[Solved]: problem after upgrading to 1.4.21 [Solved]: problem after upgrading to 1.4.21
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

[Solved]: problem after upgrading to 1.4.21

Started by lydiahamminga, March 08, 2009, 07:18:43 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

lydiahamminga

after upgrading from 1.4.20 to 1.4.21, when clicking the random files on the index page the following errors show up
(I use the LightBox JS for Fullsize Popup Image  mod)

While executing query "SELECT * FROM cpg14x_pictures WHERE approved = 'YES'  ORDER BY RAND() LIMIT -1" on 0

mySQL error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-1' at line 1


USER:
------------------
Array
(
    [ID] => cef3171c8b6cac3be43c267e0320c972
    [am] => 1
    [lang] => english
    [liv] => Array
        (
            [0] => 567
            [1] => 566
            [2] => 323
            [3] => 56
            [4] => 295
        )

)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 1
    [user_name] => hsd12x
    [groups] => Array
        (
            [0] => 1
        )

    [disk_max] => 0
    [disk_min] => 0
    [can_rate_pictures] => 1
    [can_send_ecards] => 1
    [ufc_max] => 3
    [ufc_min] => 3
    [custom_user_upload] => 0
    [num_file_upload] => 5
    [num_URI_upload] => 3
    [can_post_comments] => 1
    [can_upload_pictures] => 1
    [can_create_albums] => 1
    [has_admin_access] => 1
    [pub_upl_need_approval] => 0
    [priv_upl_need_approval] => 0
    [group_name] => Administrators
    [upload_form_config] => 3
    [group_quota] => 0
    [can_see_all_albums] => 1
    [group_id] => 1
)

==========================
Queries:
------------------
Array
(
    [0] => SELECT extension, mime, content, player FROM cpg14x_filetypes; (0s)
    [1] => delete from `blog_coppermine`.cpg14x_sessions where time<1236488864 and remember=0; (0s)
    [2] => delete from `blog_coppermine`.cpg14x_sessions where time<1235282864; (0s)
    [3] => select user_id from `blog_coppermine`.cpg14x_sessions where session_id = 'c7ae402bde991c8a119259f660e8e2dc' (0s)
    [4] => select user_id as id, user_password as password from `blog_coppermine`.cpg14x_users where user_id=1 (0s)
    [5] => SELECT u.user_id AS id, u.user_name AS username, u.user_password AS password, u.user_group+100 AS group_id FROM `blog_coppermine`.cpg14x_users AS u INNER JOIN `blog_coppermine`.cpg14x_usergroups AS g ON u.user_group=g.group_id WHERE u.user_id='1' (0s)
    [6] => SELECT user_group_list FROM `blog_coppermine`.cpg14x_users AS u WHERE user_id='1' and user_group_list <> ''; (0s)
    [7] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg14x_usergroups WHERE group_id in (1) (0s)
    [8] => SELECT group_name FROM  cpg14x_usergroups WHERE group_id= 1 (0s)
    [9] => update `blog_coppermine`.cpg14x_sessions set time='1236492464' where session_id = 'c7ae402bde991c8a119259f660e8e2dc' (0s)
    [10] => SELECT user_favpics FROM cpg14x_favpics WHERE user_id = 1 (0s)
    [11] => DELETE FROM cpg14x_banned WHERE expiry < '2009-03-08 06:07:44' (0s)
    [12] => SELECT * FROM cpg14x_banned WHERE (ip_addr='84.80.230.17' OR ip_addr='84.80.230.17' OR user_id=1) AND brute_force=0 (0s)
    [13] => SELECT aid from cpg14x_pictures WHERE pid='19'  LIMIT 1 (0s)
    [14] => SELECT title,keyword from cpg14x_albums WHERE aid='1' (0s)
    [15] => SELECT COUNT(*) from cpg14x_pictures WHERE ((aid='1'  ) )   (0s)
    [16] => SELECT pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords, title, caption,hits,owner_id,owner_name from cpg14x_pictures WHERE ((aid='1'  ) )   ORDER BY pid DESC  (0s)
    [17] => SELECT title,keyword from cpg14x_albums WHERE aid='1' (0s)
    [18] => SELECT COUNT(*) from cpg14x_pictures WHERE ((aid='1'  ) )   (0s)
    [19] => SELECT * from cpg14x_pictures WHERE ((aid='1'  ) )   ORDER BY pid DESC  LIMIT 2 ,1 (0s)
    [20] => SELECT title, comments, votes, category, aid FROM cpg14x_albums WHERE aid='1' LIMIT 1 (0s)
    [21] => SELECT name, parent FROM cpg14x_categories WHERE cid = '2' (0s)
    [22] => SELECT cid, name, parent FROM cpg14x_categories WHERE cid = '4' (0s)
    [23] => SELECT * FROM cpg14x_pictures WHERE approved = 'YES'  ORDER BY RAND() LIMIT -1 (0s)
    [24] => SELECT COUNT(*) FROM cpg14x_pictures WHERE approved = 'NO' (0s)
)

==========================
GET :
------------------
Array
(
    [album] => random
    [cat] => 0
    [pos] => -19
)

==========================
POST :
------------------
Array
(
)

==========================
VERSION INFO :
------------------
PHP version: 4.4.7 - OK
------------------
mySQL version: 4.1.21-standard-log
------------------
Coppermine version: 1.4.21(stable)
==========================
Module: GD
------------------
GD Version: bundled (2.0.28 compatible)
FreeType Support: 1
FreeType Linkage: with freetype
T1Lib Support:
GIF Read Support: 1
GIF Create Support: 1
JPG Support: 1
PNG Support: 1
WBMP Support: 1
XBM Support: 1
JIS-mapped Japanese Font Support:

==========================
Module: mysql
------------------
MySQL Supportenabled
Active Persistent Links 0
Active Links 1
Client API version 3.23.49
MYSQL_MODULE_TYPE builtin
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_INCLUDE no value
MYSQL_LIBS no value
==========================
Module: zlib
------------------
ZLib Support enabled
Compiled Version 1.1.4
Linked Version 1.1.4
==========================
Server restrictions (safe mode)?
------------------
Directive | Local Value | Master Value
safe_mode | Off | Off
safe_mode_exec_dir | no value | no value
safe_mode_gid | Off | Off
safe_mode_include_dir | no value | no value
safe_mode_exec_dir | no value | no value
sql.safe_mode | Off | Off
disable_functions | no value | no value
file_uploads | On | On
include_path | .:/usr/share/pear | .:/usr/share/pear
open_basedir | no value | no value
==========================
email
------------------
Directive | Local Value | Master Value
sendmail_from | me@localhost.com | me@localhost.com
sendmail_path | /usr/sbin/sendmail -t -i | /usr/sbin/sendmail -t -i
SMTP | localhost | localhost
smtp_port | 25 | 25
==========================
Size and Time
------------------
Directive | Local Value | Master Value
max_execution_time | 30 | 30
max_input_time | 60 | 60
upload_max_filesize | 50M | 50M
post_max_size | 32M | 32M
==========================
Page generated in 0.048 seconds - 25 queries in 0 seconds - Album set : ; Meta set: ;

the link to the coppermine album http://www.redbeautydb.nl/blog/album_coppermine/index.php

lydiahamminga

#1
I think a found a solution, but don't know if this is the read solution e.g. the security

I replaces in the funtions.inc.php on line 1266 this line

$query = "SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' $META_ALBUM_SET ORDER BY RAND() $limit_random";

with:

  $query = "SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' $META_ALBUM_SET ORDER BY RAND() $limit";

and it seems to work fine

Ivo007

you can also do this, with cpg 1.4.24

Code:
$limit_random = $limit ? 'LIMIT '.$limit2 : $limit;

and leave
Code:
$query = "SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' $META_ALBUM_SET ORDER BY RAND() $limit_random";

as it is