Hi, it should be converted to use prepared statements instead of plain sql string.
Patches are welcome… Alex > Am 04.08.2015 um 09:19 schrieb Marcin Matyaszczyk <m.matyaszc...@ogicom.pl>: > > Hello > > The sms is submited like this: > > http://localhost:13013/cgi-bin/sendsms?username=username&password=pass&to=%2B48500000000&text=SMS+test+40&from=Victoria%27s&smsc=smpp1tmobile&dlr-mask=31&priority=0&dlr-url=http%3A%2F%2Fsmsc.hostyyyy.pl%2Fdlr2.php%3Fid%3D145092731%26source%3Dred%26t%3D%25t%26i%3D%25i%26d%3D%25d%26D%3D%25D%26A%3D%25A%26F%3D%25F > > All fields are urlencoded, problem is with insert query for dlr result > (we think that the string source is not escaped properly before insert > to db). > > Pozdrawiam, > Marcin Matyaszczyk > Administrator > > Ogicom “Spider” Sp. z o.o. S.K.A., (61-131) Poznan, ul. Abpa Baraniaka > 88, REGON 634407251, NIP 781-17-20-476, Sad Rejonowy Poznan Nowe Miasto > i Wilda w Poznaniu, VIII Wydzial Gospodarczy Krajowego Rejestru > Sadowego, KRS 0000410900, kapital zakladowy: 429 000 PLN. > > W dniu 04.08.2015 o 09:13, Jacek Raczkiewicz pisze: >> I think in postgres you need to escape single quote by doubling it: >> Victoria's -> Victoria''s >> >> 2015-08-04 9:08 GMT+02:00 spameden <spame...@gmail.com >> <mailto:spame...@gmail.com>>: >> >> >> >> 2015-08-03 18:24 GMT+03:00 Alvaro Cornejo <cornejo.alv...@gmail.com >> <mailto:cornejo.alv...@gmail.com>>: >> >> Hi Marcin >> >> Seems you are getting the problem due to the ' on text >> Victoria's. Even though you are urlencoding it, it seems it is >> being taken as a field delimiter and not part of the text. I'm >> thinking on two options: >> >> -) Try to escape it with \' or \\' >> >> -) You might want to replace any ' within any field with ´ or ` >> (right/left sided apostrophe) before urlencoding the fields. >> >> >> I think Marcin spot a bug when you're receiving returning DLR data >> with ' (apostroph) it won't be escaped / urlencoded properly that's >> why there is an error. >> Would be nice to reproduce this bug somehow. >> >> >> Regards >> >> Alvaro >> >> >> |-----------------------------------------------------------------------------------------------------------------| >> Envíe y Reciba Datos y mensajes de Texto (SMS) hacia y desde >> cualquier celular y Nextel >> en el Perú, México y en mas de 180 paises. Use aplicaciones 2 >> vias via SMS y GPRS online >> Visitenos en www.perusms.com <http://www.perusms.com> >> >> On Mon, Aug 3, 2015 at 9:15 AM, Marcin Matyaszczyk >> <m.matyaszc...@ogicom.pl <mailto:m.matyaszc...@ogicom.pl>> wrote: >> >> Hello >> >> we have a problem with Postgresql DLR storage which looks >> like a bug: >> when we try to send sms with source field containing ' >> character we've >> got an error: >> >> 2015-04-02 10:18:51 CEST STATEMENT: INSERT INTO "dlr" >> ("smsc", "ts", >> "source", "destination", "service", "url", "mask", "boxc", >> "status") >> VALUES ('smppxxxx3', '88888888', 'Victoria's', '+48888888888 >> <tel:%2B48888888888>', 'xxxxxx', >> >> 'http://xxxx.domain.pl/dlr2.php?id=110725920&source=XXXXXXX&t=%t&i=%i&d=%d&D=%D&A=%A&F=%F', >> '31', '', '0'); >> >> 2015-04-02 10:21:51 CEST ERROR: syntax error at or near "s" at >> character 147 >> >> We urlencode all fields and sms is submitted ok to kannel, >> problem >> appears in dlr's insert query only. We use kannel 1.5. >> >> regards >> Marcin Matyaszczyk >> >> >> >> >> >
