Access /drupal/comment/1blah (any comment-id starting with a number, but containing non-numeric chars)
With default installation and MySQL, I get a 404 page that also includes PHP undefined index notices:
Notice: Undefined index: 1blah in comment_load() (line 1685 of /var/www/drupal/modules/comment/comment.module).
Notice: Undefined index: 1blah in comment_load() (line 1685 of /var/www/drupal/modules/comment/comment.module).
Notice: Trying to get property of non-object in comment_access() (line 1443 of /var/www/drupal/modules/comment/comment.module).
An erroneous request shouldn't make it this far, as such unexpected conditions may lead to attack vectors (apart from the annoyance of PHP notices). Failfast and all that.
Steps to reproduce
- Clean install of Drupal 7.x
- Log in as admin
- Add Article
- Add Comment
- Navigate to /comment/1blah
With PostgreSQL, I get database errors:
PDOException: SQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid input syntax for integer: "1blah" at character 609: SELECT base.cid AS cid, base.pid AS pid, base.nid AS nid, base.uid AS uid, base.subject AS subject, base.hostname AS hostname, base.created AS created, base.changed AS changed, base.status AS status, base.thread AS thread, base.name AS name, base.mail AS mail, base.homepage AS homepage, base.language AS language, n.type AS node_type, u.name AS registered_name, u.uid AS u_uid, u.signature AS signature, u.signature_format AS signature_format, u.picture AS picture FROM {comment} base INNER JOIN {node} n ON base.nid = n.nid INNER JOIN {users} u ON base.uid = u.uid WHERE (base.cid IN (:db_condition_placeholder_0)) ; Array ( [:db_condition_placeholder_0] => 1blah ) in DrupalDefaultEntityController->load() (line 196 of /var/www/.../news/includes/entity.inc).
(presumably because MySQL silently, "cleverly", ignores conversion errors, while PG does not).
In fact for PostgreSQL it's not even /comment/blah (no leading digit) yields the same error, and comment/reply/blah as well.
I'm seeing the same problem with non-numeric node ID's and PG, but that is presumably a separate issue.
Comment | File | Size | Author |
---|---|---|---|
#16 | comment-fix-cid-1838338-16.patch | 649 bytes | moertle |
#2 | drupal-fix_errors_when_comment_argument_is_not_integer-1838338-2.patch | 1.35 KB | paravibe |
#1 | Screen Shot 2013-03-09 at 10.18.24 AM.png | 95.47 KB | lbainbridge |
Comments
Comment #1
lbainbridge CreditAttribution: lbainbridge commentedNot an issue in Drupal 8.x
Steps to reproduce:
Comment #2
paravibe CreditAttribution: paravibe commentedMaybe should be like this?
Comment #3
heddnProbably should use is_int().
http://php.net/manual/en/function.is-numeric.php
Comment #4
heddnComment #5
paravibe CreditAttribution: paravibe commentedOK, I think now it's better.
Comment #7
paravibe CreditAttribution: paravibe commentedSecond try
Comment #8
paravibe CreditAttribution: paravibe commentedComment #10
paravibe CreditAttribution: paravibe commentedComment #12
rakeshfalke CreditAttribution: rakeshfalke commentedTested @drupalrv code working good :).
Comment #13
rakeshfalke CreditAttribution: rakeshfalke commentedSteps to Followed:
Working properly so closing this issue.
Comment #14
star-szrI'm still able to reproduce this using the steps to reproduce, adding them to the issue summary.
@rakeshfalke - for future reference if this wasn't reproducible we'd use the status "Closed (cannot reproduce)" :)
Comment #15
star-szrOh maybe I misunderstood - I missed comment #12.
So @rakeshfalke maybe you tested with the patch and it worked? That still means the issue needs to stay open for further reviews and adding tests to cover this bug would be a good idea.
Comment #16
moertle CreditAttribution: moertle commentedAnother try with is_numeric
Comment #17
moertle CreditAttribution: moertle commentedComment #18
poker10 CreditAttribution: poker10 at ActivIT s.r.o. commentedI have tried this on clean D7.97 install and accessing such link
/comment/1blah
does not throw notices/warnings for me (on PHP8). This is probably outdated, but feel free to reopen, if this is still an issue. Thanks!