Blog Documentation Book a Demo
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Search for users returns non-matching results

ScorpionScorpion
edited September 2007 in Vanilla 1.0 Help
Just playing with the search function I noticed that searching for users containing the string 'llo' returned users such as 'wade1' as well as 'fellows' for example. Whatever short string I use returns some matching and some non-matching users. (I checked and the short strings weren't part of the users real name.) I was signed in (admin) at the time, but later I found that the same searches behave correctly (eg. only selects matching users) when I run them while signed out. This is consistently repeatable. Anyone know why it's happening ?

Comments

  • WallPhoneWallPhone
    Interesting. It appears administrators get a more powerful search, due to more user information being available to them:
    where ((u.Name like '%llo%' or u.FirstName like '%llo%' or u.LastName like '%llo%' or u.Email like '%llo%' ) )
    The extra fields are added in People.Class.UserManager.php: if ($this->Context->Session->User->Permission('PERMISSION_EDIT_USERS') || $this->Context->Session->User->Permission('PERMISSION_APPROVE_APPLICANTS') || $this->Context->Session->User->Permission('PERMISSION_CHANGE_USER_ROLE')) { $s->SearchFields[] = 'u.FirstName'; $s->SearchFields[] = 'u.LastName'; $s->SearchFields[] = 'u.Email'; }
  • ScorpionScorpion
    Thanks for that. I didn't see the substrings in the email addresses because they're all set to display as 'n/a' unless you go to edit the personal info.
This discussion has been closed.