Bug #1976

Lack of validation with poll voting

Added by Nathan Malcolm about 1 year ago. Updated about 1 year ago.

Status:ClosedStart date:03/25/2012
Priority:NormalDue date:
Assignee:Tom Moore% Done:

100%

Category:Polls
Target version:1.6.8
Reproducibility:Rarely Database Type:
Reported In MyBB Version:1.6.6 Database Version:
PHP Version: SQA assignments:Nathan Malcolm
Browser:

Description

I encountered this issue when Paul was changing a single vote option in to a multi vote option. It occurred because I voted when the single vote option was in affect and it was expecting data from multi vote.

See the attached screenshot.

Screenshot.png (30.8 KB) Nathan Malcolm, 03/25/2012 05:09 pm

screen5.png (36.9 KB) Nathan Malcolm, 04/29/2012 03:54 am

History

#1 Updated by Nathan Malcolm about 1 year ago

  • File find_replace.png added
  • Subject changed from Obscure SQL error with poll voting to Lack of validation with poll voting

Actually, this is due to a lack of validation in general.

If you edit the page source and change:

option[2]

to something like:

option[abc]

and try to vote, you'll meet the exact same error.

#2 Updated by Nathan Malcolm about 1 year ago

  • File deleted (Screenshot.png)

#3 Updated by Tom Moore about 1 year ago

  • Target version set to 1.6.8

#4 Updated by Tom Moore about 1 year ago

  • Status changed from New to Assigned
  • Assignee set to Tom Moore

#5 Updated by Tom Moore about 1 year ago

  • Status changed from Assigned to Resolved
  • % Done changed from 0 to 100

Applied in changeset r5804.

#6 Updated by Nathan Malcolm about 1 year ago

  • File screen5.png added
  • Status changed from Resolved to Feedback

Error message shows as expected but also produces a PHP warning.

#7 Updated by Tom Moore about 1 year ago

Can't replicate the warning - what are doing to get it to display?

#8 Updated by Nathan Malcolm about 1 year ago

Created a poll in the standard manner, edited the poll in a new tab and set it to multiple choice, voted on the poll (While it was still a single option poll).

#9 Updated by Tom Moore about 1 year ago

  • Status changed from Feedback to Resolved

Applied in changeset r5824.

#10 Updated by Nathan Malcolm about 1 year ago

  • Status changed from Resolved to Feedback

There's also a PHP warning when voting on a multiple option poll which has been changed to a single option poll.

PHP Fatal error:  Unsupported operand types in polls.php on line 890

#11 Updated by Tom Moore about 1 year ago

  • Status changed from Feedback to Resolved

Applied in changeset r5826.

#12 Updated by Nathan Malcolm about 1 year ago

  • Status changed from Resolved to Closed
  • SQA assignments set to Nathan Malcolm

Also available in: Atom PDF