Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
In events.php on line 87 there is a check:
else if (isset($editCRforCid)) {
...
}
which is always true, because $editCRforCid is set just about this expression (it's set to two unset values .'ed together, but it's still set). This means that the SQL statement:
"update COMMENTS_RATING set comments='$editcomments', ratings='$rating' where username='$username' and socialeventid='$se' and commentid='$cid'";
will always execute (when someone's not adding a comment in which case the first part of the if would be true). It won't do anything because $cid isn't set so the SQL is actually invalid, but it will hurt performance.
To fix simply change the else if to:
else if (isset($_POST['editcommentsratingsubmit']) && isset($_POST['editingcid'])) {
...
}
and get rid of $editCRforCid all together
