- πΈπ°Slovakia poker10
I have tried this on clean D7.97 install and accessing such link
/comment/1blahdoes not throw notices/warnings for me (on PHP8). This is probably outdated, but feel free to reopen, if this is still an issue. Thanks!
Access /drupal/comment/1blah (any comment-id starting with a number, but containing non-numeric chars)
With default installation and MySQL, I get a 404 page that also includes PHP undefined index notices:
Notice: Undefined index: 1blah in comment_load() (line 1685 of /var/www/drupal/modules/comment/comment.module).
Notice: Undefined index: 1blah in comment_load() (line 1685 of /var/www/drupal/modules/comment/comment.module).
Notice: Trying to get property of non-object in comment_access() (line 1443 of /var/www/drupal/modules/comment/comment.module).
An erroneous request shouldn't make it this far, as such unexpected conditions may lead to attack vectors (apart from the annoyance of PHP notices). Failfast and all that.
With PostgreSQL, I get database errors:
PDOException: SQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid input syntax for integer: "1blah" at character 609: SELECT base.cid AS cid, base.pid AS pid, base.nid AS nid, base.uid AS uid, base.subject AS subject, base.hostname AS hostname, base.created AS created, base.changed AS changed, base.status AS status, base.thread AS thread, base.name AS name, base.mail AS mail, base.homepage AS homepage, base.language AS language, n.type AS node_type, u.name AS registered_name, u.uid AS u_uid, u.signature AS signature, u.signature_format AS signature_format, u.picture AS picture FROM {comment} base INNER JOIN {node} n ON base.nid = n.nid INNER JOIN {users} u ON base.uid = u.uid WHERE (base.cid IN (:db_condition_placeholder_0)) ; Array ( [:db_condition_placeholder_0] => 1blah ) in DrupalDefaultEntityController->load() (line 196 of /var/www/.../news/includes/entity.inc).
(presumably because MySQL silently, "cleverly", ignores conversion errors, while PG does not).
In fact for PostgreSQL it's not even /comment/blah (no leading digit) yields the same error, and comment/reply/blah as well.
I'm seeing the same problem with non-numeric node ID's and PG, but that is presumably a separate issue.
Closed: outdated
7.0 β°οΈ
The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
I have tried this on clean D7.97 install and accessing such link /comment/1blah does not throw notices/warnings for me (on PHP8). This is probably outdated, but feel free to reopen, if this is still an issue. Thanks!