Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10790

Strict comparison on user_id for sending pms

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Fixed
    • 3.0.10
    • 3.0.11-RC1
    • Other
    • None

    Description

      F.e. includes/functions_privmsgs.php

      				// Additionally, do not include the sender if he is in the group he wants to send to. ;)
      				if ($row['user_id'] === $user->data['user_id'])
      				{
      					continue;
      				}

      This code compares two strings to be exactly the same. If there is a MOD that casts the global user_id to int (which I think is a security addition), the comparison will fail.
      (In this case it sends group pms also to the sender.)
      The code should either check == only, or both values should be casted to int.

      Attachments

        Issue Links

          Activity

            People

              bantu Andreas Fischer
              nickvergessen Joas Schilling [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: