Project:Drupal core
Version:7.x-dev
Component:database system
Category:bug report
Priority:normal
Assigned:Unassigned
Status:closed (duplicate)

Issue Summary

If a query contains a newline, pattern matching on SELECT fails, which causes the counting request is not generated, and the pager not to be created. The query is then built as it would be by a call to db_query_range.

Queries should be sanitized prior to pattern matching by removing these characters.

Comments

#1

Can you confirm that this bug is still present in 4.6.5?

#2

Version:4.6.3» 4.7.3

This bug is is still present in 4.7.3

#3

Status:active» closed (won't fix)

Drupal coding standards don't allow for multilien queries.

#4

Title:pager_query fails on multi-line queries» multi-line queries failure
Version:4.7.3» 6.x-dev
Status:closed (won't fix)» postponed (maintainer needs more info)

There are multi-line queries in D6 core (at least one in book.module).

Should they be rewritten to one line, or is this officially supported now ?

#5

Personally, I find multiline queries to be far more readable than one single looooong line.

Regardless, I think style is about how code looks, not how it works. Style should never break things like that.

Removing the newlines before deriving the COUNT() query is trivial, and should be done regardless.

#6

Status:postponed (maintainer needs more info)» active

The problem is still there in D7 HEAD today with DB TNG.

If there is indeed a policy about not allowing multi-line queries, it should be added to the SQL coding conventions page which currently doesn't list such a requirement.

However, I still think it would be better to allow them: the cost of stripping newlines is minimal, as it doesn't involve a regex. Newlines embedded in string values are not a problem, as they only appear post-transformation thanks to the use of placeholders instead of inline replacement.

#7

Version:6.x-dev» 7.x-dev

Forgot to bump version.

#8

Status:active» closed (duplicate)

I believe this to be a duplicate of #288837: Pager.inc regexp misses whitespace use case. This one is older, but the other one has a patch.

nobody click here