News:

Support the VirtueMart project and become a member

Main Menu

1064 Error

Started by Guy-How, July 29, 2015, 10:31:24 AM

Previous topic - Next topic

Guy-How

VirtueMart 3.0.6.4
Joomla! 3.4.3
PHP version 5.3.29

I am getting the following 1064 error

1064  You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'alttoviulu" ORDER BY `l`.product_name DESC LIMIT 1' at line 1 SQL=SELECT p.`virtuemart_product_id`, `l`.`product_name` FROM `mmp_howvioli_virtuemart_products` as p INNER JOIN `mmp_howvioli_virtuemart_products_fi_fi` as l using (`virtuemart_product_id`) LEFT JOIN `mmp_howvioli_virtuemart_product_shoppergroups` as ps ON p.`virtuemart_product_id` = `ps`.`virtuemart_product_id` LEFT JOIN `mmp_howvioli_virtuemart_product_categories` as pc ON p.`virtuemart_product_id` = `pc`.`virtuemart_product_id` LEFT JOIN `mmp_howvioli_virtuemart_product_prices` as pp ON p.`virtuemart_product_id` = pp.`virtuemart_product_id` WHERE ( `pc`.`virtuemart_category_id` = 3 AND ( `ps`.`virtuemart_shoppergroup_id`= "1" OR `ps`.`virtuemart_shoppergroup_id` IS NULL ) AND p.`published`="1" ) AND p.`virtuemart_product_id`!="2486" AND `l`.product_name <= "Karl Höfner Conservatoire-sarjan 15" alttoviulu" ORDER BY `l`.product_name DESC LIMIT 1

I have tried the fix here https://forum.virtuemart.net/index.php?topic=130685.0
but it did not work.

Is there a fix available for this issue?

Guy-How

The problem is Virtuemart code.

The problem was they were sending unescaped code to the database.

I added the following line in /administrator/components/com_virtuemart/models/product.php on line 1575:

$orderByValue = addslashes($orderByValue);   

This is a very crude way of escaping data, but at least it is much more secure, and will not be rejected by the database. The system works with this workaround. So hopefully it helps anyone with a similar problem.