phpBB3

Strict comparison on user_id for sending pms

Details

  • Type: Bug Bug
  • Status: Unverified Fix Unverified Fix
  • Priority: Minor Minor
  • Resolution: Fixed
  • Affects Version/s: 3.0.10
  • Fix Version/s: 3.0.11-RC1
  • Component/s: Other
  • Labels:
    None

Description

F.e. includes/functions_privmsgs.php

				// Additionally, do not include the sender if he is in the group he wants to send to. ;)
				if ($row['user_id'] === $user->data['user_id'])
				{
					continue;
				}

This code compares two strings to be exactly the same. If there is a MOD that casts the global user_id to int (which I think is a security addition), the comparison will fail.
(In this case it sends group pms also to the sender.)
The code should either check == only, or both values should be casted to int.

Issue Links

is related to

Bug - A problem which impairs or prevents the functions of the product. PHPBB3-10904 Misleading message when PMing an empty group

  • Minor - Minor loss of function, or other problem where easy workaround is present.
  • Open - The issue is open and ready for the assignee to start work on it.

Activity

phpBB Continuous Integration View RSS feed

People

  • Assignee:
    Andreas Fischer
    Reporter:
    Joas Schilling
Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved: