Hi Tom, 2017-04-28 1:16 GMT+02:00 Tom Donovan <donov...@bellatlantic.net>:
> On 04/26/2017 06:49 AM, Tom Browder wrote: > >> On Wed, Apr 26, 2017 at 05:06 Tom Browder <tom.brow...@gmail.com <mailto: >> tom.brow...@gmail.com>> wrote: >> >> On Wed, Apr 26, 2017 at 04:04 Luca Toscano <toscano.l...@gmail.com >> <mailto:toscano.l...@gmail.com>> wrote: >> >> > I think I just discovered I what the problem is: I'm using >> harp.js to >> > build my site and the <form...> is compiling incorrectly. >> >> Well, that wasn't the problem. >> >> The error is still: >> >> [dbd:error] [pid 18921:tid 140512673658624] (20014)Internal >> error: >> Â AH00632: failed to prepare SQL statements: near >> "authn_query": syntax error >> >> >> I have no clue as to why dbd isn'initializing. Untill someone can tell me >> exactly how to get it >> working, I'm going to try the file method. Bummer! >> >> -Tom >> > > I am able to reproduce your error, and it does seem to be a bug in mod_dbd > when prepared statements are used inside <Directory> blocks for > authentication. > > Instead of using DBDPrepareSQL to create a prepared statement, please try > removing the DBDPrepareSQL line entirely and put your SQL statement > directly in your AuthDBDUserPWQuery directive, like this: > > AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s" > > Note that Luca's advice was correct: no single-quotes around the %s, and > no terminating semicolon should be used in the SQL for httpd configuration > directives, even though you would use them in interactive sqlite3 SQL > commands. > > There should be no performance penalty for doing it this way. > AuthDBDUserPWQuery automatically generates prepared statements. Your > original directives seem reasonable per the current documentation, so it's > a bug - although I'm not sure (yet) if it's a doc bug or a code bug. Thanks a lot for your review, I didn't check where the prepared statement was used. As far as I can tell from https://httpd.apache.org/docs/2.4/mod/mod_authn_dbd.html#authdbduserpwquery, AuthDBDUserPWQuery requires a SQL statement and not a label, so I think that the error message "failed to prepare SQL statements: near "authn_query": syntax error" is related to the fact that mod_dbd can't make any prepared statement out of the raw string "authn_query". Am I missing something in the docs that talks about prepared statements and AuthDBDUserPWQuery? (sorry in case) About the syntax of the prepared statement: httpd leverages APR's dbd SQL syntax, that is outlined in: https://apr.apache.org/docs/apr/2.0/group___a_p_r___util___d_b_d.html#gacf21412447c4357c64d1e9200a0f5eec (so no vendor specific statements). The documentation definitely needs some improvement :/ Luca
