-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
2.6.3, 2.6.4
-
None
-
2.6.1(2013111401),2.6.2(2013111403)
-
MOODLE_26_STABLE
When you have a turnitintool assignment with an apostrophe in either the name or part, it causes the following error when trying to update and submit changes:
Debug info: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 's Gilded Age Paper - America's Gilded Age'' at line 1
|
SELECT * FROM mdl_event WHERE modulename='turnitintool' AND instance='123' AND name='Ch 16 America's Gilded Age Paper - America's Gilded Age'
|
[array (
|
)]
|
Error code: dmlreadexception
|
Stack trace:
|
|
|
line 443 of /lib/dml/moodle_database.php: dml_read_exception thrown
|
line 996 of /lib/dml/mysqli_native_moodle_database.php: call to moodle_database->query_end()
|
line 1428 of /lib/dml/moodle_database.php: call to mysqli_native_moodle_database->get_records_sql()
|
line 1400 of /lib/dml/moodle_database.php: call to moodle_database->get_record_sql()
|
line 6699 of /mod/.turnitintool/lib.php: call to moodle_database->get_record_select()
|
line 1347 of /mod/.turnitintool/lib.php: call to turnitintool_get_record_select()
|
line 236 of /mod/.turnitintool/view.php: call to turnitintool_update_partnames()
|
It looks like it's coming from here, maybe:
1347 if ($events = turnitintool_get_record_select('event', "modul ename='turnitintool' AND instance='".$turnitintool->id."' AND name='".$currentevent."'")) {
|
1348 $event->id = $events->id;
|
1349 update_event($event);
|
1350
|
Since the where criteria is enclosed in double quotes, the inner strings that are actually part of the query are in single quotes, so putting an apostrophe into one of those fields breaks the string.
I will provide an attachment with steps to replicate the issue on a turnitintool assignment with apostrophes in the name and part.