You are viewing a plain text version of this content. The canonical link for it is here.
Posted to olio-dev@incubator.apache.org by "Shanti Subramanyam (JIRA)" <ji...@apache.org> on 2009/01/28 20:51:02 UTC
[jira] Closed: (OLIO-16) update SQL statement always gets executed
in events.php
[ https://issues.apache.org/jira/browse/OLIO-16?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shanti Subramanyam closed OLIO-16.
----------------------------------
> update SQL statement always gets executed in events.php
> -------------------------------------------------------
>
> Key: OLIO-16
> URL: https://issues.apache.org/jira/browse/OLIO-16
> Project: Olio
> Issue Type: Bug
> Components: php-app
> Reporter: Nick Lanham
> Assignee: Akara Sucharitakul
> Original Estimate: 0.17h
> Remaining Estimate: 0.17h
>
> In events.php on line 87 there is a check:
> else if (isset($editCRforCid)) {
> ...
> }
> which is always true, because $editCRforCid is set just about this expression (it's set to two unset values .'ed together, but it's still set). This means that the SQL statement:
> "update COMMENTS_RATING set comments='$editcomments', ratings='$rating' where username='$username' and socialeventid='$se' and commentid='$cid'";
> will always execute (when someone's not adding a comment in which case the first part of the if would be true). It won't do anything because $cid isn't set so the SQL is actually invalid, but it will hurt performance.
> To fix simply change the else if to:
> else if (isset($_POST['editcommentsratingsubmit']) && isset($_POST['editingcid'])) {
> ...
> }
> and get rid of $editCRforCid all together
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.