Posted 1 month ago #
To whoever is responsible for the code update, there are two notices version 2.5. Bellow are the line numbers that fix them:
Line 514:
// add the following isset() to the condition
if (isset($_GET['pollresult']) || ...)
Line 76:
// replace this line with the code bellow
$pollresult_id = isset($_GET['pollresult']) ? intval($_GET['pollresult']) : 0;
Please update
Dimitry Zolotaryov
WebIT.ca
Thanks, the one at line 514 should be && instead of ||. If using || will result in XSS because the value is not escaped.
if(isset($_GET['pollresult']) && intval($_GET['pollresult']) == 0) {
Posted 1 month ago #
Would you please share what file these fixes should be made in? Will it fix the fact that my results are no longer visible?
I'm also a little confused, isn't this normally something that would be handled by updating the plugin?
Thanks,
MC
You must log in to post.
