external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix SQL query when searching for a missing submitter

Browse source 
uid_from_username() returns a non-integer value when the user does not
exist. This results in a broken SQL query when searching for a
nonexistent submitter. Fix this by explicitly converting the result of
uid_from_username() to an integer.

Fixes FS#40625.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2014-06-05 08:26:18 +02:00
parent b1c754300a
commit 26a0919937
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
web/lib/pkgfuncs.inc.php
View file

@ -586,7 +586,7 @@ function pkg_search_page($SID="") {
} }
elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") { elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") {
/* Search by submitter. */ /* Search by submitter. */
$q_where .= "AND SubmitterUID = ".uid_from_username($_GET['K'])." "; $q_where .= "AND SubmitterUID = " . intval(uid_from_username($_GET['K'])) . " ";
} }
elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") { elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") {
/* Search by name. */ /* Search by name. */