[geeklog-devel] public_html/index.php

Joe Mucchiello joe at ThrowingDice.com
Wed May 7 00:21:46 EDT 2008

Previous message: [geeklog-devel] public_html/index.php
Next message: [geeklog-devel] SQL Server 2005 - MSSQL Driver
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I thought the $_USER loaded $_TABLES['userindex'] since it loads
$_TABLES['userprefs']. Don't know why it doesn't. Still, $U['aids']
and $U['tids'] is not initialized when an anonymous user hits that code.

Whoa, now my eyes must be bugging out. Line 459 of lib-sessions.php.
$sql = "SELECT *,format FROM
{$_TABLES['dateformats']},{$_TABLES["users"]},{$_TABLES['userprefs']} "

Are those double quotes around "users" in $_TABLES["users"] when the
string is delimited with double quotes?

At 12:00 AM 5/7/2008, Mark R. Evans wrote:

>Joe,

>

>Look around line 176, $U is being set from a DB_fetchArray()

>call. It couldn't hurt to initialize $U['aids'] and $U['tids'] to

>'' if it is an anonymous user. $U['maxstories'] is already being

>initialized to 0 if anonymous.

>

>Thanks!

>Mark

>

>Joe Mucchiello wrote:

>>How long has this been broken? It's in 1.4.1 and 1.5:

>>

>>if (!empty($U['aids'])) {

>> $sql .= " AND s.uid NOT IN (" . str_replace( ' ', ",",

>> $U['aids'] ) . ") ";

>>}

>>

>>if (!empty($U['tids'])) {

>> $sql .= " AND s.tid NOT IN ('" . str_replace( ' ', "','",

>> $U['tids'] ) . "') ";

>>}

>>

>>$U has no global value that I'm aware up. It's even a

>>register_globals hole that could show hidden stories.

>>

>>I assume $U should be $_USER.

----
Joe Mucchiello
Throwing Dice Games
http://www.throwingdice.com

Previous message: [geeklog-devel] public_html/index.php
Next message: [geeklog-devel] SQL Server 2005 - MSSQL Driver
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devel mailing list