View Issue Details

Jump to NotesJump to History
This bug affects 1 person(s).
 4
IDProjectCategoryView StatusDate SubmittedLast Update
03687Bug reportsSurvey participants (Tokens)public2009-09-15 22:122009-09-22 00:58
Reporteruser4911Assigned Tolemeur  
PrioritynormalSeveritypartial_block 
Status closedResolutionfixed 
Product Version1.85+ 
Fixed in Version1.85+ 
Summary03687: LDAP import of names with apostrophes fails
Description

The import of tokens from an LDAP server fails silently when the result set contains a name with an apostrophe (like O'Reilly).
Records up to but not including that record are imported.

Additional Information

The code in tokens.php does not properly quote firstname, lastname and email address when assembling the MySQL query to check for duplicates.
I have attached a patch to fix this bug (tokens.patch).

TagsNo tags attached.
Attached Files
tokens.patch.txt (1,089 bytes)    
--- admin/tokens.php.old        2009-09-15 16:39:25.000000000 +0200
+++ admin/tokens.php    2009-09-15 16:43:43.000000000 +0200
@@ -2457,7 +2457,7 @@
                                                $invalidemail=false;
                                                if ($filterduplicatetoken)
                                                {
-                                                       $dupquery = "SELECT firstname, lastname from ".db_table_name("tokens_$surveyid")." where email='$myemail' and firstname='$myfirstname' and lastname='$mylastname'";
+                                                       $dupquery = "SELECT firstname, lastname from ".db_table_name("tokens_$surveyid")." where email=".db_quoteall($myemail)." and firstname=".db_quoteall($myfirstname)." and lastname=".db_quoteall($mylastname)."";
                                                        $dupresult = $connect->Execute($dupquery);
                                                        if ( $dupresult->RecordCount() > 0)
                                                        {
tokens.patch.txt (1,089 bytes)   
Bug heat4
Complete LimeSurvey version number (& build)7460
I will donate to the project if issue is resolved
BrowserMozilla
Database type & versionMySQL
Server OS (if known)Linux FC4
Webserver software & version (if known)Apache 2.0
PHP Version5.0.4

Users monitoring this issue

There are no users monitoring this issue.

Activities

user372

2009-09-16 08:48

  ~09572

@ Lemeur: plz have a look at the attached patch - Thx!
lemeur

lemeur

2009-09-19 17:59

developer   ~09606

Patch applied in rev 7661.
Many thanks for your support.

Regards,
Thibault

Issue History

Date Modified Username Field Change
2009-09-15 22:12 user4911 New Issue
2009-09-15 22:12 user4911 Status new => assigned
2009-09-15 22:12 user4911 Assigned To => user372
2009-09-15 22:12 user4911 File Added: tokens.patch.txt
2009-09-15 22:12 user4911 Build Number => 7460
2009-09-15 22:12 user4911 Browser => Mozilla
2009-09-15 22:12 user4911 Database & DB-Version => MySQL
2009-09-15 22:12 user4911 Operating System (Server) => Linux FC4
2009-09-15 22:12 user4911 Webserver => Apache 2.0
2009-09-15 22:12 user4911 PHP Version => 5.0.4
2009-09-15 22:13 user4911 Issue Monitored: user4911
2009-09-16 08:47 user372 Assigned To user372 => lemeur
2009-09-16 08:48 user372 Note Added: 09572
2009-09-19 17:59 lemeur Note Added: 09606
2009-09-19 17:59 lemeur Status assigned => resolved
2009-09-19 17:59 lemeur Fixed in Version => 1.85+
2009-09-19 17:59 lemeur Resolution open => fixed
2009-09-22 00:58 c_schmitz Status resolved => closed
2016-12-08 10:39 c_schmitz Category Tokens => Survey participants (Tokens)