Is this a bug ?

[Guest nickteagle]

Hi I'm just developing a new site and came across a problem where if a product had ' in its name. Then when I clicked on "View Cart" after adding it to my basket I got a sql error (see error below).

I fixed this by editing includes/content/cart.inc.php line 689

and changing

$basket = $cart->setVar($product[0]['name'],'name','invArray',$i);

to

$basket = $cart->setVar(str_replace(array("\\'","'"), "'", $product[0]['name']),'name','invArray',$i);

There didn't seem to be any check in the code to check the product name was sql safe when saving the basket in the session?

Cheers Nick

MySQL Error Occurred

Error Message:

1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Select fan in Brushed nickel - 24342";}}s:8:"shipCost";d:0;s:8:"discount";s:0:' at line 1

SQL:

UPDATE `CubeCart_sessions` SET `basket` = 'a:7:{s:5:"conts";a:3:{s:6:"674{:}";a:2:{s:8:"quantity";d:1;s:9:"timestamp";i:1294321105;}s:6:"731{:}";a:2:{s:8:"quantity";d:1;s:9:"timestamp";i:1294321228;}s:6:"730{:}";a:2:{s:8:"quantity";d:1;s:9:"timestamp";i:1294321828;}}s:8:"invArray";a:3:{i:1;a:7:{s:9:"productId";s:3:"674";s:4:"name";s:35:"Hunter Alchemy fan in White - 24186";s:11:"productCode";s:5:"24186";s:11:"prodOptions";s:0:"";s:5:"price";s:6:"440.00";s:8:"quantity";d:1;s:7:"digital";s:1:"0";}i:2;a:7:{s:9:"productId";s:3:"731";s:4:"name";s:49:"Hunter Builders Select fan in Antique brass-24344";s:11:"productCode";s:5:"24344";s:11:"prodOptions";s:0:"";s:5:"price";s:6:"175.00";s:8:"quantity";d:1;s:7:"digital";s:1:"0";}i:3;a:7:{s:11:"productCode";s:5:"24342";s:11:"prodOptions";s:0:"";s:5:"price";s:6:"175.00";s:8:"quantity";d:1;s:7:"digital";s:1:"0";s:9:"productId";s:3:"730";s:4:"name";s:53:"Hunter Builder's Select fan in Brushed nickel - 24342";}}s:8:"shipCost";d:0;s:8:"discount";s:0:"";s:8:"subTotal";s:6:"790.00";s:3:"tax";s:6:"138.25";s:10:"grandTotal";s:6:"928.25";}' WHERE sessId='cl5tgv4onffqvd0rfj498rtg16';