[geeklog-devel] public_html/index.php

Joe Mucchiello joe at throwingdice.com
Tue May 6 23:55:01 EDT 2008


How long has this been broken? It's in 1.4.1 and 1.5:

if (!empty($U['aids'])) {
     $sql .= " AND s.uid NOT IN (" . str_replace( ' ', ",", 
$U['aids'] ) . ") ";
}

if (!empty($U['tids'])) {
     $sql .= " AND s.tid NOT IN ('" . str_replace( ' ', "','", 
$U['tids'] ) . "') ";
}

$U has no global value that I'm aware up. It's even a 
register_globals hole that could show hidden stories.

I assume $U should be $_USER.

----
Joe Mucchiello
Throwing Dice Games
http://www.throwingdice.com 




More information about the geeklog-devel mailing list