2013-10-11, 09:58 AM
Exposing the same security issue should someone figure out another way to get a blank username.
In /inc/datahandlers/pm.php, around line 176, I've replaced the username-resolution call with:
This is a uglier than it ought to be, but so is the PM system in general and it's late and I'm annoyed.
In /inc/datahandlers/pm.php, around line 176, I've replaced the username-resolution call with:
$recipientUsernames = implode("','", $recipientUsernames);
if (!empty($recipientUsernames))
{
$recipientUsernames = "'".$recipientUsernames."'";
$query = $db->simple_select('users', '*', 'username IN('.$recipientUsernames.')');
}
else
{
$query = $db->simple_select('users', '*', 'FALSE');
}
This is a uglier than it ought to be, but so is the PM system in general and it's late and I'm annoyed.