Forum Errors

[trust]

searching appears to be fubar

[iago]

Do you mean moreso than usual? SMF's searching has always been.. unpredictable.

[Joe]

Remember, you found the exploit that allowed non-members to search and see posts in the members forum, and killed search.php.

[iago]

Surely you mean that zorm did.

[trust]

I don't know it just kept returning an error when I tried searching yesterday. I didn't try it more than a few times though so maybe it's random.

[iago]

Well, posting the error would have been more helpful. I thought you meant that it returned crappy results, because SMF almost always returns crappy results for searches. For example, this is the first result when searching for "Canadian"...

For anybody who cares, here's the error:
DROP command denied to user 'smf'@'192.168.2.11' for table 'smf_tmp_log_search_topics'
File: /web/x86/web/forum/Sources/Search.php
Line: 1006

Why the hell does SMF need "drop" access in the database? That's just asking for a "drop table *" if somebody finds sql injection...

[rabbit]

db_query("

DROP TABLE IF EXISTS {$db_prefix}tmp_log_search_topics", __FILE__, __LINE__);

$createTemporary = db_query("

CREATE TEMPORARY TABLE {$db_prefix}tmp_log_search_topics (

ID_TOPIC mediumint(8) unsigned NOT NULL default '0',

PRIMARY KEY (ID_TOPIC)

) TYPE=HEAP", false, false) !== false;

It's trying to drop a temporary clone table, but you won't let it.

[iago]

Well, I'm allowing it now. Using a temporary table sounds yucky, though, isn't there a better way to do it?

[rabbit]

Probably.  It's probably been changed since version 2.