SQL Error adding block

Permalink Browser Info Environment
Made my first block with this version, and added the block to a page to test. Filled out block form, clicking Add, and I get an SQL exception:

An exception occurred while executing 'INSERT INTO btMulServiceListingTwo (bID, title, desc, image, intlink, intlink_text, extlink, extlink_text, align, bgcolor, faicon, icoalign, anim) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' with params ["16", "Test", "test<\/p>", "1", "0", "", "", "", "", "", "", "", ""]: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc, image, intlink, intlink_text, extlink, extlink_text, align, bgcolor, faico' at line 1

Any ideas? Other standard blocks add to the page.

Type: Discussion
Status: Resolved
tduncandesign
View Replies:
tduncandesign replied on at Permalink Reply
tduncandesign
FIxed.

I don't know what happened before. I uninstalled that block (that was giving sql error in original post), deleted it, went back and re-built it and it adds and outputs to the page now.
ramonleenders replied on at Permalink Reply
ramonleenders
Hi there,

I do know what happened here. For the "Description" input, you've chosen a variable called "desc". This actually is a SQL statement. There is already a blacklist and that will add a numeric value to your slug (like desc1), to avoid this from happening. The "desc" is not in this blacklist though, so I will be adding this. Same goes for "asc" (so ascending and descending). Meanwhile, do not use these 2 SQL statements as variable name, and you should be good to go!

Makes sense? :)

Kind regards,

Ramon
tduncandesign replied on at Permalink Reply
tduncandesign
Yes, that does make sense. I actually thought about 'desc' when I made the variable name, but thought, "Oh, that shouldn't matter, this is in the PHP." Oops. Lesson learned.

Great package! Looking forward to working with it. Thanks again for all your efforts.
ramonleenders replied on at Permalink Reply
ramonleenders
After I will release the new version, you can add "desc" as variable name. It will get converted (behind the scenes) to desc_1. This way, all SQL functions will remain valid and everything will work as it should. But best thing to do is to just write the full name (description in this case). Also reads better in the PHP code eventually.

Hope you will fall in love with Block Designer. I'm 100% certain it will save you loads of valuable time.

Kind regards,

Ramon
tduncandesign replied on at Permalink Reply
tduncandesign
Already in love with it, and looking to make extensive use of it!
ramonleenders replied on at Permalink Reply
ramonleenders
When you have the time, please leave a review. That will help others, you AND me a lot :)

Kind regards,

Ramon

concrete5 Environment Information

# concrete5 Version
Core Version - 5.7.5.3
Version Installed - 5.7.5.3
Database Version - 20150731000000

# concrete5 Packages
Block Designer (1.3.9), Block Designer Pro (1.1.7).

# concrete5 Overrides
blocks/mul_service_listing_two/form.php, blocks/mul_service_listing_two/auto.js, blocks/mul_service_listing_two/icon.png, blocks/mul_service_listing_two/add.php, blocks/mul_service_listing_two/edit.php, blocks/mul_service_listing_two/config.json, blocks/mul_service_listing_two/composer.php, blocks/mul_service_listing_two/controller.php, blocks/mul_service_listing_two/db.xml, blocks/mul_service_listing_two/view.php, blocks/mul_service_listing_two (overrides truncated for space)

# concrete5 Cache Settings
Block Cache - Off
Overrides Cache - Off
Full Page Caching - Off
Full Page Cache Lifetime - Every 6 hours (default setting).

# Server Software
Apache

# Server API
cgi-fcgi

# PHP Version
5.4.45

# PHP Extensions
bcmath, bz2, calendar, cgi-fcgi, Core, ctype, curl, date, dom, ereg, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, imagick, imap, intl, ionCube Loader, json, libxml, mbstring, mcrypt, mhash, mssql, mysql, mysqli, odbc, openssl, pcre, PDO, pdo_mysql, pdo_sqlite, Phar, posix, pspell, Reflection, session, SimpleXML, soap, sockets, SourceGuardian, SPL, sqlite3, standard, tidy, tokenizer, wddx, xml, xmlreader, xmlrpc, xmlwriter, xsl, Zend Guard Loader, zip, zlib.

# PHP Settings
max_execution_time - 30
log_errors_max_len - 1024
max_file_uploads - 20
max_input_nesting_level - 64
max_input_time - 60
max_input_vars - 1000
memory_limit - 256M
post_max_size - 64M
sql.safe_mode - Off
upload_max_filesize - 64M
mssql.max_links - Unlimited
mssql.max_persistent - Unlimited
mssql.max_procs - Unlimited
mssql.textlimit - Server default
mysql.max_links - Unlimited
mysql.max_persistent - Unlimited
mysqli.max_links - Unlimited
mysqli.max_persistent - Unlimited
odbc.max_links - Unlimited
odbc.max_persistent - Unlimited
pcre.backtrack_limit - 1000000
pcre.recursion_limit - 100000
session.cache_limiter - <i>no value</i>
session.gc_maxlifetime - 1440
soap.wsdl_cache_limit - 5

Browser User-Agent String

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9

Hide Post Content

This will replace the post content with the message: "Content has been removed by an Administrator"

Hide Content

Request Refund

You may not request a refund that is not currently owned by you.