Issue after upgrading from dotCMS 3.3 to dotCMS 3.2.2

34 views
Skip to first unread message

Bart Plasmans

unread,
Apr 25, 2016, 6:06:50 AM4/25/16
to dotCMS User Group
Hi,

we have an issue after upgrading from dotCMS 3.3 to 3.3.2. 
On the contact page we have a "Message reason" dropdown built from dotCMS content.
The content is named "DropdownText". The dropdown is populated in a vtl file:

 <div class="ym-fbox-text">
                        <label for="message">Message reason</label>
                        <select id="message" name="message" class="required select" data-bind="{value: reason}">
                            <option name="disabled" value="disabled" disabled="disabled" selected="selected">Please select</option>
#foreach($con in $dotcontent.pull("+structureName:DropdownText +(conhost:SYSTEM_HOST) +DropdownText.dropdownCode:contact",0,"DropdownText.text asc"))
<option value="$con.text">$con.text</option>
#end
                        </select>
                    </div>

The dotCMS log shows this error, and the dropdown is empty:

[25/04/16 10:56:06:382 BST] ERROR util.SQLUtil: Invalid or pernicious sql parameter passed in : DropdownText
com.dotmarketing.business.DotStateException: Invalid or pernicious sql parameter passed in : DropdownText
at com.dotmarketing.common.util.SQLUtil.sanitizeParameter(SQLUtil.java:201) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.portlets.structure.factories.StructureFactory.getStructureByVelocityVarName(StructureFactory.java:109) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.cache.ContentTypeCacheImpl.getStructureByVelocityVarName(ContentTypeCacheImpl.java:135) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.cache.FieldsCache.getFieldsByStructureVariableName(FieldsCache.java:82) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotcms.content.elasticsearch.business.ESContentFactoryImpl.translateQuerySortBy(ESContentFactoryImpl.java:1644) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotcms.content.elasticsearch.business.ESContentFactoryImpl.translateQuery(ESContentFactoryImpl.java:1600) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotcms.content.elasticsearch.business.ESContentFactoryImpl.indexSearch(ESContentFactoryImpl.java:1248) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotcms.content.elasticsearch.business.ESContentletAPIImpl.searchIndex(ESContentletAPIImpl.java:665) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotcms.content.elasticsearch.business.ESContentletAPIImpl.search(ESContentletAPIImpl.java:537) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotcms.content.elasticsearch.business.ESContentletAPIImpl.search(ESContentletAPIImpl.java:529) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.portlets.contentlet.business.ContentletAPIInterceptor.search(ContentletAPIInterceptor.java:1561) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.content.util.ContentUtils.pull(ContentUtils.java:231) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.content.ContentTool.pull(ContentTool.java:164) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.content.ContentTool.pull(ContentTool.java:157) [dotcms_3.3.2_fb28b98f.jar:?]
at sun.reflect.GeneratedMethodAccessor364.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_77]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_77]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:372) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:361) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:178) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:285) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:572) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.Foreach.render(Foreach.java:321) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:211) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:362) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:265) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.VelocityWebUtil.mergeTemplate(VelocityWebUtil.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at sun.reflect.GeneratedMethodAccessor249.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_77]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_77]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:372) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:361) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:178) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:285) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:374) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:218) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:308) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:226) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:211) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:362) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:265) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.VelocityWebUtil.mergeTemplate(VelocityWebUtil.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at sun.reflect.GeneratedMethodAccessor249.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_77]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_77]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:372) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:361) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:178) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:285) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:572) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTExpression.value(ASTExpression.java:71) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:150) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:362) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:265) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.VelocityWebUtil.mergeTemplate(VelocityWebUtil.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at sun.reflect.GeneratedMethodAccessor249.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_77]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_77]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:372) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:361) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:178) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:285) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:374) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:218) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:308) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:226) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:211) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:218) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:308) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:226) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:211) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.Foreach.render(Foreach.java:423) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:211) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:362) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:265) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.VelocityWebUtil.mergeTemplate(VelocityWebUtil.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at sun.reflect.GeneratedMethodAccessor249.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_77]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_77]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:372) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:361) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:178) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:285) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:374) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:106) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:218) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:308) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:226) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:211) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:362) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:265) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.viewtools.VelocityWebUtil.mergeTemplate(VelocityWebUtil.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at sun.reflect.GeneratedMethodAccessor249.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_77]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_77]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:372) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:361) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:178) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:285) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:374) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:330) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:362) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.velocity.Template.merge(Template.java:265) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.velocity.VelocityServlet.doLiveMode(VelocityServlet.java:523) [dotcms_3.3.2_fb28b98f.jar:?]
at com.dotmarketing.velocity.VelocityServlet.service(VelocityServlet.java:216) [dotcms_3.3.2_fb28b98f.jar:?]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) [servlet-api.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.MiddlewareCleanupFilter.doFilter(MiddlewareCleanupFilter.java:51) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:720) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:466) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:391) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:318) [catalina.jar:8.0.33]
at com.dotmarketing.filters.CMSFilter.doFilter(CMSFilter.java:209) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at com.dotmarketing.filters.AutoLoginFilter.doFilter(AutoLoginFilter.java:61) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at com.dotmarketing.cms.urlmap.filters.URLMapFilter.doFilter(URLMapFilter.java:300) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at com.dotmarketing.filters.TimeMachineFilter.doFilter(TimeMachineFilter.java:174) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.LogDeeplinkFilter.doFilter(LogDeeplinkFilter.java:66) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.KeepAliveFilter.doFilter(KeepAliveFilter.java:36) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.RoutingFilter.doFilter(RoutingFilter.java:77) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.SelfServiceSessionInitialisationFilter.doFilter(SelfServiceSessionInitialisationFilter.java:32) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.LoginFilter.doFilter(LoginFilter.java:107) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.MiddlewareCleanupFilter.doFilter(MiddlewareCleanupFilter.java:51) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.DisableWebsiteFilter.doFilter(DisableWebsiteFilter.java:123) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at nl.isaac.dotcms.davosselfservice.filter.RequestStoringFilter.doFilter(RequestStoringFilter.java:28) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at com.dotmarketing.filters.ThreadNameFilter.doFilter(ThreadNameFilter.java:90) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at com.dotmarketing.filters.CookiesFilter.doFilter(CookiesFilter.java:33) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at com.dotmarketing.filters.CharsetEncodingFilter.doFilter(CharsetEncodingFilter.java:146) [dotcms_3.3.2_fb28b98f.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [catalina.jar:8.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [catalina.jar:8.0.33]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) [catalina.jar:8.0.33]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [catalina.jar:8.0.33]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) [catalina.jar:8.0.33]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) [catalina.jar:8.0.33]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [catalina.jar:8.0.33]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) [catalina.jar:8.0.33]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [catalina.jar:8.0.33]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522) [catalina.jar:8.0.33]
at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:868) [tomcat-coyote.jar:8.0.33]
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) [tomcat-coyote.jar:8.0.33]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1502) [tomcat-coyote.jar:8.0.33]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1458) [tomcat-coyote.jar:8.0.33]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_77]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_77]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.0.33]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_77]


However when I refresh the page I see no error, and the dropdown is populated.
When I empty the dotCMS cache, I get the error again.

I have added a screenshot of the content which is rendered.

whats going wrong here, this must be a byproduct of the security fix for http://dotcms.com/security/SI-35 ?

Bart


dotCMS Enterprise Web Content Management - Google Chrome_2016-04-25_12-03-50.png

Brent Griffin

unread,
Apr 25, 2016, 8:47:07 AM4/25/16
to dotCMS User Group
Bart,
Did you download 3.3.2 from the nightly builds page?  Just so you know, 3.3.2 has not yet been released yet.  3.3.1 is currently the latest 3.3.x release available.

What you are seeing does seem to be related to the security changes.  You can follow that status of this issue here:  https://github.com/dotCMS/core/issues/8939

Thanks,
Brent Griffin
Sr. Java Architect
dotCMS

Bart Plasmans

unread,
Apr 25, 2016, 9:07:11 AM4/25/16
to dotCMS User Group
Hi Brent,

I was looking for dotCMS 3.3.1 download link, but was unable to find it on the dotCMS downloads page.
I was able to download it by changing the dowload link from another version to "http://dotcms.com/download/download-now.dot?file=/physical_downloads/release_builds/dotcms_3.3.1.zip".
We saw that 3.3.2 was tagged a release on github, and we were able to download it from "http://dotcms.com/download/download-now.dot?file=/physical_downloads/release_builds/dotcms_3.3.2.zip".

see:

Thank you for creating the ticket!

greetings Bart

Brent Griffin

unread,
Apr 25, 2016, 9:28:44 AM4/25/16
to dotCMS User Group
Yes, I know about the release info in github - really a release candidate scenario.  It is really not a good idea to grab releases and to deploy them into production systems before they are actually released.  You could potentially get into a data conversion problem here because we only support upgrading from one officially released version to another officially released version.

That said, we are thankful the for extra help testing and will look at this issue before we release 3.3.2.

Thank you,
Brent Griffin
Sr. Java Architect
dotCMS

Bart Plasmans

unread,
Apr 26, 2016, 3:14:27 AM4/26/16
to dotCMS User Group
Hi Brent,

what are the changes done in the 3.3.2 version compared to the 3.3.1 ?

greetings Bart

Jon

unread,
Aug 29, 2016, 11:30:02 AM8/29/16
to dotCMS User Group
Hi,
I have just tested the upgrade from 3.2.4 to 3.5.1 and I am getting these error messages in the dotcms.log. Are these hard errors or does processing still continue?
There seems to be a mix of INFO and ERROR messages with this log content.

[25/08/16 14:49:57:356 CEST] ERROR util.SQLUtil: Invalid or pernicious sql parameter passed in : WsProductGroup
[25/08/16 14:55:00:060 CEST] ERROR util.SQLUtil: Invalid or pernicious sql parameter passed in : WsOrderItemExtra
[25/08/16 14:55:00:505 CEST] ERROR util.SQLUtil: Invalid or pernicious sql parameter passed in : WsOrderItem
[25/08/16 14:55:00:668 CEST] ERROR util.SQLUtil: Invalid or pernicious sql parameter passed in : WsOrderPayment
[25/08/16 15:00:00:035 CEST] ERROR util.SQLUtil: Invalid or pernicious sql parameter passed in : WsOrder

All at line >>>> at com.dotmarketing.common.util.SQLUtil.sanitizeParameter(SQLUtil.java:231) [dotcms_3.5.1_3.5-8-g8506266.jar:?]

Thanks
Jon


Reply all
Reply to author
Forward
0 new messages