Stavo provando https://server/shared/sendemail?sendto="
e ho ricevuto questa risposta:
Database operation "0or1row" failed
(exception ERROR, "ERROR: invalid input syntax for integer:"""
LINE 4: where user_id = '"';
^
")
while executing
"ns_pg_bind 0or1row nsdb0 {
select first_names, last_name
from cc_users
where user_id = :sendto
}"
("uplevel" body line 1)
invoked from within
"uplevel $ulevel [list ns_pg_bind $type $db $sql]"
("postgresql" arm line 2)
invoked from within
"switch $driverkey {
oracle {
return [uplevel $ulevel [list ns_ora $type $db $sql] $args]
}
..."
Se inserisco un ID utente casuale come in https://server/shared/sendemail?sendto=999
, il server mostra questo messaggio:
Query did not return any rows.
while executing
"db_1row user_to_info { *SQL* }"
("uplevel" body line 22)
invoked from within
"uplevel {
ad_page_contract {
Sends an email to the user with user_id = sendto
Le mie domande sono, è sfruttabile? Alcune spiegazioni di ciò che sta accadendo sarebbe grandioso.