From: SourceForge.net <no...@so...> - 2009-09-02 06:08:50
|
Patches item #2848901, was opened at 2009-09-02 01:08 Message generated for change (Tracker Item Submitted) made by stevet103 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=308956&aid=2848901&group_id=8956 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: SteveT (stevet103) Assigned to: Nobody/Anonymous (nobody) Summary: Bug fix in signup.php Initial Comment: I found a bug in signup.php that causes a sql error when a user attempts to signup for a private survey. For phpesp v2.1.3 the change is on line 114, to change FROM: array_push($sqlv, addslashes($signup_realm) ); to change TO: array_push($sqlv, _addslashes($signup_realm) ); Note all that is added is the "underscore" in front of the addslashes function. I actually found this typo in phpesp v1.8.5 (since that's what my free webserver installed) and then checked v2.1.3 and the same bug exists there. I tested this fix with phpesp v1.8.5 on my local windows server as well as my free webserver and this fixed the problem and users could then signup for the private surveys that I created with phpesp and using the the survey link provided by phpesp. I would "assume" this would work on v2.1.3 as well since this code part (lines 114 to 122 where the execute_sql function is called) has remained the same across the versions. Hope this helps. Regards, Steve T. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=308956&aid=2848901&group_id=8956 |