Hi,

Entity References is an amazingly good module that I use on all my sites.

I have encountered an error that is similar to some that have been previously reported but I have found out how to trigger it which I thought might be helpful.

When I apply a sort to the Simple (with optional filter by bundle) Entity Selection mode for a content type that uses Entity Reference. I get the following error when logged in as any user other than User 1 but when I remove the sort the error dissapears:

PDOException: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'field_data_field_assembly_serial_number0.nid' in 'where clause': SELECT field_data_field_assembly_serial_number0.entity_type AS entity_type, field_data_field_assembly_serial_number0.entity_id AS entity_id, field_data_field_assembly_serial_number0.revision_id AS revision_id, field_data_field_assembly_serial_number0.bundle AS bundle FROM {field_data_field_assembly_serial_number} field_data_field_assembly_serial_number0 WHERE (field_data_field_assembly_serial_number0.deleted = :db_condition_placeholder_0) AND (field_data_field_assembly_serial_number0.entity_type = :db_condition_placeholder_1) AND (field_data_field_assembly_serial_number0.bundle IN (:db_condition_placeholder_2)) AND(( ( EXISTS (SELECT na.nid AS nid FROM {node_access} na WHERE (( (na.gid = :db_condition_placeholder_3) AND (na.realm = :db_condition_placeholder_4) )OR( (na.gid = :db_condition_placeholder_5) AND (na.realm = :db_condition_placeholder_6) )OR( (na.gid = :db_condition_placeholder_7) AND (na.realm = :db_condition_placeholder_8) )OR( (na.gid = :db_condition_placeholder_9) AND (na.realm = :db_condition_placeholder_10) )OR( (na.gid = :db_condition_placeholder_11) AND (na.realm = :db_condition_placeholder_12) ))AND (na.grant_view >= :db_condition_placeholder_13) AND (field_data_field_assembly_serial_number0.entity_id = na.nid) )) AND (field_data_field_assembly_serial_number0.entity_type = :db_condition_placeholder_14) )OR (field_data_field_assembly_serial_number0.entity_type <> :db_condition_placeholder_15) )AND ( EXISTS (SELECT na.nid AS nid FROM {node_access} na WHERE (( (na.gid = :db_condition_placeholder_16) AND (na.realm = :db_condition_placeholder_17) )OR( (na.gid = :db_condition_placeholder_18) AND (na.realm = :db_condition_placeholder_19) )OR( (na.gid = :db_condition_placeholder_20) AND (na.realm = :db_condition_placeholder_21) )OR( (na.gid = :db_condition_placeholder_22) AND (na.realm = :db_condition_placeholder_23) )OR( (na.gid = :db_condition_placeholder_24) AND (na.realm = :db_condition_placeholder_25) ))AND (na.grant_view >= :db_condition_placeholder_26) AND (field_data_field_assembly_serial_number0.nid = na.nid) )) ORDER BY field_data_field_assembly_serial_number0.field_assembly_serial_number_value ASC; Array ( [:db_condition_placeholder_0] => 0 [:db_condition_placeholder_1] => node [:db_condition_placeholder_2] => assembly [:db_condition_placeholder_3] => 0 [:db_condition_placeholder_4] => all [:db_condition_placeholder_5] => 29 [:db_condition_placeholder_6] => content_access_author [:db_condition_placeholder_7] => 2 [:db_condition_placeholder_8] => content_access_rid [:db_condition_placeholder_9] => 4 [:db_condition_placeholder_10] => content_access_rid [:db_condition_placeholder_11] => 1 [:db_condition_placeholder_12] => view_unpublished_content [:db_condition_placeholder_13] => 1 [:db_condition_placeholder_14] => node [:db_condition_placeholder_15] => node [:db_condition_placeholder_16] => 0 [:db_condition_placeholder_17] => all [:db_condition_placeholder_18] => 29 [:db_condition_placeholder_19] => content_access_author [:db_condition_placeholder_20] => 2 [:db_condition_placeholder_21] => content_access_rid [:db_condition_placeholder_22] => 4 [:db_condition_placeholder_23] => content_access_rid [:db_condition_placeholder_24] => 1 [:db_condition_placeholder_25] => view_unpublished_content [:db_condition_placeholder_26] => 1 ) in field_sql_storage_field_storage_query() (line 582 of /var/www/html/mysite/modules/field/modules/field_sql_storage/field_sql_storage.module).

I will try using a Views Entity: Filter by entity reference view and see if that works as a workaround that allows me to sort the entities in the select list without causing the error and will post if that works.

Have a great day and thanks again for all your work on this excellent module!

Comments

lonehorseend’s picture

I can confirm that the solution of creating an Entity Reference View and assigning it to the Entity Reference (instead of using the simple selection) works and removes this error.

abhuman’s picture

I believe the root cause of the issue is Entity Reference unconditionally adding a <type>_access tag to the query. It seems that in the case where sorting is by a field, this check is unnecessary as a field access check will be made. I've rolled a simple patch which does this, though I don't fully understand all the security implications.

bkat’s picture

Status: Active » Reviewed & tested by the community
bkat’s picture

This patch works great for fixing the exact some problem I was having on my system.

mojameslittle’s picture

abhuman's patch worked great for issue I was having as well. Thanks for sorting this out. This fix really should be incorporated into the module.

vitalie’s picture

+1 Works indeed.

foredoc’s picture

Hi,

I have a very similar problem (the similarity resides in the error message), and the patch seems not working.

As described in: https://www.drupal.org/node/2759785, my problem originated from the content access module, and I am not sure if it has something to do with "Sort".

Since I have no idea what's happening, and this is the closest thread of discussion that I can find, I sincerely post my problems here for suggestions.

Thanks.

MorinLuc0’s picture

Status: Reviewed & tested by the community » Needs work

This will need some test cases before it can be committed.

czigor’s picture

Status: Needs work » Reviewed & tested by the community

Tests are nice without a doubt but looking at the last commits of the module it does not seem to be a requirement. To write tests for this would take writing a entityreference_node_access_test module inside entityreference/tests/modules. Let's see what a maintainer says.

The patch works in our case and is also straightforward. Marking this RTBC.

czigor’s picture

Priority: Normal » Major

Based on https://www.drupal.org/node/45111 this is major: "Trigger a PHP error through the user interface, but only under rare circumstances or affecting only a small percentage of all users, even if there is a workaround."