[wp-trac] [WordPress Trac] #2434: Linked Image + Apostrophe In Post = Database Error

WordPress Trac wp-trac at lists.automattic.com
Sun Feb 12 19:21:58 GMT 2006 

#2434: Linked Image + Apostrophe In Post = Database Error
----------------------------+-----------------------------------------------
       Id:  2434            |      Status:  new                     
Component:  Administration  |    Modified:  Sun Feb 12 19:21:58 2006
 Severity:  major           |   Milestone:                          
 Priority:  normal          |     Version:  2.0.1                   
    Owner:  anonymous       |    Reporter:  Dave-Millercom          
----------------------------+-----------------------------------------------
 If a new post contains both an image either "Linked To Image" or "Linked
 To Page" and an apostrophe anywhere in the post (') then the apostrophe is
 not escaped properly causing a database error.

 Here's the HTML code version of a post:

 {{{
 <p>' <a title="Tim &amp; Tom Just Arrived" onclick="doPopup(7);return
 false;" class="imagelink" rel="attachment" id="p7" href="http://www.dave-
 miller.com//?attachment_id=7"><img width="120" height="96" alt="Tim &amp;
 Tom Just Arrived" id="image7" src="http://www.dave-miller.com/wp-
 uploads/2006/02/Photo-0335.thumbnail.jpg" /></a></p>
 }}}

 And the error when I clicked Save & Continue Editing - notice the ' is not
 escaped in post_content:

 {{{
 WordPress database error: [You have an error in your SQL syntax. Check the
 manual that corresponds to your MySQL server version for the right syntax
 to use near 'title="Tim & Tom Just Arrived" class="imagelink"
 rel="attachmen]

 UPDATE IGNORE wp_posts SET
 post_author = '1',
 post_date = '0000-00-00 00:00:00',
 post_date_gmt = '0000-00-00 00:00:00',
 post_content = '' <a title="Tim & Tom Just Arrived" class="imagelink"
 rel="attachment" id="p7" onclick="doPopup(7);return false;"
 href="http://www.dave-miller.com/?attachment_id=7"><img width="120"
 height="96" alt="Tim & Tom Just Arrived" id="image7" src="http://www.dave-
 miller.com/wp-uploads/2006/02/Photo-0335.thumbnail.jpg" /></a>',
 post_content_filtered = '',
 post_title = 'Test',
 post_excerpt = '',
 post_status = 'draft',
 comment_status = 'open',
 ping_status = 'open',
 post_password = '',
 post_name = '',
 to_ping = '',
 pinged = '',
 post_modified = '2006-02-12 19:14:38',
 post_modified_gmt = '2006-02-12 19:14:38',
 post_parent = '0',
 menu_order = '0'
 WHERE ID = 15

 Warning: Cannot modify header information - headers already sent by
 (output started at /home/.../wp-includes/wp-db.php:102) in /home/.../wp-
 admin/post.php on line 122
 }}}

-- 
Ticket URL: <http://trac.wordpress.org/ticket/2434>
WordPress Trac <http://wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list