Apostrophes Not Allowed??

I copy the tar.gz file via Samba and extract on the server via ssh, so no FTP involved.

However I will follow Ryan’s suggestion to create another site using 0.9.6.1 and a new database when I finish work today.

Andy

New 0.9.6.1 install with new database works fine.

For the 0.9.6.1 installation with the problem, it is running a 99% complete website with no issues. Everything is going smoothly. I use lots of different snippets, custom snippets, plugins, etc. Has 100 pages. The only issue is the apostrophes...

So what is the easiest way of moving my documents from the broken install to the working install?

Andy

Andy have you tried to repair and optimize the database on the "broken" site using the phpMyAdmin tools?

I’ve found out a bit more, but still need some help.

The SQL query is being generated by the DocManager library (which is in the MODx resources library). I was using it to modify a document when OnDocFormSave is called. The offending line is 78 of document.class.inc.php, which is:



What should I change this line to so apostrophes are escaped properly?

Let me rephrase that: I know I can call addslashes before the $modx->db->update, but is there a better solution, i.e. a function in the MODx API to do this for all fields, content, title, etc.?

Andy

Andy, if I understand you correctly, you have the DocManager class resaving the same data that the form itself is saving in this plugin? I may be confused, and hope that I am.

In any case, any user input strings will need to be escaped with mysql_real_escape_string(), which is what $modx->db->escape() uses as when available. I recommend using that function for now, rather than addslashes().

FYI, all database activity in 0.9.7 is xPDO-based, which handles escaping user input for you in most cases, so you will not have to worry about this, unless you want to bypass the use of prepared statements for a specific purpose.

Thanks.

I’m doing this to convert user-friendly TVs into snippet friendly TVs. Better to do it when the document is edited rather than every time someone views the page. Essentially post-processing. So, yes, when the document is saved the plugin resaves it with modifications.

Andy

Have you tried disabling your custom plugin to see if the problem could be isolated, is the error when saving or when re-saving. Or try running the plugin on the clean install that you know is working. Just a thought.

Thanks for the reply, but I already pinned down exactly what the problem is - the DocManager class does not escape anything.

Andy