makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'develop-olympus' into develop

Browse source 
* develop-olympus:
  [ticket/10021] Add comment explaining why we can check -1 as an error value.
  [ticket/10021] Check whether gmmktime() returns false before putting it in SQL.
This commit is contained in:
Igor Wiedler 2011-03-20 23:06:23 +01:00
commit ce92724514
1 changed files with 26 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
phpBB/memberlist.php
View file

@ -1076,8 +1076,32 @@ switch ($mode)
$sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : '';
$sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : '';
$sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
$sql_where .= (sizeof($joined) > 1 && isset($find_key_match[$joined_select])) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1 && isset($find_key_match[$active_select])) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
if (isset($find_key_match[$joined_select]) && sizeof($joined) == 3)
{
// Before PHP 5.1 an error value -1 can be returned instead of false.
// Theoretically gmmktime() can also legitimately return -1 as an actual timestamp.
// But since we do not pass the $second parameter to gmmktime(),
// an actual unix timestamp -1 cannot be returned in this case.
// Thus we can check whether it is -1 and treat -1 as an error.
$joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]);
if ($joined_time !== false && $joined_time !== -1)
{
$sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time;
}
}
if (isset($find_key_match[$active_select]) && sizeof($active) == 3 && $auth->acl_get('u_viewonline'))
{
$active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]);
if ($active_time !== false && $active_time !== -1)
{
$sql_where .= " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . $active_time;
}
}
$sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';
if ($search_group_id)