By ref errors #459
Merged
By ref errors #459
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Researching issue XOOPS#429 and found several by reference object assignments (quietly ignored since only anonymous can use it.) While in the code, added the input constraints as suggested by Cedric. I can't pinpoint the exact scenario, but there are a lot of paths in the register script. Limiting GET method requests to the intended set of operations sounds like a good idea.
Collaborator
|
there are more potential reference issues: |
Contributor
|
There are quite a few by reference issues (100+) still in the 2.5.x codebase but I'm not sure if you want to change these right before an RC release. I did a quick regex search of the code (=[\s]?&) and it turned up nearly 400 instances... I'd estimate that about half of these could be considered "valid" (e.g. are by-ref for vars) but the others probably should be removed at some point. |
Contributor
Author
|
I made changes in this case while I was investigating an open issue. As you mention, there are many other cases, but in our defense, we have eliminated far more than remain. I think that is good for now. We can pursue the rest after we get this release out. |
Contributor
|
Agree. That's one of the reasons I didn't submit a patch/pull request
right now. Besides the fact that I'm crazy busy right now... :-[
…On 4/14/2017 2:21 PM, Richard Griffith wrote:
I made changes in this case while I was investigating an open issue.
As you mention, there are many other cases, but in our defense, we
have eliminated far more than remain. I think that is good for now. We
can pursue the rest after we get this release out.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#459 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AHVDutVC0rNPEQvam1ckx2wEB6v9rXEtks5rv8cxgaJpZM4M8KSQ>.
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Researching issue #429 and found several by reference object assignments (quietly ignored since only anonymous can use it.)
While in the code, added input constraints as suggested by Cedric. I can't pinpoint an exact scenario, but there are a lot of paths in the register script. Limiting GET method requests to the intended set of operations sounds like a good idea.