diff --git a/classes/db/prefs.php b/classes/db/prefs.php
index 70d8b24c0..1fddd27c5 100644
--- a/classes/db/prefs.php
+++ b/classes/db/prefs.php
@@ -26,7 +26,7 @@ class Db_Prefs {
$user_id = $_SESSION["uid"];
@$profile = $_SESSION["profile"];
- if (!$profile || get_schema_version() < 63) $profile = null;
+ if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null;
$sth = $this->pdo->prepare("SELECT
value,ttrss_prefs_types.type_name as type_name,ttrss_prefs.pref_name AS pref_name
@@ -65,7 +65,7 @@ class Db_Prefs {
return $this->convert($tuple["value"], $tuple["type"]);
}
- if (!$profile || get_schema_version() < 63) $profile = null;
+ if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null;
$sth = $this->pdo->prepare("SELECT
value,ttrss_prefs_types.type_name as type_name
@@ -112,9 +112,11 @@ class Db_Prefs {
if (!$user_id) {
$user_id = $_SESSION["uid"];
@$profile = $_SESSION["profile"];
+ } else {
+ $profile = null;
}
- if (!$profile || get_schema_version() < 63) $profile = null;
+ if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null;
$type_name = "";
$current_value = "";
diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php
index 41beabb9e..5a787bb0c 100644
--- a/classes/pref/prefs.php
+++ b/classes/pref/prefs.php
@@ -452,12 +452,16 @@ class Pref_Prefs extends Handler_Protected {
print '
';
- if ($_SESSION["profile"]) {
+ $profile = $_SESSION["profile"];
+
+ if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null;
+
+ if ($profile) {
print_notice(__("Some preferences are only available in default profile."));
}
if ($_SESSION["profile"]) {
- initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]);
+ initialize_user_prefs($_SESSION["uid"], $profile);
} else {
initialize_user_prefs($_SESSION["uid"]);
}
@@ -473,7 +477,7 @@ class Pref_Prefs extends Handler_Protected {
ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
owner_uid = :uid
ORDER BY ttrss_prefs_sections.order_id,pref_name");
- $sth->execute([":uid" => $_SESSION['uid'], ":profile" => $_SESSION['profile']]);
+ $sth->execute([":uid" => $_SESSION['uid'], ":profile" => $profile]);
$lnum = 0;
@@ -497,8 +501,7 @@ class Pref_Prefs extends Handler_Protected {
if (!$short_desc) continue;
- if ($_SESSION["profile"] && in_array($line["pref_name"],
- $profile_blacklist)) {
+ if ($profile && in_array($line["pref_name"], $profile_blacklist)) {
continue;
}
diff --git a/include/functions.php b/include/functions.php
index dcb2e7518..1ff18c8bb 100755
--- a/include/functions.php
+++ b/include/functions.php
@@ -584,7 +584,7 @@
$sth = $pdo->query("SELECT pref_name,def_value FROM ttrss_prefs");
- $profile = $profile ? $profile : null;
+ if (!is_numeric($profile) || !$profile || get_schema_version() < 63) $profile = null;
$u_sth = $pdo->prepare("SELECT pref_name
FROM ttrss_user_prefs WHERE owner_uid = :uid AND