Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

#652 - Fix for other negative values on admin pages

  • Loading branch information...
commit 323c556cccbf4c3c01b880cdffa2e9154d665205 1 parent 1b5334c
Jan Dorsman oldskool authored
Showing with 8 additions and 4 deletions.
  1. +4 −4 admin_groups.php
  2. +4 −0 admin_permissions.php
8 admin_groups.php
View
@@ -267,10 +267,10 @@
$search = isset($_POST['search']) ? intval($_POST['search']) : '1';
$search_users = isset($_POST['search_users']) ? intval($_POST['search_users']) : '1';
$send_email = (isset($_POST['send_email']) && $_POST['send_email'] == '1') || $is_admin_group ? '1' : '0';
- $post_flood = isset($_POST['post_flood']) ? intval($_POST['post_flood']) : '0';
- $search_flood = isset($_POST['search_flood']) ? intval($_POST['search_flood']) : '0';
- $email_flood = isset($_POST['email_flood']) ? intval($_POST['email_flood']) : '0';
- $report_flood = isset($_POST['report_flood']) ? intval($_POST['report_flood']) : '0';
+ $post_flood = (isset($_POST['post_flood']) && $_POST['post_flood'] >= 0) ? intval($_POST['post_flood']) : '0';
+ $search_flood = (isset($_POST['search_flood']) && $_POST['search_flood'] >= 0) ? intval($_POST['search_flood']) : '0';
+ $email_flood = (isset($_POST['email_flood']) && $_POST['email_flood'] >= 0) ? intval($_POST['email_flood']) : '0';
+ $report_flood = (isset($_POST['report_flood']) && $_POST['report_flood'] >= 0) ? intval($_POST['report_flood']) : '0';
if ($title == '')
message($lang_admin_groups['Must enter title message']);
4 admin_permissions.php
View
@@ -28,6 +28,10 @@
foreach ($form as $key => $input)
{
+ // Make sure the input is never a negative value
+ if($input < 0)
+ $input = 0;
+
// Only update values that have changed
if (array_key_exists('p_'.$key, $pun_config) && $pun_config['p_'.$key] != $input)
$db->query('UPDATE '.$db->prefix.'config SET conf_value='.$input.' WHERE conf_name=\'p_'.$db->escape($key).'\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
Please sign in to comment.
Something went wrong with that request. Please try again.