[PHPBB3-15865] Local avatar driver CHECKED value is wrong due to mismatched URL encoding

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Minor
Resolution: Unresolved
Affects Version/s: 3.2.3
Fix Version/s: None
Component/s: None
Labels:
None

Description

In phpbb\avatar\driver\local, $img['file'] and $row['avatar'] are compared to determine whether or not a given local avatar is the current user’s avatar. $img['file'] is partially URL encoded and $row['avatar'] is not, so these comparisons fail whenever the avatar’s filename or path contains characters that are not in the range [0-9a-fA-F_.~-].

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Snover [X] (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Nov/18 3:56 PM

Updated:: 05/Nov/18 3:56 PM