WebForm plugin fix?

Plugins
MarkH
2007-01-11
2013-04-26
  • MarkH

    MarkH - 2007-01-11

    I've been playing with the WebForm plugin (not really a plugin but a very useful integration template none the less) and I think the current CVS code has a bug relating to the use of $session_user_id in new-form.php.

    Early on in the script "session_user_id" is created as a hashed variable within $_SESSION (fine) but later the variable $session_user_id is used which returns no value causing the script to fail (as user id is included within most of the SQL statements). Perhaps this is a hang-over from register_globals=on by default days.

    In actual fact, the script already contains the following line:

    $user_id = $_SESSION['session_user_id'];

    and in some places the $user_id variable is used.

    By replacing all uses of $session_user_id with $user_id I think the script works as intended with register_globals off.

    Cheers,
    Mark.

     
    • Brian Peterson

      Brian Peterson - 2007-01-11

      Mark,

      Could you do a diff on the changes you're suggesting?  It would be easier for one ofg the XRMS developers to apply the change if you helped us out in that way.

      Thanks!

         - Brian

       
    • MarkH

      MarkH - 2007-01-12

      This should be what you need (ignore the first diff diff as this was my config change to use user 4).

      17c17
      < $_SESSION['session_user_id'] = "4";
      ---
      > $_SESSION['session_user_id'] = "set_me";
      225c225
      <                       entered_by = $user_id,
      ---
      >                       entered_by = $session_user_id,
      227c227
      <                       last_modified_by = $user_id,
      ---
      >                       last_modified_by = $session_user_id,
      361c361
      <                                 entered_by = $user_id,
      ---
      >                                 entered_by = $session_user_id,
      363c363
      <                                 last_modified_by = $user_id,
      ---
      >                                 last_modified_by = $session_user_id,
      407c407
      <                         entered_by = $user_id;";
      ---
      >                         entered_by = $session_user_id;";
      425c425
      < add_audit_item($con, $user_id, 'created', 'companies', $company_id, 1);
      ---
      > add_audit_item($con, $session_user_id, 'created', 'companies', $company_id, 1);

      Regards,
      Mark.

      ps Would you prefer me to log these types of things directly to the bug tracker in future ?

       
    • Derek Herzog

      Derek Herzog - 2008-03-07

      Thanks Mark, I was beating against the proverbial brick wall for a while there. Now the only hurdle I have left is that a new company is not being registered or created. That field is simply left blank when I check to confrim the new contact. The email to the administrator shows company_id=0 each time.

      Any suggestions?

      -derek
      (not php coder...)

       

Log in to post a comment.