From 6090c2ae8b6b33af79cae2ed63ebe5209d0729b3 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Tue, 18 Apr 2017 08:36:29 +0200 Subject: Check query return value in search_results_page() Instead of unconditionally calling fetch on the return value of query(), error out early if the value evaluates to false. Also, make sure that the results array is always initialized, even if the result set is empty. Signed-off-by: Lukas Fleischer --- web/lib/acctfuncs.inc.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 3c8f9edb..22b3ca8d 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -495,8 +495,11 @@ function search_results_page($O=0,$SB="",$U="",$T="", $result = $dbh->query($q); - while ($row = $result->fetch(PDO::FETCH_ASSOC)) { - $userinfo[] = $row; + $userinfo = array(); + if ($result) { + while ($row = $result->fetch(PDO::FETCH_ASSOC)) { + $userinfo[] = $row; + } } include("account_search_results.php"); -- cgit v1.2.3-24-g4f1b