Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-8302

Anonymous comments are not properly saved if the submitted author is longer than 255 chars

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 4.3-milestone-2
    • 4.2
    • Old Core
    • None
    • Unknown
    • N/A
    • N/A

    Description

      This happens with RDBMS that does not handle transactions like HSQLDB and Mysql (MyIsam) since part of the XObject is saved but not the author property. With other RDBMS the save should fail (the XObject is not added).

      2012-10-08 15:27:13,298 [http://localhost:8080/xwiki/bin/commentadd/Main/NewPage] WARN  c.x.x.w.XWikiAction            - Uncaught exception: Error number 3201 in 3: Exception while saving document xwiki:Main.NewPage
Wrapped Exception: Failed to commit or rollback transaction. Root cause [] 
com.xpn.xwiki.XWikiException: Error number 3201 in 3: Exception while saving document xwiki:Main.NewPage
Wrapped Exception: Failed to commit or rollback transaction. Root cause []
	at com.xpn.xwiki.store.XWikiHibernateStore.saveXWikiDoc(XWikiHibernateStore.java:709) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.store.XWikiCacheStore.saveXWikiDoc(XWikiCacheStore.java:177) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.store.XWikiCacheStore.saveXWikiDoc(XWikiCacheStore.java:170) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.XWiki.saveDocument(XWiki.java:1358) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.web.CommentAddAction.action(CommentAddAction.java:92) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:230) [xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:116) [xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) [struts-1.2.9.jar:1.2.9]
	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) [struts-1.2.9.jar:1.2.9]
	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) [struts-1.2.9.jar:1.2.9]
	at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) [struts-1.2.9.jar:1.2.9]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) [servlet-api-2.5.jar:2.5]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) [servlet-api-2.5.jar:2.5]
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:120) [xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:144) [xwiki-platform-wysiwyg-server-4.3-SNAPSHOT.jar:na]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:66) [xwiki-platform-webdav-server-4.3-20121002.104232-35.jar:na]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208) [xwiki-platform-container-servlet-4.3-20121002.103750-35.jar:na]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111) [xwiki-platform-container-servlet-4.3-20121002.103750-35.jar:na]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:517) [jetty-security-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406) [jetty-servlet-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:247) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:149) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.Server.handle(Server.java:346) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1065) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:823) [jetty-http-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:220) [jetty-http-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411) [jetty-server-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535) [jetty-io-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40) [jetty-io-7.4.5.v20110725.jar:7.4.5.v20110725]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529) [jetty-util-7.4.5.v20110725.jar:7.4.5.v20110725]
	at java.lang.Thread.run(Thread.java:680) [na:1.6.0_35]
Caused by: org.hibernate.HibernateException: Failed to commit or rollback transaction. Root cause []
	at com.xpn.xwiki.store.XWikiHibernateBaseStore.endTransaction(XWikiHibernateBaseStore.java:938) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	at com.xpn.xwiki.store.XWikiHibernateStore.saveXWikiDoc(XWikiHibernateStore.java:699) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	... 46 common frames omitted
Caused by: org.hibernate.exception.DataException: could not insert: [com.xpn.xwiki.objects.StringProperty]
	at org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:102) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:66) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:2454) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:2874) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.action.EntityInsertAction.execute(EntityInsertAction.java:79) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.engine.ActionQueue.execute(ActionQueue.java:273) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:265) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:184) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.event.def.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:321) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.event.def.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:51) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.impl.SessionImpl.flush(SessionImpl.java:1216) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.impl.SessionImpl.managedFlush(SessionImpl.java:383) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at org.hibernate.transaction.JDBCTransaction.commit(JDBCTransaction.java:133) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	at com.xpn.xwiki.store.XWikiHibernateBaseStore.endTransaction(XWikiHibernateBaseStore.java:931) ~[xwiki-platform-oldcore-4.3-20121002.103905-35.jar:na]
	... 47 common frames omitted
Caused by: java.sql.SQLDataException: data exception: string data, right truncation
	at org.hsqldb.jdbc.Util.sqlException(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.jdbc.Util.sqlException(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.jdbc.JDBCPreparedStatement.fetchResult(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.jdbc.JDBCPreparedStatement.executeUpdate(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.apache.commons.dbcp.DelegatingPreparedStatement.executeUpdate(DelegatingPreparedStatement.java:105) ~[commons-dbcp-1.3.jar:1.3]
	at org.apache.commons.dbcp.DelegatingPreparedStatement.executeUpdate(DelegatingPreparedStatement.java:105) ~[commons-dbcp-1.3.jar:1.3]
	at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:2437) ~[hibernate-core-3.6.9.Final.jar:3.6.9.Final]
	... 58 common frames omitted
Caused by: org.hsqldb.HsqlException: data exception: string data, right truncation
	at org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.types.CharacterType.castOrConvertToType(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.types.CharacterType.convertToType(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.StatementDML.getInsertData(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.StatementInsert.getResult(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.StatementDMQL.execute(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.Session.executeCompiledStatement(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	at org.hsqldb.Session.execute(Unknown Source) ~[hsqldb-2.2.9.jar:2.2.9]
	... 63 common frames omitted

      Very simple fix:

      Index: ../xwiki-platform/xwiki-platform-core/xwiki-platform-web/src/main/webapp/templates/commentsinline.vm
===================================================================
--- ../xwiki-platform/xwiki-platform-core/xwiki-platform-web/src/main/webapp/templates/commentsinline.vm	(revision 6ecda350fd563689d9f964b78f3958fb0bd0d497)
+++ ../xwiki-platform/xwiki-platform-core/xwiki-platform-web/src/main/webapp/templates/commentsinline.vm	(revision )
@@ -182,7 +182,7 @@
           <label>$msg.get('core.viewers.comments.add.guestName.prompt') $xwiki.getUserName($xcontext.user)</label>
           <input type="hidden" name="${xCommentClass}_author" value="$xcontext.user"/>
         #else
-          <label for="${xCommentClass}_author">$msg.get('core.viewers.comments.add.guestName.prompt') <input type="text" id="${xCommentClass}_author" name="${xCommentClass}_author" value="$author"/></label>
+          <label for="${xCommentClass}_author">$msg.get('core.viewers.comments.add.guestName.prompt') <input type="text" id="${xCommentClass}_author" name="${xCommentClass}_author" value="$author" maxlength="255" /></label>
           <strong><a href='$xwiki.getURL('XWiki.XWikiLogin', 'login', "xredirect=$escapetool.url($xwiki.relativeRequestURL)")'>$msg.get('login')</a></strong>
         #end
         ## CSRF prevention
Index: ../xwiki-platform/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/CommentAddAction.java
===================================================================
--- ../xwiki-platform/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/CommentAddAction.java	(revision 6ecda350fd563689d9f964b78f3958fb0bd0d497)
+++ ../xwiki-platform/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/web/CommentAddAction.java	(revision )
@@ -35,7 +35,7 @@
  * Action used to post a comment on a page, adds a comment object to the document and saves it, requires comment right
  * but not edit right.
  * 
- * @version $Id$
+ * @version $Id: dd076b1bcb8edb7d4f1058deac2d644748a37438 $
  */
 public class CommentAddAction extends XWikiAction
 {
@@ -79,6 +79,7 @@
                 while (author.startsWith(USER_SPACE_PREFIX)) {
                     author = StringUtils.removeStart(author, USER_SPACE_PREFIX);
                 }
+                author = author.substring(0, Math.min(author.length(), 255));
                 object.set(AUTHOR_PROPERTY_NAME, author, context);
             } else {
                 // A registered user must always post with his name.

      Attachments

        Activity

          People

            jvdrean Jean-Vincent Drean
            jvdrean Jean-Vincent Drean
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: