Results 1 to 3 of 3

Thread: mysqli_real_escape_string() warning on 'Next' when multiselect used

  1. 2011-11-29, 03:44 PM #1
    MichaelRLevy
    MichaelRLevy is offline Junior Member
    Join Date
    Jul 2007
    Posts
    6

    Default mysqli_real_escape_string() warning on 'Next' when multiselect used

    We're using Version 6.4.0beta2 (Build 7080) with a number of custom modules.

    Two modules have a multiselect fields with more than 20 records, and both exhibit this problem. When doing a basic search, if any of the multiselect fields have any value selected to limit the search, the first page of 20 results works fine. However, upon clicking the 'Next' arrow, the message below is displayed, and the search results display as if none of the multiselect values were selected -- in other words, the search is limited by any text entry fields or dropdown field that was selected, but the multiselect value becomes unselected.

    This message is displayed on the page above the word 'Search'

    Warning: mysqli_real_escape_string() expects parameter 2 to be string, array given in /data/sites/apps/public/dctrack/include/database/MysqliManager.php on line 238

    sugarcrm.log has lines such as this:

    Tue Nov 29 11:42:09 2011 [7451][9cc773a7-9b70-7d53-40fd-4eb2c7d22713][DEPRECATED] SugarBean.php: preprocess_fields_on_save() is deprecated

    Any help appreciated, TIA!
    Reply With Quote Reply With Quote
  2. 2011-12-06, 10:42 PM #2
    MichaelRLevy
    MichaelRLevy is offline Junior Member
    Join Date
    Jul 2007
    Posts
    6

    Default Re: mysqli_real_escape_string() warning on 'Next' when multiselect used

    After some testing and writing out some logs, I can see that the line that triggers the warning is below, and the $string passed here is actually not a string but an array of strings containing the values of the multiselect. So whatever is calling the quote() function in include/database/MysqliManager.php is not passing a string, but is passing an array. Can anyone help?


    /**
    * @see DBManager::quote()
    */
    public function quote($string)
    {
    return mysqli_real_escape_string($this->getDatabase(),$this->quoteInternal($string));
    }
    Reply With Quote Reply With Quote
  3. 2012-01-06, 11:57 AM #3
    ahatherly
    ahatherly is offline Junior Member
    Join Date
    Dec 2011
    Posts
    2

    Default Re: mysqli_real_escape_string() warning on 'Next' when multiselect used

    I managed to fix this issue by updating the quote method in the MysqliManager.php file as follows:

    Code:
    	/**
	 * @see DBManager::quote()
	 */
	public function quote($string)
	{
		if(is_array($string)) {
              foreach($string as &$val) {
			$val = $this->quoteInternal($val);
		  }
		  return $string;
            }
		return mysqli_real_escape_string($this->getDatabase(),$this->quoteInternal($string));
	}
    Hope that helps!
    Adam.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Warning: mysql_fetch_assoc() AND Warning: mysql_data_seek():
    By gdetemple in forum Help
    Replies: 6
    Last Post: 2009-10-13, 10:53 PM
  2. Dynamic MultiSelect
    By vexacion in forum Developer Help
    Replies: 15
    Last Post: 2009-09-27, 09:44 PM
  3. Importing Multiselect
    By Regiecentrale in forum Help
    Replies: 1
    Last Post: 2009-07-15, 01:11 PM
  4. {$fields.multiselect.value}
    By z3r0 in forum Deutsche
    Replies: 1
    Last Post: 2009-07-08, 11:42 AM
  5. Warning: Please upgrade... Why won't this warning go away?
    By ryno267 in forum Help
    Replies: 1
    Last Post: 2005-09-29, 09:57 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules