Several calls to AbstractAdapter#executeTransaction in the UserAlert repository pass the ALLOW_DEADLOCK_RERUN option, but that option can't be combined with entities unless forceSet is set on the affected entities. Any attempt to re-run the closure in response to a deadlock will result in a...
Replacements it performs:
% -> \%
_ -> \_
However, it neglects to perform:
\ -> \\
This means input such as this:
Which MySQL/MariaDB will interpret as a literal backslash followed by a LIKE wildcard.
While this could theoretically result in security vulnerabilities in...
The following URL will result in a 404 with MariaDB but an exception with MySQL 8.0.x: https://xenforo.com/community/help/%c0a Furthermore, the exception may fail to log to the database and third-party monitoring services (in our case, Datadog).
This tends to be triggered often by...
Facebook use to periodically verify their developers applications compliance, so one of their staff members contacted me complaining that I had to provide a test user account, so they could verify my application work flow and compliance as it seemed that it wasn't being used properly by my app...
Alice creates a thread in forum 1. The discussion_state is visible, so the forum's last_post_* and last_thread_* fields are updated.
Bob creates a thread in forum 1 after Alice, but during the same second. The discussion_state is moderated or deleted. The latter state should never happen...
$ php cmd.php xf:upgrade
Current version: 2020672
Upgrade target: 2020770 (2.2.7)
Are you sure you want to continue with the upgrade? [y/n] y
All upgrade steps run up to version 2.2.7.
Importing... Master data (Templates)
Rebuilding... Phrases .
Rebuilding... Permissions .
convertIpStringToBinary fails in some scenarios because it tries to handle a situation in which the input has already been converted. It would probably be better if it were just simple wrappers around inet_pton().
In particular, a valid IPv6 address in its string representation can be a valid...
Currently, email queue processing works roughly like this:
Mark entry as being processed by setting send_date 15 minutes into the future.
If marking failed, it's already being processed; skip this item.
If deserialization failed or is not an instance of...
When a thread is deleted, XF\Entity\Thread#_postDelete() fails to clean some tables, such as xf_thread_watch. At the end of the method, it cleans thread reply bans:
$db->delete('xf_thread_reply_ban', 'thread_id = ?', $this->thread_id);
I would expect it to handle xf_thread_watch and...
In PHP, some comparisons with == or in_array may return true when the programmer expects them to return false. For example, "00" == "0000" is true in PHP, as is in_array("00", ["0000"]). XenForo 2 performs loose comparisons in some places that can potentially result in bugs...
The inlinemod cookies, such as xf_inlinemod_conversations, currently have an unbounded size. Cookies aren't really supposed to be > 4 KiB, but it's not too difficult for an end user to end up with a cookie far larger than that just by selecting several pages of conversations for deletion. From...
RSS generated for posts with embedded attachments may contain code such as the following:
<content:encoded><![CDATA[<div class="bbWrapper"><b><i><span style="color: #ff0000">Test</span></i></b><br />
<script class="js-extraPhrases" type="application/json">
Steps to reproduce:
Create a new thread with a unique tag. That tag must not be used anywhere else.
Click the tag edit link in the thread to edit its tags.
Click the "x" next to the tag to remove it.
Submit the form by clicking "Save", but do not refresh or navigate away from the page.
It's possible to create a warning definition with:
1. a title that is longer than the maximum length of a warning title
2. a conversation title that is longer than the maximum length of a conversation title
There won't be any error when the warning definition is created, nor will there be any...
Currently (XF2.2.2), when a user doesn't have a password set for their account and requests a password via the "Password and security" page, they can send any number of requests without any restrictions. Of course, they can only flood their own email account in such a way, but this also...
Running into the same problem as this:
Using Microsoft Edge Version 87.0.664.75 (Official build) (64-bit)
Only way to paste link and have it unfurl is to right click paste as plain text. Identical to the...