sdempsey Posted October 12, 2005 Posted October 12, 2005 Hi, We're trying to run our own sugarcrm 3.5 installation on server90. We've run sugar on a range of boxes before, linux and windows, and never had any problems with it. However we can't seem to get magic_quotes_gpc to work properly on our totalchoice server. Even though it's on by default (according to phpInfo.php) and was switched on in the .htaccess file it's just not working, database updates are still failing when there's an apostrophe in a field. I'm pretty much fed up of this and I'd appreciate any advice or help... regards, ...shane Quote
TCH-Bruce Posted October 12, 2005 Posted October 12, 2005 Welcome to the forums, shane Sorry, don't have an answer for you but I am sure someone will be along to offer you some advice. Quote
TCH-Rob Posted October 12, 2005 Posted October 12, 2005 Welcome to the forums, shane. I too am not familiar with that either. Hang tight and we will see if someone might have an answer. Quote
TweezerMan Posted October 12, 2005 Posted October 12, 2005 Welcome to the forums, shane! The text of database error that is occurring would be helpful. Just from what you've described, I'm wondering if 1) magic_quotes_gpc should be off instead of on, or 2) there's a bug in sugarcrm. By the time a script is updating a database with submitted form data, it should have already dealt with whether the form data was escaped due to the magic_quotes_gpc setting or not. (If magic_quotes_gpc is on, then the data should be unescaped with stripslashes().) Before the update query is sent to the MySQL server, the query string should then be escaped with mysql_real_escape_string(). The error message from the MySQL server should indicate whether a quote in your submitted form data is double-encoded, or not encoded at all. If quotes are being double-encoded, you might try setting magic_quotes_gpc to off and see if the errors continue to occur. If quotes are not being encoded at all, that would seem to point at a possible bug in sugarcrm to me. Quote
sdempsey Posted October 13, 2005 Author Posted October 13, 2005 Welcome to the forums, shane! The text of database error that is occurring would be helpful. Just from what you've described, I'm wondering if 1) magic_quotes_gpc should be off instead of on, or 2) there's a bug in sugarcrm. By the time a script is updating a database with submitted form data, it should have already dealt with whether the form data was escaped due to the magic_quotes_gpc setting or not. (If magic_quotes_gpc is on, then the data should be unescaped with stripslashes().) Before the update query is sent to the MySQL server, the query string should then be escaped with mysql_real_escape_string(). The error message from the MySQL server should indicate whether a quote in your submitted form data is double-encoded, or not encoded at all. If quotes are being double-encoded, you might try setting magic_quotes_gpc to off and see if the errors continue to occur. If quotes are not being encoded at all, that would seem to point at a possible bug in sugarcrm to me. Hi David, OK, here's the trace from the database. Query Failed:INSERT into accounts set id='793d209b-07e1-eb2c-08d5-434e2dc45b59', date_entered='2005-10-13 09:50:00', date_modified='2005-10-13 09:50:51', modified_user_id='2e7d91b3-93c4-6835-c1d7-43160517c11c', assigned_user_id='2e7d91b3-93c4-6835-c1d7-43160517c11c', created_by='2e7d91b3-93c4-6835-c1d7-43160517c11c', name='John O' Hare', parent_id='', account_type='', industry='', annual_revenue='', phone_fax='', billing_address_street='', billing_address_city='', billing_address_state='', billing_address_postalcode='', billing_address_country='', description='', rating='', phone_office='', phone_alternate='', email1='', email2='', website='http://www.johnswebsiteblahblahblah.com', ownership='', employees='', sic_code='', ticker_symbol='', shipping_address_street='', shipping_address_city='', shipping_address_state='', shipping_address_postalcode='', shipping_address_country='', deleted='0'::MySQL error 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'Hare', parent_id='', account_type='', industry='', annual_revenAs you can see it's just not getting escaped despite the fact that magic_quotes_gpc is switched on. I've tried switching it off in the .htaccess in the hope that the SugarCRM code will compensate but that's not working either. I just get the same error. When I turrn magic_quotes_runtime on then the page HTML gets escaped so nothing works. e.g. instead of an image you see <img src=\"images/logo.jpg\"/> However, my colleague has setup a similiar deployment on totalchoice server90 without using SSL and it's working fine. I'm a bit mystified with all this. regards, ....shane Quote
TweezerMan Posted October 13, 2005 Posted October 13, 2005 To verify if magic_quotes_gpc is really enabled in the directory SugarCRM is installed in, you should run a phpinfo script that is located in the SugarCRM directory: ><?php phpinfo(); ?> If this phpinfo script indicates that magic_quotes_gpc is on, then I don't think its being enabled/disabled is what's causing your problem. If the script indicates that magic_quotes_gpc is off, then I'd suggest examining any .htacess files you might have in the /public_html directory and each directory down to your SugarCRM directory. Look for any .htaccess directives that turn off magic_quotes_gpc, or any directives that may prevent you from setting magic_quotes_gpc (such as an 'AllowOverride None' directive). Quote
sdempsey Posted October 13, 2005 Author Posted October 13, 2005 To verify if magic_quotes_gpc is really enabled in the directory SugarCRM is installed in, you should run a phpinfo script that is located in the SugarCRM directory: ><?php phpinfo(); ?> If this phpinfo script indicates that magic_quotes_gpc is on, then I don't think its being enabled/disabled is what's causing your problem. If the script indicates that magic_quotes_gpc is off, then I'd suggest examining any .htacess files you might have in the /public_html directory and each directory down to your SugarCRM directory. Look for any .htaccess directives that turn off magic_quotes_gpc, or any directives that may prevent you from setting magic_quotes_gpc (such as an 'AllowOverride None' directive). Hi David, I've done this step already and I can assure you that whether the magic_quotes is reported as on or off it makes no difference. The confusing thing is that magic quotes isn't doing what it's supposed to here and I can't find anything on the sugar lists describing this as a known sugarcrm problem. Like I said, very confusing. The best I've been topld is that sometimes "individual server configurations have bugs that prevent sugar from working as expected" by another developer on the sugar boards. This smacks too much of the black arts and I'd rather a more concrete answer to the problem. regards, ...shane Quote
sdempsey Posted October 13, 2005 Author Posted October 13, 2005 Hi David, I've done this step already and I can assure you that whether the magic_quotes is reported as on or off it makes no difference. The confusing thing is that magic quotes isn't doing what it's supposed to here and I can't find anything on the sugar lists describing this as a known sugarcrm problem. Like I said, very confusing. The best I've been topld is that sometimes "individual server configurations have bugs that prevent sugar from working as expected" by another developer on the sugar boards. This smacks too much of the black arts and I'd rather a more concrete answer to the problem. regards, ...shane Hi guys, we fixed the problem. For whatever reason our config.php file had become corrupted with a hidden character around the database name. I can only conclude that when we were fixing another install problem we introduced this one. When we re-editted the file on a unix system and cleaned it up and copied it back it all worked properly. A quick look through the sugar source told us that even though magic_quotes was switched on , sugar couldn't exactly match the db type and hence, didn't clean up the apostrophes. Problem solved. Thanks to everybody in Totalchoice who helped us with this problem. We value your committment to providing us with a comprehensive and reliable hosting service. regards, ...shane // Managing Director // Gaisan Technologies // www.gaisan.com Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.