Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-50322

In a forum, pruning reply with more than 255 chars for the subject causes database error.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.7.8, 2.8.6, 2.9
    • Fix Version/s: 2.8.7, 2.9.1
    • Component/s: Forum
    • Labels:
    • Testing Instructions:
      Hide

      1) Create a forum
      2) Create a discussion
      3) Create a reply to the discussion
      4) Click split against the reply (make sure your caches are purged, because there's a new class loading)
      5) Make sure that you cannot type more than 255 characters to the discussion name field
      6) Make sure that discussion field is required
      7) Make sure that if you split the post, new discussion with a right name is created

      Show
      1) Create a forum 2) Create a discussion 3) Create a reply to the discussion 4) Click split against the reply (make sure your caches are purged, because there's a new class loading) 5) Make sure that you cannot type more than 255 characters to the discussion name field 6) Make sure that discussion field is required 7) Make sure that if you split the post, new discussion with a right name is created
    • Affected Branches:
      MOODLE_27_STABLE, MOODLE_28_STABLE, MOODLE_29_STABLE
    • Fixed Branches:
      MOODLE_28_STABLE, MOODLE_29_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-50322-master

      Description

      Steps to replicate

      1) Create a forum
      2) Create a discussion
      3) Create a reply to the discussion
      4) Click split against the reply
      5) Change the Discussion name so that it has more than 255 characters in it

      Expected behaviour: Validation or auto truncation?

      Actual behaviour:

      Debug info: Data too long for column 'name' at row 1
      INSERT INTO mdl_forum_discussions (course,forum,name,firstpost,userid,groupid,assessed,usermodified,timestart,timeend) VALUES(?,?,?,?,?,?,?,?,?,?)
      [array (
      0 => '161',
      1 => '364',
      2 => 'Re: thisisthestart2343298743298fdklgsdfkjghdfklhgsfdkghsfkldjghsiourtgoriegjfodigjsdkfjg;oierut4w309gfdjgl;fdsjg90reg0osure9g\'rsiojgldfkjgsoij59tg59jgrs\'ogjlidfjgljfdsigoreijtu[owjgoirjglfdjglsdfjgfdsjgoireuoituwo[iu[roeijgfiojglfdsjgfdslgjfdlisjgoserjmmmmmmmmmmmmmmmmmmm',
      3 => '108',
      4 => '2',
      5 => '-1',
      6 => '0',
      7 => '2',
      8 => '0',
      9 => '0',
      )]
      Error code: dmlwriteexception
      Stack trace:
      line 446 of /lib/dml/moodle_database.php: dml_write_exception thrown
      line 1164 of /lib/dml/mysqli_native_moodle_database.php: call to moodle_database->query_end()
      line 1210 of /lib/dml/mysqli_native_moodle_database.php: call to mysqli_native_moodle_database->insert_record_raw()
      line 471 of /mod/forum/post.php: call to mysqli_native_moodle_database->insert_record()

      It's important to note that besides the lack of server side validation / sanitation, the input field for 'name' in prune.html does not have a maxlength attribute.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                6/Jul/15