Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 DEV-Group
 DEV Bug Reports (Closed)
 V33(.03) BUG_FIX: pop_profile.asp line 678		  Forum Locked  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

pweighill
Junior Member

United Kingdom
453 Posts
Posted - 20 November 2001 :  17:16:00  Show Profile
On line 678 of pop_profile.asp:
strSql = strSql & " WHERE "&Strdbntsqlname&" = '" & ChkString(STRdbntUserName, "decode") & "' "

the string is not converted to an "SQLString" and should be replaced with the following line:
strSql = strSql & " WHERE "&Strdbntsqlname&" = '" & ChkString(ChkString(STRdbntUserName, "decode"),"SQLString") & "' "

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 20 November 2001 :  17:44:02  Show Profile
No need to run it through ChkString twice. Especially since the "decode" is HTMLDecoding it, and the "SQLString" is HTMLEncoding it, effectively cancelling each other out.

how about this:

		strSql = strSql & " WHERE " & strDBNTSQLName & " = '" & chkString(strDBNTUserName, "SQLString") & "' "
Go to Top of Page

Da_Stimulator
DEV Team Forum Moderator

USA
3373 Posts
Posted - 24 November 2001 :  09:34:24  Show Profile  Send Da_Stimulator an AOL message  Send Da_Stimulator a Yahoo! Message
Fixed for 3.4

----
-Eric | Mod Resource | Test Area
Sleep: A completely inadequate substitute for caffeine
http://phpscriptcenter.com -Quality PHP Scripts
Go to Top of Page

Deleted
deleted

4116 Posts
Posted - 01 December 2001 :  15:21:48  Show Profile
Fixed in [v40b03patch001]...

Think Pink
Test Site not ready yet | Post v40b03 Patches
Go to Top of Page
  Previous Topic Topic Next Topic  
 Forum Locked  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.14 seconds. Powered By: Snitz Forums 2000 Version 3.4.07