foreach($usersql as $row) {

            $value = $row->var_value;

            if ($row->var_method == "normal"){

                        $pligg_vars[$row->var_name] = $value;

            }

            if ($row->var_method == "define"){

                        if($row->var_name != 'table_prefix'){

                                    $thenewval = $value;

                                    if($row->var_enclosein == ""){

                                                if($value == "true"){

                                                            $thenewval = true;

                                                } elseif($value == "false"){

                                                            $thenewval = false;

                                                }

                                    } else {

                                                $thenewval = $value;

                                    }

                                    define($row->var_name, $thenewval);

                        }

            }

            if ($main_smarty) $main_smarty->assign($row->var_name, $thenewval);

}

 

Rows from the config table (first 5 to illustrate the process:

var_name

var_value

var_method

$URLMethod

1

normal

enable_friendly_urls

True

define

votes_to_publish

0

define

days_to_publish

10

Define

$trackbackURL

Pligg.com

normal

 

In the iteration, it first assigns a variable ‘$value’ to hold the var_value:

$value = $row->var_value;

 

Then the first IF statement verifies if the var_method is normal. If true, then it executes the code and assigns $pligg_vars[$row->var_name] = $value; to be used in the assigning globals from line 48 to 61

 

 Then it skips to line 40 and assigns it to the $main_smarty variable:

if ($main_smarty) $main_smarty->assign($row->var_name, $thenewval);

 

The problem here is that the $main_smarty variable $URLMethod will be empty, because it is given $thenewval instead of $value. $thenewval is only populated when the var_method is ‘define’.

 

In the second iteration, it finds enable_friendly_urls with a var_method define then it executes the IF statement on line 25 and then assigns the $thenewval TRUE to the $main_smarty variable on line 40.

 

The third iteration,it finds votes_to_publish, with a var_method define then it executes the IF statement on line 25 and then assigns the $thenewval 0 to the $main_smarty variable on line 40.

 

The fourth iteration,it finds days_to_publish, with a var_method define then it executes the IF statement on line 25 and then assigns the $thenewval 10 to the $main_smarty variable on line 40.

 

The fifth iteration,it finds $trackbackURL, with a var_method normal then it executes the IF statement on line 22 and then assigns the $thenewval 10 to the $main_smarty variable on line 40.

 

Now let’s see what happened here. Again, the $main_smarty variable was incorrectly assigned with the $thenewval of 10, which was still populated from the previous iteration. It should have been a value of ‘pligg.com’

 

And so forth and so on, the process continues the same.

 

In addition, the incorrect placement of the code to assign the $main_smarty variable, I found a second glitch:

 

On line 26 we find

if($row->var_name != 'table_prefix'){

 

It is supposed to execute and assigns all entries except for the one that have a var_name table_prefix. Well, a $main_smarty variable is assigned to it nevertheless with an empty value.

 

So, up to here, we concluded that the process’ logic is out of order.

 

The third glitch is that the code have IF statements for var_method normal and define. However, the last entry in the config table, uninstall_module_updates, with a var_value of 0 does not have a var_method, and therefore is not assigned to $main_smarty variables.

 

This code fixes all the three glitches and correctly and accurately assigns 87 of 88 variables from the config table (87 because table_prefix is excluded)

 

foreach($usersql as $row) {

            $value = $row->var_value;

            if ($row->var_method == "normal"){

                        $pligg_vars[$row->var_name] = $value;

                        if ($main_smarty) $main_smarty->assign(str_replace("$","",$row->var_name), $value);

            }elseif ($row->var_method == "define"){

                        if($row->var_name != 'table_prefix'){

                                    $thenewval = $value;

                                    if($row->var_enclosein == ""){

                                                if($value == "true"){

                                                            $thenewval = true;

                                                } elseif($value == "false"){

                                                            $thenewval = false;

                                                } else {

                                                            $thenewval = $value;

                                                }

                                    } else {

                                                $thenewval = $value;

                                    }

                                    define($row->var_name, $thenewval);

                                    //echo "<br />".$row->var_name;

                                    if ($main_smarty) $main_smarty->assign($row->var_name, $thenewval);

                        }

            }else{

                        if ($main_smarty) $main_smarty->assign($row->var_name, $value);

            }

}