[PHPBB3-10021] "Find a member" generates SQL error when large dates are entered

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.0.8
Fix Version/s: 3.0.9-RC1
Component/s: ACP
Labels:
None
Environment:
PHP 5.1.6 Mysql 5.0.77 (CentOS 5.5 Build)

GitHub Pull Request URL:
https://github.com/bantu/phpbb3/compare/ticket/10021
Fix URL:
https://github.com/phpbb/phpbb3/pull/109

Description

Entering an invalid date (20111-02-03 in this case) into the "Find a member" search forms "joined" input element results in SQL query error (General Error) copied below.

General Error
SQL ERROR [ mysqli ]

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 4 [1064]

SQL

SELECT COUNT(u.user_id) AS total_users FROM phpbb_users u WHERE u.user_type IN (0, 3) AND u.user_regdate <

BACKTRACE

FILE: includes/db/mysqli.php
LINE: 163
CALL: dbal->sql_error()

FILE: memberlist.php
LINE: 1263
CALL: dbal_mysqli->sql_query()

Attachments

Issue Links

is related to

PHPBB3-10104 missing one intval() along with others already being there

Closed

Activity

People

Assignee:: Andreas Fischer

Reporter:: siosal

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 03/Feb/11 6:40 PM

Updated:: 22/Jan/17 4:00 PM

Resolved:: 18/Mar/11 1:54 AM