Jump to ContentJump to Navigation/Login
` ` ` ` ` `

Login
[Register]

Subscribe to Updates

Occasional ATutor release updates


Services

Members Online

No Members Logged In

(9 guests in past 15 min.)

Web Accessibility Course

Access Understanding Web Accessibility to learn about accessibility, or Register to take the course for FREE.

IMS Certified

IMS Global Certified

Home > Forums > ATutor Bug Reports > A bug in Administrative section

Support Forums

ATutor Bug Reports

A bug in Administrative section


You must be signed-in to post.

AuthorSubject
  Page: 1
IndieRect

Avatar for IndieRect
Subject: A bug in Administrative sectionQuote this post in your reply
The form in admin/admins/index.php (list of administrators) uses the GET method for transferring an administrator login to a number of files, including admin/admins/edit.php.
Meanwhile, the form in a latter file uses the POST method.

The problem appears when the information is submitted.
If any errors in information input are found, control flows to line 101. There an SQL query is made using $_GET['login'] which is not set at this point (instead, $_POST['login'] is set).
This causes an error AT_ERROR_USER_NOT_FOUND.

You could replace

$_GET['login'] = $addslashes($_GET['login']);

with

$_GET['login'] = $addslashes($_REQUEST['login']);

in line 99 of the file.


Alternatively and looking deeper, it might make sense to use POST in admin/admins/index.php and children pages.
Posted: 2005-09-08 16:53:27
 Page: 1

You must be signed-in to post.