MRBS\DBException with PostgreSQL 15 while doing table field introspection
phpCAS and CVE-2022-39369
Here's a PHP page that works with MRBS 1.7.3 that displays future conflicts that went undetected in MRBS 1.5.0. <?php require_once "$MRBS_ROOT/defaultincludes.inc"; require_once "$MRBS_ROOT/mrbs_sql.inc"; $future = MRBS\db()->query(" SELECT id FROM $tbl_entry WHERE start_time >= extract(epoch FROM now()) AND repeat_id IS NOT NULL ORDER BY start_time; ", array()); MRBS\print_header(); echo "<ul>\n"; while (($id = $future->row_keyed(0)) && $id && ($id = $id['id'])) { $booking = MRBS\get_entry_by_id($id);...
The table layout code was buggy in 1.5.0. It was revised sometime between 1.5.0 and 1.7.3, and is still buggy. It has been revised again since 1.7.3 in the default branch, and is buggy in a different way. The fundamental problem is that the map_add_booking() function is too complicated: it's trying to adjust entries to accommodate conflicts while it's building the $column data structure, before all of the entries have been laid out. Considering all the types of interval overlaps that could occur...
Overlapping bookings cause incorrect table views