errors when adding new event to bookroom

Project:BookRoom
Component:Code
Category:bug report
Priority:normal
Assigned:Sam McDonald
Status:closed
Description

I logged in via CAS and went through the steps to create a new event.
When I click "Done" on the Confirm screen, I get an error screen with the following errors:

Notice: Undefined variable: event_id in /u1/htdocs/scheduler/admin/wiz/act_wizsave_finalinsert.php on line 181

Sorry. The main rooms2events insert failed:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1,10)' at line 1

<screenshots attached>

I was using Chrome and did not encounter any issues entering the data for the event until the error screen.

Comments

#1

Assigned to:Anonymous» chadmills

This looks like a duplicate of: <a href="https://software.libraries.rutgers.edu/node/2182" title="https://software.libraries.rutgers.edu/node/2182">https://software.libraries.rutgers.edu/node/2182</a>

I am marking that older one as a duplicate and will move forward with this issue. I was unable to replicate this during the upgrade; but this report may help.

#2

Assigned to:chadmills» Sam McDonald
Status:active» test

I reworked the logic of the final save. Please test again and thoroughly. I don't think this was role related, but cause by some other issue. Possibly the apostrophe in the title of the event. Apostrophe's aren't being escaped. Give this a regular test with no apostrophe's and then do a test with an apostrophe. You should get a different error. IF that's the case we can look at escapeing the apostrophe's.

#3

I added an event with without apostrophes in the title and it was added without error.
I then added another event with an apostrophe in the title and got the following error after clicking "Done" on the confirm screen:
(the title was "Yuhwei's event test")

Sorry. The main event insert failed:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's event','',20170103130000,20170103130000,20170103150000,20170103150000,'Yuhwei'' at line 1

#4

Ok thanks. Please test using apostrophe's in free test fields. Also test updating an event and adding in apostrophe's to those free text fields.

#5

Status:test» closed

tested and appears to have been fixed
-S

Back to top