[geeklog-hg] geeklog: Fixed a bug where CMT_saveComment depends on an uniniti...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Wed Jan 22 06:24:41 EST 2014
changeset 9442:186fc96b39b9
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/186fc96b39b9
user: Kenji ITO <mystralkk at gmail.com>
date: Wed Jan 22 15:46:41 2014 +0900
description:
Fixed a bug where CMT_saveComment depends on an uninitialized variable (bug #0001221)
diffstat:
system/lib-comment.php | 12 +++++++-----
1 files changed, 7 insertions(+), 5 deletions(-)
diffs (37 lines):
diff -r 6819ec652073 -r 186fc96b39b9 system/lib-comment.php
--- a/system/lib-comment.php Wed Jan 22 15:22:33 2014 +0900
+++ b/system/lib-comment.php Wed Jan 22 15:46:41 2014 +0900
@@ -1253,13 +1253,12 @@
* @return int -1 == queued, 0 == comment saved, > 0 indicates error
*
*/
-// FIXME: This function relies on $cid being NULL without being initialized in
-// the case of a comment submission. This is not ideal.
function CMT_saveComment($title, $comment, $sid, $pid, $type, $postmode)
{
global $_CONF, $_TABLES, $_USER, $LANG03;
$ret = 0;
+ $cid = 0;
// Get a valid uid
if (empty ($_USER['uid'])) {
@@ -1436,12 +1435,15 @@
// save user notification information
if (isset($_POST['notify']) && ($ret == -1 || $ret == 0) ) {
- $deletehash = md5($title . $cid . $comment . rand());
+ $cid4hash = ($cid == 0) ? '' : $cid;
+ $cid4db = ($cid == 0) ? null : $cid;
+
+ $deletehash = md5($title . $cid4hash . $comment . rand());
if ($ret == -1) {
//null goes into cid, comment not published yet, set moderation queue id
- DB_save($_TABLES['commentnotifications'], 'uid,deletehash,mid',"$uid,'$deletehash',$cid");
+ DB_save($_TABLES['commentnotifications'], 'uid,deletehash,mid',"$uid,'$deletehash',{$cid4db}");
} else {
- DB_save($_TABLES['commentnotifications'], 'cid,uid,deletehash',"$cid,$uid,'$deletehash'");
+ DB_save($_TABLES['commentnotifications'], 'cid,uid,deletehash',"{$cid4db},$uid,'$deletehash'");
}
}
More information about the geeklog-cvs
mailing list