mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

Fix SQL error message display when invalid categories selected

Browse Source
This commit is contained in:
Garvin Hicking
2007-03-01 19:54:27 +00:00
parent df13cb59f4
commit ab22db27a6
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/NEWS
View File

@@ -80,6 +80,11 @@ Version 1.2 ()
Version 1.1.2 ()
-----------------------------------------------------------------------
* Fix showing SQL error message when an empty category is selected
for viewing. Fixes an issue reported by Samenspender that was
falsely declard as SQL injection. In fact, no invalid SQL code
can be injected. (garvinhicking)
* Better checks to see if the local PEAR inclusion is required
(garvinhicking)

4
include/functions_entries.inc.php
View File

@@ -69,6 +69,10 @@ function serendipity_getMultiCategoriesSQL($cats, $invert = false) {
$cat_sql_array[] = " (c.category_left " . ($invert ? " NOT " : "") . " BETWEEN " . implode(' AND ', serendipity_fetchCategoryRange($categoryid)) . ')';
}
}
if (count($cat_sql_array) < 1) {
return '';
}
return '(' . implode(($invert ? ' AND ' : ' OR '), $cat_sql_array) . ')';
}