diff options
| author | Igor Wiedler <igor@wiedler.ch> | 2011-03-20 23:06:10 +0100 |
|---|---|---|
| committer | Igor Wiedler <igor@wiedler.ch> | 2011-03-20 23:06:10 +0100 |
| commit | 51fb493edcbe4c70728610662859f78f920cdc55 (patch) | |
| tree | a14d0bdcbba2ffdafca3e8801081f18deb0d67f3 /phpBB | |
| parent | 5586bcf8134fefcdcb8233b9413b195373e93969 (diff) | |
| parent | c24408f6eda8347bba17c83e027f118091986488 (diff) | |
| download | forums-51fb493edcbe4c70728610662859f78f920cdc55.tar forums-51fb493edcbe4c70728610662859f78f920cdc55.tar.gz forums-51fb493edcbe4c70728610662859f78f920cdc55.tar.bz2 forums-51fb493edcbe4c70728610662859f78f920cdc55.tar.xz forums-51fb493edcbe4c70728610662859f78f920cdc55.zip | |
Merge remote branch 'bantu/ticket/10021' into develop-olympus
* bantu/ticket/10021:
[ticket/10021] Add comment explaining why we can check -1 as an error value.
[ticket/10021] Check whether gmmktime() returns false before putting it in SQL.
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/memberlist.php | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 2fa2d11ee1..599cd0b3e7 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -1069,8 +1069,32 @@ switch ($mode) $sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : ''; $sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : ''; $sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : ''; - $sql_where .= (sizeof($joined) > 1 && isset($find_key_match[$joined_select])) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : ''; - $sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1 && isset($find_key_match[$active_select])) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; + + if (isset($find_key_match[$joined_select]) && sizeof($joined) == 3) + { + // Before PHP 5.1 an error value -1 can be returned instead of false. + // Theoretically gmmktime() can also legitimately return -1 as an actual timestamp. + // But since we do not pass the $second parameter to gmmktime(), + // an actual unix timestamp -1 cannot be returned in this case. + // Thus we can check whether it is -1 and treat -1 as an error. + $joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]); + + if ($joined_time !== false && $joined_time !== -1) + { + $sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time; + } + } + + if (isset($find_key_match[$active_select]) && sizeof($active) == 3 && $auth->acl_get('u_viewonline')) + { + $active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]); + + if ($active_time !== false && $active_time !== -1) + { + $sql_where .= " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . $active_time; + } + } + $sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : ''; if ($search_group_id) |