« Return to Thread: solution for UIDs bigger than 2^31
Re: solution for UIDs bigger than 2^31
by Paul Lesniewski
::
Rate this Message:
On Wed, Nov 26, 2008 at 7:50 AM, Michal Hlavinka <mhlavink@...> wrote:
> Paul Lesniewski wrote:
>> On Tue, Nov 25, 2008 at 5:40 AM, Michal Hlavinka <mhlavink@...> wrote:
>>
>>> ...
>>>
>>> solution:
>>> In sf tracker (no change for 10 months) is recommended to "cast" input
>>> values to strings and change them to zero if input value is not numeric.
>>> I was finishing patch for this
>>>
>>
>> I hope against 1.5.2. I'm not sure we want to change this much code
>> for 1.4.x. Please send the patch when you are done.
>>
> In fact it's not so much code. Only replace $a=(int)$b; to
> $a=sqrestrict_to_num($b);
> sqrestrict_to_int contains only : return (is_numeric($b) ? $b : 0);
> Casting not int to int
> results to 0, so there is no change.
Not sure what you mean by "no change", but this seems about right.
The "this much code" comment was based more on the number of pages
that may need to be changed, not that the change itself is big.
However, I'm not sure we'd want to use is_numeric(). See the PHP
manual regarding how it accepts scientific notation and hex numbers
and decimal points. Rather, I believe we only want
preg_match('/^[0-9]$/'), no?
> I was making this patch against 1.4 svn version, but I can make it for
> devel version,
> that's not a problem.
Thanks
>>> but I've found squirrelmail uses also
>>> ++, -- and comparison operators for UIDs (in
>>> plugins/delete_move_next/setup.php: 152: delete_move_next_read(...)
>>> function). So strings can't be used for this.
>>>
>>
>> I think you are using an outdated version of SM.
>>
> svn 1.4 is outdated?
> (
> http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/
> )
Hmm, well, your comments about the delete_move_next plugin didn't
match what I see there, but I am not sure I've updated it in a while.
I can double-check, but so should you.
>>> What do you think about this? Or, do you think, there is another solution?
>>>
>>
>> I'd vote for the string implementation (in 1.5.2).
>>
> Yes, but what about that numeric operators? Of course, making functions for
> =, !=, <, <=, ++ and -- is not so difficult, but also it's not too nice IMO.
I don't see them in delete_move_next.
> Btw, what is 1.5.2 svn directory?
> Is it http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/trunk/ ?
Yes, trunk.
> It looks it contains some files 7 years old... for example
> plugins/delete_move_next/setup.php
> from the above looks older than from 1.4
trunk/squirrelmail
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-devel@...
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
> Paul Lesniewski wrote:
>> On Tue, Nov 25, 2008 at 5:40 AM, Michal Hlavinka <mhlavink@...> wrote:
>>
>>> ...
>>>
>>> solution:
>>> In sf tracker (no change for 10 months) is recommended to "cast" input
>>> values to strings and change them to zero if input value is not numeric.
>>> I was finishing patch for this
>>>
>>
>> I hope against 1.5.2. I'm not sure we want to change this much code
>> for 1.4.x. Please send the patch when you are done.
>>
> In fact it's not so much code. Only replace $a=(int)$b; to
> $a=sqrestrict_to_num($b);
> sqrestrict_to_int contains only : return (is_numeric($b) ? $b : 0);
> Casting not int to int
> results to 0, so there is no change.
Not sure what you mean by "no change", but this seems about right.
The "this much code" comment was based more on the number of pages
that may need to be changed, not that the change itself is big.
However, I'm not sure we'd want to use is_numeric(). See the PHP
manual regarding how it accepts scientific notation and hex numbers
and decimal points. Rather, I believe we only want
preg_match('/^[0-9]$/'), no?
> I was making this patch against 1.4 svn version, but I can make it for
> devel version,
> that's not a problem.
Thanks
>>> but I've found squirrelmail uses also
>>> ++, -- and comparison operators for UIDs (in
>>> plugins/delete_move_next/setup.php: 152: delete_move_next_read(...)
>>> function). So strings can't be used for this.
>>>
>>
>> I think you are using an outdated version of SM.
>>
> svn 1.4 is outdated?
> (
> http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/
> )
Hmm, well, your comments about the delete_move_next plugin didn't
match what I see there, but I am not sure I've updated it in a while.
I can double-check, but so should you.
>>> What do you think about this? Or, do you think, there is another solution?
>>>
>>
>> I'd vote for the string implementation (in 1.5.2).
>>
> Yes, but what about that numeric operators? Of course, making functions for
> =, !=, <, <=, ++ and -- is not so difficult, but also it's not too nice IMO.
I don't see them in delete_move_next.
> Btw, what is 1.5.2 svn directory?
> Is it http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/trunk/ ?
Yes, trunk.
> It looks it contains some files 7 years old... for example
> plugins/delete_move_next/setup.php
> from the above looks older than from 1.4
trunk/squirrelmail
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-devel@...
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
« Return to Thread: solution for UIDs bigger than 2^31
| Free embeddable forum powered by Nabble | Forum Help |
