bdking71
Forum Replies Created
-
lol. Thanks. ??
I looked back at the code in the older version and that code reads:
public static function user_id_exists( $user_id ) {
global $wpdb;
//return false if username is null
if ( $user_id == ” ) {
return false;
}//query the user table to see if the user is there
$userid = $wpdb->get_var( $wpdb->prepare( “SELECT ID FROM" . $wpdb->users . "WHERE ID=’%s’;”, sanitize_text_field( $user_id ) ) );if ( $userid == $user_id ) {
return true;
} else {
return false;
}
}(Version 4.4.9) I was looking in the code, and I think I may have found the problem. In the class-itsec-lib.php, I found this code:
public static function user_id_exists( $user_id ) {
global $wpdb;
//return false if username is null
if ( $user_id == ” ) {
return false;
}
//queary the user table to see if the user is there
$user_id = $wpdb->get_var( $wpdb->prepare( “SELECT ID FROM" . $wpdb->users . "WHERE ID=’%s’;”, sanitize_text_field( $user_id ) ) );
if ( $user_id == $user_id ) {
return true;
} else {
return false;
}
}It seems to me that this line “if ( $user_id == $user_id ) {” will always return true, and thus say it is found user_id=1 even if it doesn’t exists in the database table.