On a busy website we've been having an issue that about once in a week all subqueues of a certain type were being deleted. When this happened, all subqueues that belong to a queue where that queue has owner='smartqueue_taxonomy' were entirely removed.
This issue is hard to reproduce.
The cause must be:
in /modules/taxonomy/taxonomy.module, function taxonomy_del_term:
$term = (array) taxonomy_get_term($tid);
(....)
module_invoke_all('taxonomy', 'delete', 'term', $term);
and then in /sites/all/modules/nodequeue/smartqueue.module, function smartqueue_taxonomy($op, $type, $array = NULL)
case 'delete':
$tid = $array['tid'];
if(!$tid) {
return;
}
// Find subqueues that contain this term.
$result = db_query(
"SELECT sq.sqid FROM {nodequeue_subqueue} sq
INNER JOIN {nodequeue_queue} nq ON sq.qid = nq.qid
WHERE nq.owner = 'smartqueue_taxonomy'
AND (sq.reference = '%d'
OR sq.reference LIKE '%%-%d'
OR sq.reference LIKE '%d-%%'
OR sq.reference LIKE '%%-%d-%%')",
$tid, $tid, $tid, $tid
);
while ($row = db_fetch_object($result)) {
nodequeue_remove_subqueue($row->sqid);
}
break;
} When in the first block of code the term with that $tid has already been removed the $array parameter in the second block of code will have a bogus value. The SELECT query then selects subqueues to be deleted and uses %d-%% in the selection where %d may be 0, which in our case matches all such subqueues.
We hope we have now solved the issue by changing (inserting into) the start of the second code block as below:
case 'delete':
$tid = $array['tid'];
if(!$tid) {
return;
} | Comment | File | Size | Author |
|---|---|---|---|
| #5 | nodequeue.sq_.1.patch | 542 bytes | rolf van de krol |
Comments
Comment #1
alberthendriks commentedNote that by accident the bugfix in the 3rd block has already been applied to the 2nd block. The original code with the bug does not do the $tid check.
Comment #2
ezra-g commentedThanks for pointing this out. Can you file a patch for this?
Comment #3
alberthendriks commentedI think the bug is actually in the first block of code that makes a function call with a bogus parameter. My colleague Rolf who worked on this will pick this up and try to file a patch.
Comment #4
bertboerland commentedwe (my employer) will provide a diff patch early next week. please hold on.
Comment #5
rolf van de krol commentedThis is the patch bertboerland promised.
Comment #6
ezra-g commentedI committed this with a minor change to use empty() and just return, since we don't need to return the tid. I also added a comment explaining the return.
Thanks for catching this nasty bug!
Comment #7
ezra-g commented