[LOW:FIXED 6484:1.0.11] Bug found in com_registration 1.0.10

ircmaxell · Post by **ircmaxell** » Thu Jul 13, 2006 8:32 am

In function activate($option), I believe there is an error... If the UPDATE fails, it just tells the user that activation was completed. There should be another error message to say that activation failed...

Code: Select all

	$query = "SELECT id"
	. "\n FROM #__users"
	. "\n WHERE activation = '$activation'"
	. "\n AND block = 1"
	;
	$database->setQuery( $query );
	$result = $database->loadResult();

	if ($result) {
		$query = "UPDATE #__users"
		. "\n SET block = 0, activation = ''"
		. "\n WHERE activation = '$activation'"
		. "\n AND block = 1"
		;
		$database->setQuery( $query );
		if (!$database->query()) {
			echo "SQL error" . $database->stderr(true);
		}
		echo _REG_ACTIVATE_COMPLETE;
	} else {
		echo _REG_ACTIVATE_NOT_FOUND;
	}
}

RobS · Post by **RobS** » Thu Jul 13, 2006 8:57 am

ircmaxell wrote: In function activate($option), I believe there is an error... If the UPDATE fails, it just tells the user that activation was completed. There should be another error message to say that activation failed...
Code: Select all
	$query = "SELECT id"
	. "\n FROM #__users"
	. "\n WHERE activation = '$activation'"
	. "\n AND block = 1"
	;
	$database->setQuery( $query );
	$result = $database->loadResult();

	if ($result) {
		$query = "UPDATE #__users"
		. "\n SET block = 0, activation = ''"
		. "\n WHERE activation = '$activation'"
		. "\n AND block = 1"
		;
		$database->setQuery( $query );
		if (!$database->query()) {
			echo "SQL error" . $database->stderr(true);
		}
		echo _REG_ACTIVATE_COMPLETE;
	} else {
		echo _REG_ACTIVATE_NOT_FOUND;
	}
}

Looking at the code I think he may be right as database->stderr() does not appear to end script execution. Perhaps it should be:

Code: Select all

	$query = "SELECT id"
	. "\n FROM #__users"
	. "\n WHERE activation = '$activation'"
	. "\n AND block = 1"
	;
	$database->setQuery( $query );
	$result = $database->loadResult();

	if ($result) {
		$query = "UPDATE #__users"
		. "\n SET block = 0, activation = ''"
		. "\n WHERE activation = '$activation'"
		. "\n AND block = 1"
		;
		$database->setQuery( $query );
		if (!$database->query()) {
			echo "SQL error" . $database->stderr(true);
		} else {
  			echo _REG_ACTIVATE_COMPLETE;
		}
	} else {
		echo _REG_ACTIVATE_NOT_FOUND;
	}
}

user deleted · Post by **user deleted** » Wed Oct 18, 2006 7:33 pm

Q&T Note; Status > Under review. Code of 1.0.11 and latest SVN still looks the same.

RobS · Post by **RobS** » Thu Oct 19, 2006 6:08 pm

Q&T Note; Status> Added to tracker. Artifact 6484. http://forge.joomla.org/sf/go/artf6484?nav=1

user deleted · Post by **user deleted** » Mon Dec 04, 2006 1:20 pm

Fixed for next release.

The Joomla! Forum™

[LOW:FIXED 6484:1.0.11] Bug found in com_registration 1.0.10

[LOW:FIXED 6484:1.0.11] Bug found in com_registration 1.0.10

Re: Possible bug found in com_registration 1.0.10

Re: Possible bug found in com_registration 1.0.10

Re: [LOW:TRACKER 6484:1.0.11] Bug found in com_registration 1.0.10

Re: [LOW:TRACKER 6484:1.0.11] Bug found in com_registration 1.0.10