Support ⇒ Upgrades ⇒ [Fixed] Forum sync fix ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexUpgrades

[Fixed] Forum sync fix Reply to topic


There are circumstances when a visitor inadvertently may cause topic sync to execute, causing forum topics to run 2 queries overhead + 2 queries each post the topic holds for no reason at all.

This is done by simply using some browsing options but can also be maliciously used to cause issues.

All versions are effected. Open modules/Forums/viewtopic.php and around line 300 replace the entire block of code with
<?php

$postrow = array();
if ($row = $db->sql_fetchrow($result)) {
 do {
  $postrow[] = $row;
 }
 while ($row = $db->sql_fetchrow($result, SQL_ASSOC));
 $db->sql_freeresult($result);
 $total_posts = count($postrow);
} else {
 message_die(GENERAL_MESSAGE, $lang['No_posts_topic']);
}

$resync = FALSE;
if ($forum_topic_data['topic_replies'] + 1 < $start + count($postrow)) {
 $resync = TRUE;
} elseif ($start + count($postrow) > $forum_topic_data['topic_replies'] + 1) {
 $row_id = intval($forum_topic_data['topic_replies']) % intval($board_config['posts_per_page']);
 $resync = (
  ('ASC' == $post_time_order && $postrow[$row_id]['post_id'] != $forum_topic_data['topic_last_post_id'])
  || $start + count($postrow) < $forum_topic_data['topic_replies']);
}
?>

.:: I met php the 03 December 2003 :: Unforgettable day! ::.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
CloudLinux / Apache 2.4 LSAPI / MySQLi 5.6 / PHP 5.6 / DCVS

Last edited by NanoCaiordo on Sat Jan 21, 2012 2:17 am; edited 3 times in total


Thanks Nano... Smile

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux/Apache2.2.9/MySql 5.1.59/PHP 5.2.17/CPGDragonfly 9.3.3.0


Seems to be on line 341 if you are using ForumsPlus.

Thanks for update, Nano!

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


Code updated, two more were found!

.:: I met php the 03 December 2003 :: Unforgettable day! ::.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
CloudLinux / Apache 2.4 LSAPI / MySQLi 5.6 / PHP 5.6 / DCVS


Was just trying to clarify what exactly has to change for 2nd update, and noticed that:

- DF9 CVS has not yet been updated (9.39.2.4 seems to match the earlier version of this sync patch - although hard to be sure with no Changes listing for DF9 files)

- DF10 CVS has the update, but does not delete the require_once('includes/phpBB/functions_admin.php'); line that is dropped in this 2nd patch.

Or am I just getting confused?

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


I don't recall the removal of the require_once(), but just replacing the entire block of code with the above does the job.

As per 9.3 cvs, glad to know someone use it, will soon include all the above patches and a maintenance version will be released.

.:: I met php the 03 December 2003 :: Unforgettable day! ::.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
CloudLinux / Apache 2.4 LSAPI / MySQLi 5.6 / PHP 5.6 / DCVS


Moreover, as Phoenix made me notice, the second patch it's not in cvs yet.

The delete require_once() is only in the second patch, not the first one.

.:: I met php the 03 December 2003 :: Unforgettable day! ::.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
CloudLinux / Apache 2.4 LSAPI / MySQLi 5.6 / PHP 5.6 / DCVS


My fault actually - I was maintaining updates and neglected things over the silly season.

v9 cvs now rectified - v10 cvs will be updated later with a host of other changes.

DonationsPro for DragonflyCMS & SMF

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):


Thanks guys, just wanted to be sure before I pushed it live on production site (1st iteration already live without issue) pentaxslr.eu.

FYI I'm using on ForumsPlus (2.0.6) but under DF 9.2.1.

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4

All times are UTC


Jump to: