[geeklog-devel] [geeklog-cvs] Geeklog-1.x/public_html usersettings.php, 1.175, 1.176

[Blaine Lang]

True, it's not testing for a negative value now which is not one of the 
expected values - but possibly foreign content.

If the variable is not defined then it will be NULL and that will result 
in the empty() returning true.  I just need to add a test for a possible 
negative which can stil possibly be returned from the COM_applyFilter.

- Blaine

Dirk Haun wrote:

> Blaine Lang wrote:

>

>   

>>      $A['cooktime'] = COM_applyFilter ($A['cooktime'], true);

>> !     // If not set or possibly removed from template - set to user default

>> !     // So code after this does not fail the user password required test

>> !     if (empty($A['cooktime'])) {

>> !         $A['cooktime'] = $_USER['cookietimeout'];

>>      }

>>     

>

> Hmm. If it isn't set, then there should be a check for isset(...)

> _before_ the COM_applyFilter. And this change doesn't handle invalid

> timeout values (less than zero) any more.

>

> Blaine?

>

> bye, Dirk

>

>

>