News:

CPG Release 1.6.29
During HTML5 upload, keep pseudo blank code 200 messages from triggering error condition
added Russian language
correct failure to use theme menu icons in album manager
minor vulnerabilities mitigation

Main Menu

non-admin-approved images showing up in albums with keywords set

Started by donnoman, November 25, 2005, 12:52:37 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

donnoman

November 25, 2005, 12:52:37 AM
Ambiguous order of operations in an sql clause were allowing non-admin-approved images to be shown in albums that had a keyword set.

Problem SQL example:
Code Select

SELECT pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords, title, caption,hits,owner_id,owner_name from cpg140_pictures WHERE (aid='3'  ) OR (keywords like '%Everybody%'  ) AND approved='YES'  ORDER BY filename ASC  LIMIT 0 ,12


Fixed SQL example:
Code Select

SELECT pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords, title, caption,hits,owner_id,owner_name from cpg140_pictures WHERE ((aid='3'  ) OR (keywords like '%Everybody%'  )) AND approved='YES'  ORDER BY filename ASC  LIMIT 0 ,12


fix committed.

Titooy

#1
January 17, 2006, 05:21:07 PM
This is certainly related : the picture count in the categories list and the overal stats includes non-admin-approved images. While it's shown correctly on the album's picture count.
Print
Go Up Pages1
User actions