incubator-olio-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nick Lanham (JIRA)" <j...@apache.org>
Subject [jira] Created: (OLIO-16) update SQL statement always gets executed in events.php
Date Thu, 27 Nov 2008 19:46:44 GMT
update SQL statement always gets executed in events.php
-------------------------------------------------------

                 Key: OLIO-16
                 URL: https://issues.apache.org/jira/browse/OLIO-16
             Project: Olio
          Issue Type: Bug
          Components: php-app
            Reporter: Nick Lanham
            Assignee: Shanti Subramanyam


In events.php on line 87 there is a check:

else if (isset($editCRforCid)) {
...
}

which is always true, because $editCRforCid is set just about this expression (it's set to
two unset values .'ed together, but it's still set).  This means that the SQL statement:

"update COMMENTS_RATING set comments='$editcomments', ratings='$rating' where username='$username'
and socialeventid='$se' and commentid='$cid'";

will always execute (when someone's not adding a comment in which case the first part of the
if would be true).  It won't do anything because $cid isn't set so the SQL is actually invalid,
but it will hurt performance.

To fix simply change the else if to:

else if (isset($_POST['editcommentsratingsubmit']) && isset($_POST['editingcid']))
{
...
}

and get rid of $editCRforCid all together

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message