mentecky
|
| Posted: 01/17/2009, 2:18 AM |
|
Hi all!
I have confirmed a HUGE bug that you have just seen the results. I tested what
THX1138 said he did step by step and he's 100% correct. On my test site adding a
record with the SQL_Where or SQL_OrderBy tags in a text field and then UPDATING
it overwrote every record in my table.
Since I can't post those tags here without possibly blowing the entire board up
again, I have posted a message at CCSElite.com that describes the problem and
has the code I used to patch Common.php.
You can find it here:
http://www.ccselite.com/forums_topics_view.php?forum_id=2&forum_topic_id=41
I highly suggest you look at it.
This is the patch I have installed on CCSElite and it seems to be working just
fine.
Rick
_________________
Richard J. Mentecky
http://www.ccselite.com
http://www.mentecky.com
Spock: As I recall you took the test three times yourself. Your final solution
was, shall we say, unique?
Kirk: It had the virtue of never having been tried.
---------------------------------------
Sent from YesSoftware forum
http://forums.yessoftware.com/
|
|
|
 |
jjrjr1
|
| Posted: 01/17/2009, 6:59 AM |
|
Hi All
Since this is largely a PHP issue, thought I would post here too.
I hope everyone recognizes the severity and impact of this bug.
This means any CCS site, any of us have created ,and put into production for a
client can have the entire database destroyed with a simple update of a record.
In the absense of a YesSoftware solution we probably need to implement Rick's
fix ASAP. (You Rock Rick)
Don't know about the rest of you, but I have several clients who's system now
needs a critical update to prevent possible database destruction.
Have Fun....
_________________
More CCS Info at: http://CCSElite.com[/b]
Keep On Truckin' 
John Real
http://RealSites.biz
http://RealTest.biz
http://3rdRockRealtor.com[/b]
---------------------------------------
Sent from YesSoftware forum
http://forums.yessoftware.com/
|
|
|
|
jjrjr1
|
| Posted: 01/17/2009, 7:35 AM |
|
BTW...
Thanks Rick for working all night on this solution for us.
It is greatly appreciated since no other fix has been suggested from Yes
Support.
Hoping they recognize the severe impact this has on all the installed CCS
applications running out there and wondering what Yes will propose.
Thanks again. "You Rock".
Have fun...
_________________
More CCS Info at: http://CCSElite.com[/b]
Keep On Truckin'
John Real
http://RealSites.biz
http://RealTest.biz
http://3rdRockRealtor.com[/b]
---------------------------------------
Sent from YesSoftware forum
http://forums.yessoftware.com/
|
|
|
|
|
