put a var_dump / die on line 126 in sql.php
string(226) "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 't Forget Your Transcripts",
Like I said that error doesn't seem to be displaying, or that there was even an error.
Offline
#5 November 6, 2019 12:46pm
- timbuckingham
- Administrator
- From: Baltimore, MD
- Registered: April 2, 2012
- Posts: 974
Re: Open Graph Fields
This should be fixed in the 4.4-devel branch! Here's the commit if you'd like to monkey-patch it:
https://github.com/bigtreecms/BigTree-C … e063516875
Thanks for the bug report!
Offline
#6 November 6, 2019 12:48pm
- joeshu
- Member
- Registered: June 13, 2018
- Posts: 16
Re: Open Graph Fields
Awesome, thanks!
Offline
Pages: 1