Re: [phpesp-dev] is this line wrong?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

It should be correct as it is.

On Wed, 2005-02-02 at 13:33 +0100, Jochen Staerk wrote:
> Hi,
> 
> in public/handler.php I read
> 
>     // show results instead of show survey
>     // but do not allow getting results from URL or FORM
>     if(isset($results) && $results) {
>         // small security issue here, anyone could pick a QID to 
> crossanalyze
>         survey_results($sid,$precision,$totals,$qid,$cids);
>         return;
>     }
> 
> ... isn't a echo missing there right before survey_results? like
> 
>     // show results instead of show survey
>     // but do not allow getting results from URL or FORM
>     if(isset($results) && $results) {
>         // small security issue here, anyone could pick a QID to 
> crossanalyze
>         echo survey_results($sid,$precision,$totals,$qid,$cids);
>         return;
>     }
> 
> 
> Thanks for your help and of course for phpESP
> 
> 
-- 
mcg
-------------------------------------
The IT Lab (http://www.itlab.musc.edu)