Uploaded image for project: 'translate5'
  1. translate5
  2. TRANSLATE-1708

Possible server error on segment search

    XMLWordPrintable

Details

    • High

    Description

       h1.problem

      The frontend send a search request with an empty "searchInField" Attribute.

      This should be not possible from the frontend, but however the user did achieve to send the search with the searchInField parameter with an empty value. A JS error in the same time would explain that, but no JS error was tracked.

      This led to the following error on the server side, since the existence of a "searchInField" value was not correctly validated:

      Exception: Zend_Db_Statement_Exception
      Level: ERROR
      Errorcode: E9999
      Message: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d.ToSort' in 'field list', query was: SELECT `LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d`.`id`, `LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d`.`segmentNrInTask`, `LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d`.`ToSort`, `LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d`.`editable` FROM `LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d` WHERE (`ToSort` like '%寬%' COLLATE utf8_bin) AND (editable=1) AND (autoStateId in (0, 14, 4, 1, 2, 5, 6, 7, 8, 9, 10, 11, 12, 13)) AND (matchRate < 100)
      Domain: core
      File (Line): /var/www/translate5/library/zend/Zend/Db/Statement/Pdo.php (235)
      User: miele.elam (erica lam) ({76a12cdf-6a25-48c6-a2ba-e974fe133df7})
      Request: GET /editor/segment/search?_dc=1562307300260&filter=%5B%7B%22operator%22%3A%22in%22%2C%22value%22%3A%5B0%2C14%2C4%2C1%2C2%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%5D%2C%22property%22%3A%22autoStateId%22%7D%2C%7B%22operator%22%3A%22lt%22%2C%22value%22%3A100%2C%22property%22%3A%22matchRate%22%7D%5D&sort=%5B%5D&taskGuid=%7Ba2d68ac2-c673-4b21-815f-d673208c268f%7D&searchType=normalSearch&searchField=%E5%AF%AC&replaceField=&searchInField=&matchCase=true&searchTopChekbox=true&saveCurrentOpen=true&searchInLockedSegments=false&isActiveTrackChanges=true&attributeWorkflowstep=lectoring1&userTrackingId=6513&userColorNr=1
      Trace:
      #0 /var/www/translate5/library/zend/Zend/Db/Statement.php(303): Zend_Db_Statement_Pdo->_execute(Array) #1 /var/www/translate5/library/zend/Zend/Db/Adapter/Abstract.php(480): Zend_Db_Statement->execute(Array) #2 /var/www/translate5/library/zend/Zend/Db/Adapter/Pdo/Abstract.php(238): Zend_Db_Adapter_Abstract->query('SELECT `LEK_seg...', Array) #3 /var/www/translate5/library/zend/Zend/Db/Table/Abstract.php(1581): Zend_Db_Adapter_Pdo_Abstract->query(Object(Zend_Db_Table_Select)) #4 /var/www/translate5/library/zend/Zend/Db/Table/Abstract.php(1396): Zend_Db_Table_Abstract->_fetch(Object(Zend_Db_Table_Select)) #5 /var/www/translate5/library/ZfExtended/Models/Entity/Abstract.php(224): Zend_Db_Table_Abstract->fetchAll(Object(Zend_Db_Table_Select)) #6 /var/www/translate5/application/modules/editor/Models/Segment.php(230): ZfExtended_Models_Entity_Abstract->loadFilterdCustom(Object(Zend_Db_Table_Select)) #7 /var/www/translate5/application/modules/editor/Controllers/SegmentController.php(438): editor_Models_Segment->search(Array) #8 /var/www/translate5/library/zend/Zend/Controller/Action.php(516): Editor_SegmentController->searchAction() #9 /var/www/translate5/library/ZfExtended/Controllers/AAARestController.php(287): Zend_Controller_Action->dispatch('searchAction') #10 /var/www/translate5/library/zend/Zend/Controller/Dispatcher/Standard.php(308): ZfExtended_RestController->dispatch('searchAction') #11 /var/www/translate5/library/zend/Zend/Controller/Front.php(954): Zend_Controller_Dispatcher_Standard->dispatch(Object(REST_Controller_Request_Http), Object(Zend_Controller_Response_Http)) #12 /var/www/translate5/library/zend/Zend/Application/Bootstrap/Bootstrap.php(105): Zend_Controller_Front->dispatch() #13 /var/www/translate5/library/zend/Zend/Application.php(384): Zend_Application_Bootstrap_Bootstrap->run() #14 /var/www/translate5/library/ZfExtended/Application.php(47): Zend_Application->run() #15 /var/www/translate5/library/ZfExtended/BaseIndex.php(153): ZfExtended_Application->run() #16 /var/www/translate5/public/index.php(35): ZfExtended_BaseIndex->startApplication() #17 {main}
      Request:
      Array ( [_dc] => 1562307300260 [filter] => [{"operator":"in","value":[0,14,4,1,2,5,6,7,8,9,10,11,12,13],"property":"autoStateId"},\{"operator":"lt","value":100,"property":"matchRate"}] [sort] => [] [taskGuid] => {a2d68ac2-c673-4b21-815f-d673208c268f} [searchType] => normalSearch [searchField] => 寬 [replaceField] => [searchInField] => [matchCase] => true [searchTopChekbox] => true [saveCurrentOpen] => true [searchInLockedSegments] => false [isActiveTrackChanges] => true [attributeWorkflowstep] => lectoring1 [userTrackingId] => 6513 [userColorNr] => 1 )
      Exception: PDOException
      Level: ERROR
      Errorcode: E9999
      Message: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'LEK_segment_view_7da8ba2c81ed080fffa2371cd0289c5d.ToSort' in 'field list'
      Domain: core
      File (Line): /var/www/translate5/library/zend/Zend/Db/Statement/Pdo.php (228)
      User: miele.elam (erica lam) ({76a12cdf-6a25-48c6-a2ba-e974fe133df7})
      Request: GET /editor/segment/search?_dc=1562307300260&filter=%5B%7B%22operator%22%3A%22in%22%2C%22value%22%3A%5B0%2C14%2C4%2C1%2C2%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%5D%2C%22property%22%3A%22autoStateId%22%7D%2C%7B%22operator%22%3A%22lt%22%2C%22value%22%3A100%2C%22property%22%3A%22matchRate%22%7D%5D&sort=%5B%5D&taskGuid=%7Ba2d68ac2-c673-4b21-815f-d673208c268f%7D&searchType=normalSearch&searchField=%E5%AF%AC&replaceField=&searchInField=&matchCase=true&searchTopChekbox=true&saveCurrentOpen=true&searchInLockedSegments=false&isActiveTrackChanges=true&attributeWorkflowstep=lectoring1&userTrackingId=6513&userColorNr=1
      Trace:
      #0 /var/www/translate5/library/zend/Zend/Db/Statement/Pdo.php(228): PDOStatement->execute(Array) #1 /var/www/translate5/library/zend/Zend/Db/Statement.php(303): Zend_Db_Statement_Pdo->_execute(Array) #2 /var/www/translate5/library/zend/Zend/Db/Adapter/Abstract.php(480): Zend_Db_Statement->execute(Array) #3 /var/www/translate5/library/zend/Zend/Db/Adapter/Pdo/Abstract.php(238): Zend_Db_Adapter_Abstract->query('SELECT `LEK_seg...', Array) #4 /var/www/translate5/library/zend/Zend/Db/Table/Abstract.php(1581): Zend_Db_Adapter_Pdo_Abstract->query(Object(Zend_Db_Table_Select)) #5 /var/www/translate5/library/zend/Zend/Db/Table/Abstract.php(1396): Zend_Db_Table_Abstract->_fetch(Object(Zend_Db_Table_Select)) #6 /var/www/translate5/library/ZfExtended/Models/Entity/Abstract.php(224): Zend_Db_Table_Abstract->fetchAll(Object(Zend_Db_Table_Select)) #7 /var/www/translate5/application/modules/editor/Models/Segment.php(230): ZfExtended_Models_Entity_Abstract->loadFilterdCustom(Object(Zend_Db_Table_Select)) #8 /var/www/translate5/application/modules/editor/Controllers/SegmentController.php(438): editor_Models_Segment->search(Array) #9 /var/www/translate5/library/zend/Zend/Controller/Action.php(516): Editor_SegmentController->searchAction() #10 /var/www/translate5/library/ZfExtended/Controllers/AAARestController.php(287): Zend_Controller_Action->dispatch('searchAction') #11 /var/www/translate5/library/zend/Zend/Controller/Dispatcher/Standard.php(308): ZfExtended_RestController->dispatch('searchAction') #12 /var/www/translate5/library/zend/Zend/Controller/Front.php(954): Zend_Controller_Dispatcher_Standard->dispatch(Object(REST_Controller_Request_Http), Object(Zend_Controller_Response_Http)) #13 /var/www/translate5/library/zend/Zend/Application/Bootstrap/Bootstrap.php(105): Zend_Controller_Front->dispatch() #14 /var/www/translate5/library/zend/Zend/Application.php(384): Zend_Application_Bootstrap_Bootstrap->run() #15 /var/www/translate5/library/ZfExtended/Application.php(47): Zend_Application->run() #16 /var/www/translate5/library/ZfExtended/BaseIndex.php(153): ZfExtended_Application->run() #17 /var/www/translate5/public/index.php(35): ZfExtended_BaseIndex->startApplication() #18 {main}
      Request:
      Array ( [_dc] => 1562307300260 [filter] => [{"operator":"in","value":[0,14,4,1,2,5,6,7,8,9,10,11,12,13],"property":"autoStateId"},\{"operator":"lt","value":100,"property":"matchRate"}] [sort] => [] [taskGuid] => {a2d68ac2-c673-4b21-815f-d673208c268f} [searchType] => normalSearch [searchField] => 寬 [replaceField] => [searchInField] => [matchCase] => true [searchTopChekbox] => true [saveCurrentOpen] => true [searchInLockedSegments] => false [isActiveTrackChanges] => true [attributeWorkflowstep] => lectoring1 [userTrackingId] => 6513 [userColorNr] => 1 )

      Attachments

        Activity

          People

            aleksandar Aleksandar Mitrev
            tlauria Thomas Lauria
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: