This sounds like an sql escaping issue, where placeholders or proper quoting should be used for all the data, but isn't correct. (this is potentially a security issue too) I've filed a bug report about it http://bugs.otrs.org/show_bug.cgi?id=809 Sheline, Carl (LLU) wrote:

I'm using OTRS 1.3.2

When I create a phone ticket and type "someone's computer needs blah blah" in the subject and then finish out filling the rest of the ticket and then click on create I get this error message:

Error: called with 2 bind variables when 0 are needed, SQL: 'INSERT INTO article (ticket_id, article_type_id, article_sender_type_id, a_from, a_reply_to, a_to, a_cc, a_subject, a_message_id, a_body, a_content_type, content_path, valid_id, incoming_time, create_time, create_by, change_time, change_by) VALUES (36, 5, 3, '"csheline csheline" ', '', 'normal', '', 'carl\'s computer', '', ?, 'text/plain\; charset=iso-8859-15', ?, 1, 1120157813, current_timestamp, 2, current_timestamp, 2)'

So I hit the back button take out the apostrophe and create the ticket no problem.

But the error message generated a ticket ID without an article. I delete the ticket ID and everything seems ok.

I have 2 questions:

1. Can I use apostrophes at all?

2. Every time I get an error message like the one above will I get data corruption?

Thanks,

Carl Sheline School of Dentistry Loma Linda University _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System?