Ran into this today

JohnDeVitoOfOld

Well-known member
Wanted to give people a heads up. I tried to make a post before, and it would not save. I did a lot of editing and finally figure it out. The site is protecting itself against a SQL Injection attack. It came down to a combination of common words that just happen to be SQL keywords, and security on the forum was detecting the pattern and blocking it. Over some people's heads, I know, but I'm an IT guy. Let me explain it to you in a way that hopefully might help people if they ever run into the "Oops, There is something wrong with your message" error. I am going to list the keywords with dashes between the letters so it doesn't block this post.

The problematic paragraph was something like "...s-e-l-e-c-t...f-r-o-m..." The forum is obviously well constructed to recognize know patterns that indicate malicious activity.

It would be helpful if the error message indicated this for people because, even for a guy like me it was a pain to troubleshoot the post, but in the spirit of being helpful, if you have the issue and have some combination of the following words in the post, you might try rewording. I doubt the list is all inclusive, but it's a start.

s-e-l-e-c-t
f-r-o-m
u-p-d-a-t-e
i-n-s-e-r-t
a-l-t-e-r
g-r-a-n-t
d-e-l-e-t-e
d-r-o-p
j-o-i-n
g-r-o-u-p
u-n-i-o-n
w-h-e-r-e
 
Wanted to give people a heads up. I tried to make a post before, and it would not save. I did a lot of editing and finally figure it out. The site is protecting itself against a SQL Injection attack. It came down to a combination of common words that just happen to be SQL keywords, and security on the forum was detecting the pattern and blocking it. Over some people's heads, I know, but I'm an IT guy. Let me explain it to you in a way that hopefully might help people if they ever run into the "Oops, There is something wrong with your message" error. I am going to list the keywords with dashes between the letters so it doesn't block this post.

The problematic paragraph was something like "...s-e-l-e-c-t...f-r-o-m..." The forum is obviously well constructed to recognize know patterns that indicate malicious activity.

It would be helpful if the error message indicated this for people because, even for a guy like me it was a pain to troubleshoot the post, but in the spirit of being helpful, if you have the issue and have some combination of the following words in the post, you might try rewording. I doubt the list is all inclusive, but it's a start.

s-e-l-e-c-t
f-r-o-m
u-p-d-a-t-e
i-n-s-e-r-t
a-l-t-e-r
g-r-a-n-t
d-e-l-e-t-e
d-r-o-p
j-o-i-n
g-r-o-u-p
u-n-i-o-n
w-h-e-r-e
I'm in IT too. Let's test that theory:

del-ete fro-m us-ers
alt-er t-able us-ers

Wow, you're right. It would not let me post that without the hyphens.

There are ways to sanitize posts without completely blocking the use of sql reserved words.
 
I'm in IT too. Let's test that theory:

del-ete fro-m us-ers
alt-er t-able us-ers

Wow, you're right. It would not let me post that without the hyphens.

There are ways to sanitize posts without completely blocking the use of sql reserved words.

Can't recall the exact verbiage, but mine was something like "...and then they took it upon themselves to s-e-l-e-c-t a whole new group of items, choosing them at random f-r-o-m a predetermined list..."

So the keywords weren't even next to one another. And I had another f-r-o-m elsewhere in the post, so with s-e-l-e-c-t coming before f-r-o-m, regardless of what was in between, the forum recognized the pattern.

Like I said helpful to know because it will help me identify it in the future, but it would really be helpful is the error message indicate the reason for the error, rather than a generic "Oops" as in, was that a forum problem, or did I do something?

But, of course, I get it. That would be helpful to an honest person, but also to the dishonest person who really is malicious in figuring out the security on the site.
 
I'm in IT too. Let's test that theory:

del-ete fro-m us-ers
alt-er t-able us-ers

Wow, you're right. It would not let me post that without the hyphens.

There are ways to sanitize posts without completely blocking the use of sql reserved words.
Thank very much for this. At last there's ba reason, a believable reason. It doesn't help a nonspecialist like myself. Is there an idiots guide to what an SQL reserved word is and what it would be used for? That might help those like me who have no idea what to look for in their posts.
 
Thank very much for this. At last there's ba reason, a believable reason. It doesn't help a nonspecialist like myself. Is there an idiots guide to what an SQL reserved word is and what it would be used for? That might help those like me who have no idea what to look for in their posts.

I really wanted to let people know there was a reason, so I am glad that was helpful.

I do have a fairly good list of reserved words listed, but you can go to w3schools.com/sql (sorry, I can't actually post a link) and that will show you. Or you can do a search on Google for SQL keywords. They all aren't going to come into play, and I would suspect that the security software that recognizes patterns will identify if the words are in the order necessary to construct a valid SQL query, so something like "...from...where..." won't trigger it, but if you place the word "select" ahead of that it will flag that as an attempt to hack. It's hard to explain, but as an IT nerd I can picture how it works. And thanks to @shroom for letting me know I wasn't just crazy 😄
 
Wanted to give people a heads up. I tried to make a post before, and it would not save. I did a lot of editing and finally figure it out. The site is protecting itself against a SQL Injection attack.
A lot of these message board nowadays are hosted by Cloud Flare (CARM included) and I am on a few others right now that are also Cloud Flare. Unfortunately, there isn't a lot the board admin can do about it. So they would need to contact Cloud Flare (they probably already know about the issue) and open a ticket with them.
 
A lot of these message board nowadays are hosted by Cloud Flare (CARM included) and I am on a few others right now that are also Cloud Flare. Unfortunately, there isn't a lot the board admin can do about it. So they would need to contact Cloud Flare (they probably already know about the issue) and open a ticket with them.

It's really not an issue, per se. I just wanted to let people know a potential reason for that "Oops" message. Drove me nuts until I realized what it was, thought I would help educate people. The only improvement I can really think of is some sort of nice message that tells people that what they posted was a potential security issue and highlight the keywords that included that triggered the alert, suggesting that they reword the phrase using some synonyms (like "choose" instead of "select"). Otherwise, when faced with a 6,000 word post you kind of scratch your head and wonder.
 
Back
Top