From 3e81712fd6891516b24e216992edcb15c6a6113f Mon Sep 17 00:00:00 2001 From: elij Date: Tue, 10 May 2011 21:01:29 -0700 Subject: fix case where user does not exist the query was being performed when $id was not set, resulting in an invalid sql query being performed. Signed-off-by: Lukas Fleischer --- web/lib/acctfuncs.inc | 3 +++ 1 file changed, 3 insertions(+) (limited to 'web') diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc index 5bcff8b..b2f0548 100644 --- a/web/lib/acctfuncs.inc +++ b/web/lib/acctfuncs.inc @@ -786,6 +786,9 @@ function valid_passwd( $userID, $passwd ) */ function user_suspended( $id ) { + if (!$id) { + return false; + } $dbh = db_connect(); $q = "SELECT Suspended FROM Users WHERE ID = " . $id; $result = db_query($q, $dbh); -- cgit v1.2.3-70-g09d2