Status: Unverified Fix
Component/s: Support Toolkit
I'm able to do STK > User/Group Tools > Restore Deleted Users > Select users to restore > (no name): > tick > Submit. That's possible because offering those options also offers posts where the username is empty. However, upon evaluating this user's choice it turns out the old name was (empty) and the new name should be the same (/stk/tools/usergroup/restore_deleted_users.php):
So, what's bad about that? Well, user_add() will return FALSE if the username is empty. That means this line: ...will set $user_id to 0. Now guess what's the mess when this one is executed:
Check user_add() to actually return an ordinal higher than zero, otherwise throw error.
Secure the SQL query by adding 'AND poster_id= '. ANONYMOUS to make sure no already associated posts will be overwritten.
Secure the other SQL queries around the same way.
Noticed this when analyzing this topic: Posts table poster_id all set to 0