[geeklog-devel] public_html/index.php
Joe Mucchiello
joe at ThrowingDice.com
Wed May 7 00:21:46 EDT 2008
I thought the $_USER loaded $_TABLES['userindex'] since it loads
$_TABLES['userprefs']. Don't know why it doesn't. Still, $U['aids']
and $U['tids'] is not initialized when an anonymous user hits that code.
Whoa, now my eyes must be bugging out. Line 459 of lib-sessions.php.
$sql = "SELECT *,format FROM
{$_TABLES['dateformats']},{$_TABLES["users"]},{$_TABLES['userprefs']} "
Are those double quotes around "users" in $_TABLES["users"] when the
string is delimited with double quotes?
At 12:00 AM 5/7/2008, Mark R. Evans wrote:
>Joe,
>
>Look around line 176, $U is being set from a DB_fetchArray()
>call. It couldn't hurt to initialize $U['aids'] and $U['tids'] to
>'' if it is an anonymous user. $U['maxstories'] is already being
>initialized to 0 if anonymous.
>
>Thanks!
>Mark
>
>Joe Mucchiello wrote:
>>How long has this been broken? It's in 1.4.1 and 1.5:
>>
>>if (!empty($U['aids'])) {
>> $sql .= " AND s.uid NOT IN (" . str_replace( ' ', ",",
>> $U['aids'] ) . ") ";
>>}
>>
>>if (!empty($U['tids'])) {
>> $sql .= " AND s.tid NOT IN ('" . str_replace( ' ', "','",
>> $U['tids'] ) . "') ";
>>}
>>
>>$U has no global value that I'm aware up. It's even a
>>register_globals hole that could show hidden stories.
>>
>>I assume $U should be $_USER.
----
Joe Mucchiello
Throwing Dice Games
http://www.throwingdice.com
More information about the geeklog-devel
mailing list