Support » Plugin: Stray Random Quotes » Can’t edit and new quotes are empty

  • Hello.

    Just noticed the last few quotes I added show empty in the database, and when I try to edit any quote I get “Something is wrong. I can’t find a quote linked up with that ID.”

    Tried deleting the empty ones from PHPMyAdmin, and restored a backup previous to those empty values, but the ID error remains.

    By the way, the existing quotes still show fine on the website.

    Any ideas?

Viewing 10 replies - 1 through 10 (of 10 total)
  • Yes, same over here…

    Hey Guys, I was having a similar problem and found that my version of Stray Quotes (1.9.9) was still using mysql_real_escape_string which has been removed as of PHP 7.0.0. I have converted the queries to prepared statements and now I am able to edit quotes. I still need to to update the add new scripts, but I assume it will be the same issue. I hope this helps.

    Thanks, 5wes13. Can you give us a bit more info on the procedure you used?

    Hi Idearius

    You will need to read up on prepared statements, but here is an example using the code in the stray_manage.php file in the plugin:

    This is a sample code as it stands:

    //update the quote
    				$sql = "UPDATE " . WP_STRAY_QUOTES_TABLE 
    				. " SET quote='" . mysqli_real_escape_string($quote)
    				. "', author='" . mysqli_real_escape_string($author) 
    				. "', source='" . mysqli_real_escape_string($source) 
    				. "', category='" . mysqli_real_escape_string($category)
    				. "', visible='" . mysqli_real_escape_string($visible) 
    				. "', user='" . mysqli_real_escape_string($current_user->user_nicename)
    				. "' WHERE quoteID='" . mysqli_real_escape_string($quoteID) . "'";		     

    And this is the same query using prepared statements (I have changed the layout a bit):

    //update the quote
    				$sql = 
    						quote= %s, 

    Change all queries where mysql_real_escape_string is used in stray_manage.php and stray_new.php.

    Let me know if you have any further questions.

    • This reply was modified 2 years, 9 months ago by 5wes13.
    • This reply was modified 2 years, 9 months ago by 5wes13.

    Hi Idearius are you bale to see my post with the code? It’s not showing up on my side but says it’s posted.


    • This reply was modified 2 years, 9 months ago by 5wes13.

    Hello all,

    While I too would recommend prepared queries as a more elegant and more secure solution, if you are short on time, the quick and easy way would be to replace all occurrences of mysql_real_escape_string with esc_sql in stray_manage.php.

    Many thanks, @5wes13 and @pbosakov.

    And sorry I didn’t answer sooner, @5wes13!

    I’ve been ignoring the fact that I’ve been unable to add quotes with Stray Random Quotes for a long time and thinking I would dust off my PHP skills and wade into it when it finally annoyed me enough. In the mean time, I’ve passed on recording a lot of quotes I would have loved to have captured. Today, in a burst of annoyance and laziness, I was about to post an offer for a freelancer to come and analyze and repair the issue for me because I just don’t want to refresh an entire skill-set for one small problem. And then I thought I’ve go and revisit the Random Story Quotes support area one last time. And I found this thread – Yahoo! I’ll try the ideas expressed here in the next few days to see if they sort my problem; which I hope they do. Many thanks to @5wes13 and the others here. I actually think that someone with good plugin/PHP chops could just go around looking for loose-end problems like these and selling the fixes back to wanna-be programer types like me.


    So, if this problem has been bugging you, I can testify that substituting esc_sql for mysql_real_escape_string works. I went in and made the substitutions on both stray_manage.php and stray_new.php and after that, random_stray_quotes worked again as it used to.

    Big thanks to 5west13 and pbosakov!

    I second the Big Thanks to 5west13 and pbosakov. I was also able to get back up and quoting with the simple esc_sql substitution.

    Thanks, all!

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Can’t edit and new quotes are empty’ is closed to new replies.