View Issue Details

IDProjectCategoryView StatusLast Update
0019374mantisbtinstallationpublic2018-07-09 17:22
Reporterdregad Assigned Todregad  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.3.0-rc.1 
Summary0019374: Install with mysqli driver triggers warning when generating SQL
Description

When generating the SQL statements instead of executing them directly, the Mantis installer throws a PHP warning

SYSTEM WARNING
'mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given' in '...\mantisbt\library\adodb\drivers\adodb-mysqli.inc.php' line 231

Tagspatch
Attached Files
adodb-mysqli.patch (1,018 bytes)   
diff --git a/drivers/adodb-mysqli.inc.php b/drivers/adodb-mysqli.inc.php
index 6de3e7f..0a42973 100644
--- a/drivers/adodb-mysqli.inc.php
+++ b/drivers/adodb-mysqli.inc.php
@@ -227,16 +227,16 @@ class ADODB_mysqli extends ADOConnection {
 	{
 		if (is_null($s)) return 'NULL';
 		if (!$magic_quotes) {
-	    	if (PHP_VERSION >= 5)
+			if (PHP_VERSION >= 5 && $this->_connectionID)
 	      		return "'" . mysqli_real_escape_string($this->_connectionID, $s) . "'";
 
-		if ($this->replaceQuote[0] == '\\')
-			$s = adodb_str_replace(array('\\',"\0"),array('\\\\',"\\\0"),$s);
-	    return  "'".str_replace("'",$this->replaceQuote,$s)."'";
-	  }
-	  // undo magic quotes for "
-	  $s = str_replace('\\"','"',$s);
-	  return "'$s'";
+			if ($this->replaceQuote[0] == '\\')
+				$s = adodb_str_replace(array('\\',"\0"),array('\\\\',"\\\0"),$s);
+			return  "'".str_replace("'",$this->replaceQuote,$s)."'";
+		}
+		// undo magic quotes for "
+		$s = str_replace('\\"','"',$s);
+		return "'$s'";
 	}
 
 	function _insertid()
adodb-mysqli.patch (1,018 bytes)   

Relationships

related to 0019635 closeddregad Update ADOdb to 5.20 

Activities

dregad

dregad

2015-02-16 08:54

developer   ~0048840

This is due to the behavior of mysqli_real_escape_string(), which differs from mysql_real_escape_string(). The former requires a valid mysqli DB connection object, while the latter has a fallback mechanism which attempts to generate a connection when given NULL.

In our case, when generating SQL $t_dict->_connectionID == false so we get the warning when ADOConnection::qstr() calls mysqli_real_escape_string().

This is an ADOdb bug which needs to be fixed upstream.

dregad

dregad

2015-02-16 11:23

developer   ~0048845

Upstream bug report for reference https://github.com/ADOdb/ADOdb/issues/79

atrol

atrol

2018-07-09 17:11

developer   ~0060234

Last edited: 2018-07-09 17:12

Fixed in ADOdb since 5.20.0.
5.20.0 used in Mantis since 1.3.0-rc.1, see 0019635