[geeklog-devel] SR4 Bug -- err so it would appear
Blaine Lang
geeklog at langfamily.ca
Sun Feb 1 13:38:30 EST 2004
The recent posts about Plugin (forum) extra settings not being saved or over-writting other users.
I was looking into it this today and noticed that the UID field in the Edit form -> Account Information is being set to a encrypted 16 char field. To be specific $reqid.
Line 156 of usersettings.php
$preferences->set_var ('uid_value', $reqid);
I believe this is a typo and not some secuity change.
This triggers all sorts of problems that are looking for the UID in the POST_VARS from this form.
Blaine
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040201/8626585b/attachment.html>
More information about the geeklog-devel
mailing list