aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/docs/CHANGELOG.html3
-rw-r--r--phpBB/memberlist.php10
2 files changed, 8 insertions, 5 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 0d3299eb89..f824d25e53 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -212,7 +212,8 @@
<li>[Fix] Only check whether forum image exists if forum image is specified. (Bug #51905)</li>
<li>[Fix] Fixed database updater for changes to columns having default value in MSSQL (adding/dropping constraints).</li>
<li>[Fix] Jabber SASL PLAIN authentication failures. (Bug #52995)</li>
- <li>[Change] Database updater now supports checking for existing/missing indexes.</li>
+ <li>[Fix] Check sort options on memberlist to avoid a general error. (Bug #53655)</li>
+ <li>[Change] Database updater now supports checking for existing/missing indexes.</li>
<li>[Change] submit_post() now accepts force_approved_state key passed to $data to indicate new posts being approved (true) or unapproved (false).</li>
<li>[Change] Change the data format of the default file ACM to be more secure from tampering and have better performance.</li>
<li>[Change] Template engine now permits variable includes to a limited extent.</li>
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php
index 11ff9e7685..eaaf19a14b 100644
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@@ -975,10 +975,12 @@ switch ($mode)
$msn = request_var('msn', '');
$jabber = request_var('jabber', '');
$search_group_id = request_var('search_group_id', 0);
-
+
+ // when using these, make sure that actually have values defined in $find_key_match
$joined_select = request_var('joined_select', 'lt');
$active_select = request_var('active_select', 'lt');
$count_select = request_var('count_select', 'eq');
+
$joined = explode('-', request_var('joined', ''));
$active = explode('-', request_var('active', ''));
$count = (request_var('count', '') !== '') ? request_var('count', 0) : '';
@@ -1016,9 +1018,9 @@ switch ($mode)
$sql_where .= ($yahoo) ? ' AND u.user_yim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $yahoo)) . ' ' : '';
$sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : '';
$sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : '';
- $sql_where .= (is_numeric($count)) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
- $sql_where .= (sizeof($joined) > 1) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
- $sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
+ $sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
+ $sql_where .= (sizeof($joined) > 1 && isset($find_key_match[$joined_select])) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
+ $sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1 && isset($find_key_match[$active_select])) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
$sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';
if ($search_group_id)
generated by cgit v1.2.1 (git 2.21.0) at 2025-11-04 09:13:19 +0000