0016940: undefined function db_params() in core/news_api.php - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0016940	mantisbt	news	public	2014-02-08 13:45	2014-03-03 14:24

Reporter	syzop	Assigned To	dregad
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.2.16
Target Version	1.2.17	Fixed in Version	1.2.17

Summary	0016940: undefined function db_params() in core/news_api.php
Description	PHP Fatal error: Call to undefined function db_params() in /www/core/news_api.php on line 269 Presumably the: $query .= " WHERE project_id=" . db_params(); should be: $query .= " WHERE project_id=" . db_param();
Additional Information	Bug introduced in 1.2.16
Tags	No tags attached.

MantisBT: master-1.2.x 05b3bb4d 2014-02-08 11:38 dregad Details Diff	Fix 0016940: undefined function db_params() in news_api.php Regression introduced by 7efe0175f0853e18ebfacedfd2374c4179028b3f (fix for issue 0016880)	Affected Issues 0016880, 0016940
	mod - core/news_api.php	Diff File
MantisBT: master 7fef194b 2014-02-08 11:38 dregad Details Diff	Fix 0016940: undefined function db_params() in news_api.php Regression introduced by 7efe0175f0853e18ebfacedfd2374c4179028b3f (fix for issue 0016880)	Affected Issues 0016880, 0016940
	mod - core/news_api.php	Diff File

related to	0016880	closed	dregad	CVE-2014-1609: SQL injection vulnerabilities
has duplicate	0016946	closed	atrol	Main page does not show any news after upgrade

dregad 2014-02-08 16:42 developer ~0039352	Thanks for the bug report

AdamR 2014-02-13 11:04 reporter ~0039392	Confirming that this happened on my 1.2.16 too, also confirming that dropping the 's' in "db_params()" fixed it.