We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 727
    • 502 Posts
    I copy the tar.gz file via Samba and extract on the server via ssh, so no FTP involved.

    However I will follow Ryan’s suggestion to create another site using 0.9.6.1 and a new database when I finish work today.

    Andy
      • 727
      • 502 Posts
      New 0.9.6.1 install with new database works fine.

      For the 0.9.6.1 installation with the problem, it is running a 99% complete website with no issues. Everything is going smoothly. I use lots of different snippets, custom snippets, plugins, etc. Has 100 pages. The only issue is the apostrophes...

      So what is the easiest way of moving my documents from the broken install to the working install?

      Andy
        • 25663 MODX Staff
        • 12,272 Posts
        Andy have you tried to repair and optimize the database on the "broken" site using the phpMyAdmin tools?
          Ryan Thrash, MODX Co-Founder
          Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me
          • 727
          • 502 Posts
          I’ve found out a bit more, but still need some help.

          The SQL query is being generated by the DocManager library (which is in the MODx resources library). I was using it to modify a document when OnDocFormSave is called. The offending line is 78 of document.class.inc.php, which is:

          $modx->db->update(&$this->fields, $tablename, "id=$id");


          What should I change this line to so apostrophes are escaped properly?

          Let me rephrase that: I know I can call addslashes before the $modx->db->update, but is there a better solution, i.e. a function in the MODx API to do this for all fields, content, title, etc.?

          Andy
            • 22303 MODX Staff
            • 10,725 Posts
            Andy, if I understand you correctly, you have the DocManager class resaving the same data that the form itself is saving in this plugin? I may be confused, and hope that I am.

            In any case, any user input strings will need to be escaped with mysql_real_escape_string(), which is what $modx->db->escape() uses as when available. I recommend using that function for now, rather than addslashes().

            FYI, all database activity in 0.9.7 is xPDO-based, which handles escaping user input for you in most cases, so you will not have to worry about this, unless you want to bypass the use of prepared statements for a specific purpose.
              • 727
              • 502 Posts
              Thanks.

              I’m doing this to convert user-friendly TVs into snippet friendly TVs. Better to do it when the document is edited rather than every time someone views the page. Essentially post-processing. So, yes, when the document is saved the plugin resaves it with modifications.

              Andy
                • 7231
                • 4,205 Posts
                Have you tried disabling your custom plugin to see if the problem could be isolated, is the error when saving or when re-saving. Or try running the plugin on the clean install that you know is working. Just a thought.
                  [font=Verdana]Shane Sponagle | [wiki] Snippet Call Anatomy | MODx Developer Blog | [nettuts] Working With a Content Management Framework: MODx

                  Something is happening here, but you don't know what it is.
                  Do you, Mr. Jones? - [bob dylan]
                  • 727
                  • 502 Posts
                  Thanks for the reply, but I already pinned down exactly what the problem is - the DocManager class does not escape anything.

                  Andy