Moodle

• Type: Bug
• Status: Closed
• Priority: Minor
• Resolution: Won't Fix
• Affects Version/s: 1.9
• Fix Version/s: None
• Component/s: Database SQL/XMLDB
• Labels:

  None
• Environment:

  PostgreSQL version 8 and up

In PostgreSQL 7 and in MySQL, the empty string is implicitly casted to zero integer. Therefore, you can have queries like

> select id,username from mdl_user where id='';
Empty set (0.00 sec)

In PostgreSQL 8, the empty string can not be casted to integer any more and the same query throws an error:

moodle=# select * from mdl_user where id='';
ERROR: invalid input syntax for integer: ""

This is problem as there are queries in Moodle libs that relies on MySQL/Postgres7 behaviour. Typically, when using queries like

DELETE FROM mdl_some_table WHERE id='$id'

This is a META bug to cover all found cases when this might happen. Add found problematic code as a subtask. It blocks Postgres8 support. Also, because it impacts a lot of SQL queries, I have set it as a minor security risk.

• Assignee:

  David Mudrak

  Reporter:

  David Mudrak

  Participants:

  David Mudrak, Petr Škoda (skodak)

• Created:

  10/Feb/08 2:39 AM

  Updated:

  04/May/09 5:31 PM

  Resolved:

  04/May/09 5:31 PM