Loading...
 
Features / Usability

Features / Usability


Re: Re: Cache related problem

United Kingdom

> rickdier:
> Games seem to be OK but chat gives this message:
>
> Parse error: parse error in /home/..../lib/chat/chatlib.php on line 77
>
> Fatal error: Call to a member function on a non-object in /home/.../tiki-chat.php on line 28
>
>

Hiya,

Ok like 77 on that chatlib refers to a query with a sort_mode function, now in 1.8.2 we had to modify the sortmode in tikidblib to perform some checking for SQL Injection vunerabilities. Can you tell me which database your connecting to (mysql,pg, or something) so that I can try and trace this routine down.

Also can you check that you have the latest lib/tikidblib.php

it should contain towards the top:
// parse $sort_mode for evil stuff
    $sort_mode = preg_replace('/[^A-Za-z_,]/', '', $sort_mode);
    $sep = strrpos($sort_mode, '_');
    // force ending to either _asc or _desc
    if ( substr($sort_mode, $sep)!=='_asc' ) {
        $sort_mode = substr($sort_mode, 0, $sep) . '_desc';
    }


Thanks!

Damian

Upcoming Events

No records to display

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.