• I’m seeing an error in my debug.log that looks like this:

    [26-Aug-2016 11:08:19 UTC] WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use… for query SELECT ID FROM wp_tablename WHERE post_status=’draft’ AND post_type=’attachment’ AND post_author = 13 AND post_parent = ORDER BY ID DESC LIMIT 1…

    In the get_attachment_from_draft_submission function there is this on line 1781:

    $query = “SELECT ID FROM “.$table.” WHERE post_status=’draft’ AND post_type=’attachment’ AND post_author = $user_ID AND post_parent = “.$post_id.” ORDER BY ID DESC LIMIT 1″;

    Unfortunately there is no check to see if the $post_id variable is valid, so the query is being created with an empty value for post_parent, resulting in an invalid query.

    https://www.ads-software.com/plugins/badgeos/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter SprockTech

    (@mcklintock)

    I’ve rewrote the get_attachment_from_draft_submission function as follows:

    function get_attachment_from_draft_submission($post_id, $user_ID){
    
        global $wpdb;
    
        $table = $wpdb->posts;
        $attachment_data = array();
    
        if (!empty($table) && !empty($post_id) && !empty($user_ID)){
            $query = "SELECT ID FROM ".$table." WHERE post_status='draft' AND post_type='attachment' AND post_author = ".$user_ID." AND post_parent = ".$post_id." ORDER BY ID DESC LIMIT 1";
            $attachment_post_id = $wpdb->get_var($query);
    
            if ( $attachment_post_id ){
                $attachment_data = get_post($attachment_post_id);
            }
        }
    
        return $attachment_data;
    }
    Thread Starter SprockTech

    (@mcklintock)

    Also, in the badgeos_get_comment_form function, I replaced line 1031 with this:

    $sub_form .= '<p><textarea name="badgeos_comment" id="badgeos_comment' . absint( $post_id ) . '" class="badgeos_comment">';
    $sub_form .= isset($comment_data->comment_content) ? $comment_data->comment_content : '';
    $sub_form .='</textarea></p>';

    you made my day ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘SQL Query Syntax Error’ is closed to new replies.