bug in cpg 130 bug in cpg 130
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

bug in cpg 130

Started by chenglee, July 17, 2004, 11:25:42 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

chenglee

July 17, 2004, 11:25:42 AM
version cpg-130

in include/functions.inc.php
line number 436
code $FORBIDDEN_SET = "p.aid NOT IN (".substr($set, 0, -1).') ';
it should be $FORBIDDEN_SET = "a.aid NOT IN (".substr($set, 0, -1).') ';

otherwise when user hide personal album,than in index.php file,list_users() function cann't show some user album(when list user album and user picture is empty)

chenglee

#1
July 17, 2004, 11:54:28 AM
Quote from: chenglee on July 17, 2004, 11:25:42 AM
version cpg-130

in include/functions.inc.php
line number 436
code $FORBIDDEN_SET = "p.aid NOT IN (".substr($set, 0, -1).') ';
it should be $FORBIDDEN_SET = "a.aid NOT IN (".substr($set, 0, -1).') ';

otherwise when user hide personal album,than in index.php file,list_users() function cann't show some user album(when list user album and user picture is empty)

sorry cann't change in include/functions.inc.php,it generate new problem..
so i change i index.php in list_users() funciton

replace this line if ($FORBIDDEN_SET != "") $sql .= "WHERE $FORBIDDEN_SET ";
to
Code Select

       if ($FORBIDDEN_SET != "")
       {
           $FORBIDDEN_SET = str_replace('p.aid', 'a.aid',$FORBIDDEN_SET);
           $sql .= "WHERE $FORBIDDEN_SET ";
       }


Joachim Müller

#2
July 17, 2004, 12:35:20 PM
cpg1.3.0 is outdated, since cpg1.3.1 has been released. Please upgrade to cpg1.3.1 and report if this fixes your issues.

GauGau
Print
Go Up Pages1
User actions