When deleting a taxonomy term, hook_taxonomy() is implemented by uuid module in such a way that when the 'delete' $op is triggered, a db_query() is fired off to delete the associated uuid to that term.

The db query is broken.

This query:

      db_query("DELETE FROM {$table} WHERE $keyfield = %d", $keyfield, $key);

Should be

      db_query("DELETE FROM {$table} WHERE $keyfield = %d", $key);

I'll try to roll a patch if I get a second, but I see nothings been committed here for months and months... Leaving this here as documentation.

(As an aside, I think it's ok here that the table name and keyfield values are directly written to the query, since they are both defined by the function and can't be overwritten with user input or even input from other code calling the function, so there is no need to sanitize those variables. The $key is the only piece which is coming from outside and which needs to be filtered.)

Comments

skwashd’s picture

skwashd CreditAttribution: skwashd at Dave Hall Consulting for Dave Hall Consulting commented
Status: Active » Closed (won't fix)

Drupal 6 core is no longer supported. We are no longer supporting 6.x-1.x versions of this module. I am closing this issue as won't fix.