public static function getInfo($params = array())
{
$results = array();
$url = 'http://google.com';
$props = array
(
'key' => Yii::app()->params['param1'],
's' => Yii::app()->params['param2']
);
if (!empty($params))
{
$props = array_merge($props, $params);
$url = $url . http_build_query($props, '', '/');
It may be possible that params has unsafe data in it. The previous dev did
not validate the data passed in via get.
The code populating params looks like:
$params = array
(
'd' => $_GET['d'],
);
$job = Job::getInfo($params);
On Mon, Oct 7, 2013 at 9:29 AM, Stuart Dallas <[email protected]> wrote:
> On 7 Oct 2013, at 14:24, Michael Alaimo <[email protected]> wrote:
>
> > We have a server that gets a large number of requests each month.
> >
> > After a period of time I began to see this error in our error logs this
> > weekend.
> >
> > PHP Fatal error: Call to undefined function ()
> >
> > It does not reference a function, so I found it odd. It did give a line
> to
> > a function with array_merge on it.
> >
> > Has anyone seen this in the apache error logs? We are using PHP 5.3.3.
>
> Show us the line, and a few lines around it.
>
> -Stuart
>
> --
> Stuart Dallas
> 3ft9 Ltd
> http://3ft9.com/
>
