Page 1 of 1

SOLVED-Problem in sql syntax!

Posted: Sat Oct 16, 2004 8:35 pm
by dimitris
From the first view this should work well:...

Sorry,but when i try to upload the entire text i get a 500 Internal server error page!!!
A forum administrator should contact me please!

I uploaded my initial text for this post here: http://students.cs.unipi.gr/~p01109/imo/post.txt

Have you tried...

Posted: Sat Oct 16, 2004 9:31 pm
by neophyte
Have you tried dumping this md5($subject) into a variable first ....

$variable = md5($subject) and the insert $variable instead of ".'md5($subject)'."

Just a suggestion. Otherwise I can't really see anything wrong. Although I admit I'm some what of a n00b.

Re: Have you tried...

Posted: Tue Oct 19, 2004 3:16 am
by dimitris
neophyte wrote:Have you tried dumping this md5($subject) into a variable first ....

$variable = md5($subject) and the insert $variable instead of ".'md5($subject)'."

Just a suggestion. Otherwise I can't really see anything wrong. Although I admit I'm some what of a n00b.
I tried it too!

$hash_code=md5($subject) and then inserting this variable in the actual script

Re: Problem in sql syntax!

Posted: Tue Oct 19, 2004 10:32 am
by dimitris
Sorry,but when i try to upload the entire text i get a 500 Internal server error page still happens!!!

A forum administrator should contact me please or fix this bug please!

I UPDATED my initial text for this post here: http://students.cs.unipi.gr/~p01109/imo/post.txt

Posted: Tue Oct 19, 2004 10:37 am
by Weirdan
'from' and 'to' are reserved keywords in SQL. To use them as field names you need to quote them with backticks (`):

Code: Select all

select `from`, `to` from some_table...

Re: Problem in sql syntax!

Posted: Tue Oct 19, 2004 10:39 am
by Weirdan
dimitris wrote:Sorry,but when i try to upload the entire text i get a 500 Internal server error page still happens!!!
We're aware of this bug but have found no way to circumvent it yet.

Posted: Tue Oct 19, 2004 10:41 am
by dimitris
Weirdan wrote:'from' is reserved keyword in SQL. To use it as field name you need to quote it with backticks (`):

Code: Select all

select `from` from some_table...
Thanks a lot, i was looking again to my code when i remembered that i had a similar problem using group field in a sql syntax.... I thought " Hey we write SELECT * FROM some_table. From is keyword!"

Re: Problem in sql syntax!

Posted: Tue Oct 19, 2004 10:47 am
by dimitris
Do you think that it is a problem with interpreting php tags? In that case we should avoid using php bbcode option!

Posted: Tue Oct 19, 2004 11:56 am
by Weirdan
no. Seems like our hosting provider got some anti-SQL-injection protection installed which gets triggered when you try to post certain SQL queries. We did plan to communicate to IMHosted regarding that, but I don't know if it was done though.

Posted: Tue Oct 19, 2004 12:00 pm
by dimitris
Weirdan wrote:no. Seems like our hosting provider got some anti-SQL-injection protection installed which gets triggered when you try to post certain SQL queries. We did plan to communicate to IMHosted regarding that, but I don't know if it was done though.
Ok! Don't mind! Problems are always possible to happen! Thanks for your time Weirdan!

Posted: Tue Oct 19, 2004 1:55 pm
by feyd
here's a massive tip for anyone getting internal server errors:

avoid having INSERT and INTO in a continuous string. That's the one we've found so far that will break a posting. As long as INSERT and INTO (case is irrelevant) are seperated by more than whitespace, it works fine.

Additionally, DELETE and FROM are also hot.