Service Unavailable Error When Adding User

tjordan · February 21, 2017, 12:00am

I get the Service Unavailable when trying to add a new admin user or customer. Right now I only have the administrator user from installation. I do have an Avalara sales tax module installed which required core modifications. But, the only one in this list is the profiles.php.

I've checked other cscart sites and none of them have a user with id 0.

Database (error)
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM cscart_users WHERE user_id = 0' at line 1 (1064)
Query: SELECT FROM cscart_users WHERE user_id = 0

Backtraceâ€ºâ€º

sviadmin.php (fn_dispatch): 27
app/functions/fn.control.php (fn_run_controller): 456
app/functions/fn.control.php (include): 700
app/controllers/backend/profiles.php (fn_get_user_info): 463
app/functions/fn.users.php (db_get_row): 57
app/functions/fn.database.php (call_user_func_array): 53
app/Tygh/Database/Connection.php (getRow): 276
app/Tygh/Database/Connection.php (query): 488

ecomlabs · February 22, 2017, 12:00am

For some reason the list of columns is missed in this request. It is required to examine issue on your server.

tjordan · February 22, 2017, 12:00am

I missed that obvious error. Thanks.

So, the code in fn.users.php starting at line 40 is supposed to create the array of columns of the user_fields as listed below.

Then it feeds the db_get_row in line 57.

The ?:users part seems to be valid since it's value is 'cscart_users'

The error seems to be in line 40 in which the value of ?:users.* should equal cscart_users.*

But it is blank.

$user_fields = array (
'?:users.*',
);

$condition = ($user_id != Tygh::$app['session']['auth']['user_id']) ? fn_get_company_condition('?:users.company_id') : '';
$join = '';

/**
* Prepare params for getting user info query
*
* @param string $condition Query condition; it is treated as a WHERE clause
* @param int $user_id User identifier
* @param array $user_fields Array of table column names to be returned
*/
fn_set_hook('get_user_info_before', $condition, $user_id, $user_fields, $join);

$user_fields = implode(',', $user_fields);
$user_data = db_get_row("SELECT $user_fields FROM ?:users $join WHERE user_id = ?i $condition", $user_id);

tjordan · February 22, 2017, 12:00am

BTW, it works when I change line 57 to use * instead.

$user_data = db_get_row("SELECT * FROM ?:users $join WHERE user_id = ?i $condition", $user_id);

ecomlabs · February 27, 2017, 12:00am

Looks like 3rd party module uses the get_user_info_before hook and changes the $user_fields variable incorrectly