MyBB

koziolek · (This post was last modified: 2009-04-22, 08:00 AM by koziolek.)

MyBB 1.4.5

While searching for user posts (by clicking "Find All Posts") MyBB does not display new posts, only old. Condition: user has more then 'searchhardlimit' posts.

The SELECT query in search.php in block elseif($mybb->input['action'] == "finduser") does not have ORDER BY:

	$query = $db->simple_select("posts", "pid", "{$where_sql} {$limitsql}");
	while($pid = $db->fetch_field($query, "pid"))
	{
			$pids .= $comma.$pid;
			$comma = ',';
	}

So it gets up to 'searchhardlimit' posts in default order. On results page we will have listing of users posts ordered by date descending... but without the newest ones.

The same problem applies to another query while showing the results (block if($mybb->input['action'] == "results")). The query gets real user-visible posts, also with LIMIT and without ORDER BY:

		// Make sure the posts we're viewing we have permission to view.
		$query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$p_unapproved_where} {$limitsql}");
		while($post = $db->fetch_array($query))
		{
			$pids[$post['pid']] = $post['tid'];
			$tids[$post['tid']][$post['pid']] = $post['pid'];
		}

Solution - get rid of $limitsql or add an "order by" according to user needs. Probably only the first solution is good (remove $limitsql from this query) because user may re-sort search results by date.

Proof of concept of patch - attachment.

ripper · 2009-04-22, 12:56 PM

Hello,
its also affected on my forum and even in this board i guess.
Is there a way to solve this problem?
Thank you

koziolek · 2009-04-22, 01:03 PM

(2009-04-22, 12:56 PM)ripper Wrote: Is there a way to solve this problem?

Yes, attached (in my first post) patch for file search.php works for me.

ripper · 2009-04-22, 03:27 PM

i have change search.php file on the block: elseif($mybb->input['action'] == "finduser" become:

 $query = $db->simple_select("posts", "pid", "{$where_sql}");
    while($pid = $db->fetch_field($query, "pid"))
    {
            $pids .= $comma.$pid;
            $comma = ',';
    }

and the block: if($mybb->input['action'] == "results to become

// Make sure the posts we're viewing we have permission to view.
        $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$p_unapproved_where}");
        while($post = $db->fetch_array($query))
        {
            $pids[$post['pid']] = $post['tid'];
            $tids[$post['tid']][$post['pid']] = $post['pid'];
        }

and yes you right its working fine now.
is there an official patch to fix this bug?

thank you bro for your advice.

Ryan Gordon · 2009-04-22, 08:51 PM

I won't be using your exact patch, but I see the problem and will be fixing it soon.

dbgarza · 2009-04-25, 05:59 PM

I tried the solution and didn't worked for me, I did modified the right lines but didn't worked, I used the data on the patch but didn't worked, so for now I put the search.php from the version 1.4.4 instead of the one of version 1.4.5 and that fixed my problem.

at least till an official fix comes around.

YCMaker · 2009-05-02, 06:35 PM

Any updates on an official fix for this?

Ryan Gordon · 2009-05-03, 06:01 AM

(2009-05-02, 06:35 PM)YCMaker Wrote: Any updates on an official fix for this?

Nope.

koziolek · (This post was last modified: 2009-05-05, 09:47 AM by koziolek.)

Updated unofficial patch for MyBB 1.4.5/1.4.6 - it works for me, but I do not guarantee that it will work for you Smile

. Use at your own risk Smile

.

Update: fixed in patch errors while sorting by some columns (not existing in mybb_posts table).

sayakb · 2009-05-05, 07:13 PM

Marked as reproducible.

Login
Username:
Password:	Lost Password?
	Remember me