PhpGedView

Tracker: Bug Reports

5 Error when privacy settings enabled - ID: 3409213

Last Update: Comment added ( canajun2eh )

Details:

There is a bug in the code. When privacy checks are made username is applied in DB queries instead of user_id.
These lines need to be fixed:
includes/functions/functions_privacy.php line 463, 488, 489

< if ($USE_RELATIONSHIP_PRIVACY || get_user_setting(PGV_USER_ID, 'relationship_privacy')=="Y") {
---
> if ($USE_RELATIONSHIP_PRIVACY || get_user_setting($username, 'relationship_privacy')=="Y") {
< if (get_user_setting(PGV_USER_ID, 'max_relation_path')>0) {
< $path_length = get_user_setting(PGV_USER_ID, 'max_relation_path');
---
> if (get_user_setting($username, 'max_relation_path')>0) {
> $path_length = get_user_setting($username, 'max_relation_path');

Submitted:

Blaza ( blaza-pl ) - 2011-09-14 03:45:24 PDT

Priority:

Status:

Closed

Resolution:

Fixed

Assigned:

Gerry Kroll

Category:

None

Group:

v4.2.4

Visibility:

Public

Comments ( 2 )

Date: 2011-10-02 19:07:44 PDT Sender: canajun2eh Thank you. Correction has been applied to SVN 7064.
Date: 2011-09-14 03:47:32 PDT Sender: blaza-pl Error visible on portal page: Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid input syntax for integer: "Karen"' in /includes/classes/class_pgv_db.php:835 Stack trace: #0 [internal function]: PDOStatement->execute(Array) #1 /includes/classes/class_pgv_db.php(835): call_user_func_array(Array, Array) #2 /includes/functions/functions_db.php(2745): PGV_DBStatement->__call('execute', Array) #3 /includes/functions/functions_db.php(2745): PGV_DBStatement->execute(Array) #4 /includes/functions/functions_privacy.php(463): get_user_setting('Karen', 'relationship_pr...') #5 /includes/functions/functions_privacy.php(818): displayDetailsById('I306', 'INDI') #6 /includes/classes/class_gedcomrecord.php(96): privatize_gedcom('0 @I306@ INDI?1...') #7 /includes/classes/class_person.php(77): Gedcom in /includes/classes/class_pgv_db.php on line 835

Date: 2011-10-02 19:07:44 PDT
Sender: canajun2eh

Thank you.

Correction has been applied to SVN 7064.

Date: 2011-09-14 03:47:32 PDT
Sender: blaza-pl

Error visible on portal page:
Fatal error: Uncaught exception 'PDOException' with message
'SQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid input
syntax for integer: "Karen"' in /includes/classes/class_pgv_db.php:835
Stack trace: #0 [internal function]: PDOStatement->execute(Array) #1
/includes/classes/class_pgv_db.php(835): call_user_func_array(Array, Array)
#2 /includes/functions/functions_db.php(2745):
PGV_DBStatement->__call('execute', Array) #3
/includes/functions/functions_db.php(2745): PGV_DBStatement->execute(Array)
#4 /includes/functions/functions_privacy.php(463):
get_user_setting('Karen', 'relationship_pr...') #5
/includes/functions/functions_privacy.php(818): displayDetailsById('I306',
'INDI') #6 /includes/classes/class_gedcomrecord.php(96):
privatize_gedcom('0 @I306@ INDI?1...') #7
/includes/classes/class_person.php(77): Gedcom in
/includes/classes/class_pgv_db.php on line 835

Attached File

Changes ( 5 )

Field	Old Value	Date	By
status_id	Open	2011-10-02 19:07:44 PDT	canajun2eh
resolution_id	None	2011-10-02 19:07:44 PDT	canajun2eh
assigned_to	nobody	2011-10-02 19:07:44 PDT	canajun2eh
allow_comments	1	2011-10-02 19:07:44 PDT	canajun2eh
close_date	-	2011-10-02 19:07:44 PDT	canajun2eh

PhpGedView

Tracker: Bug Reports

Comments ( 2 )

Attached File

No Files Currently Attached

Changes ( 5 )