mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

fixed a bug i invented. changed username validation to catch multiple spaces. Changed get_userdata to not get confused with usernames beginning with numbers (more stable).

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3768 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2003-03-31 06:56:31 +00:00
parent 3617af0360
commit a4138b5454
6 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
phpBB/includes/functions.php
View File

@@ -74,16 +74,19 @@ function get_db_stat($mode)
return false;
}
function get_userdata($user)
//
// Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
//
function get_userdata($user, $force_str = false)
{
global $db;
$user = ( is_string($user)) ? str_replace("\'", "''", htmlspecialchars(trim($user))) : intval($user);
$user = ((intval($user) == 0) || ($force_str)) ? str_replace("\'", "''", htmlspecialchars(trim($user))) : intval($user);
$sql = "SELECT *
FROM " . USERS_TABLE . "
WHERE ";
$sql .= ( ( is_string($user) ) ? "username = '" . $user . "'" : "user_id = $user" ) . " AND user_id <> " . ANONYMOUS;
$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . $user . "'" ) . " AND user_id <> " . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);