Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
An example:
drupal.org/tracker?sort=asc&order=foobar
user error: You have an error in your SQL syntax near 'DESC LIMIT 0, 10' at line 1
query: SELECT n.nid, n.title, n.type, n.changed, n.uid, u.name, MAX(GREATEST(n.changed, c.timestamp)) AS last_activity FROM node n LEFT JOIN comments c ON n.nid = c.nid LEFT JOIN users u ON n.uid = u.uid WHERE n.status = 1 GROUP BY n.nid, n.title, n.type, n.changed, n.uid, u.name ORDER BY DESC LIMIT 0, 10 in /var/www/drupal.org/includes/database.mysql.inc on line 90.
Comments
Comment #1
moshe weitzman CreditAttribution: moshe weitzman commentedI'm unsure what bug you are reporting. How do I duplicate this? If you type
in bogus URLs, you are going to get an error message back.
Comment #2
scott_ CreditAttribution: scott_ commentedI included an example url that should show the problem.
This happened to me when i copied an url but forgot the last character (an annoying habbit). An error message is ok (just using the default order would be even better), but imho bad SQL queries are not. Intentional or not, websites should never cause errors like this no matter what request has been made. Its ugly and fills up the watchdog table with useless junk.
Since there are two spaces behind the ORDER BY clause, i assume the code is somewhat like "ORDER BY $something DESC. I haven't seen the code, but it doesnt seem too dificult to detect that $something is empty.
Comment #3
Kjartan CreditAttribution: Kjartan commentedComment #4
Dries CreditAttribution: Dries commentedComment #5
Dries CreditAttribution: Dries commentedI just committed Kjartan's fix to the HEAD branch. Marking this report as such.