From 65ac2721791a040ea0da6833c11022fb2c06533c Mon Sep 17 00:00:00 2001
From: Daniel Dadap <daniel@dadap.net>
Date: Fri, 6 Jul 2018 03:51:04 -0500
Subject: [PATCH] Include pwg_token in user list POST request (Fixes #748)
 (#866)

* user list: set pwg_token in POST data to user_list_backend.php

The POST data for the user data table request was empty, which could
cause user data retrieval to error out with HTTP 403 due to missing
the authentication token.

* user_list_backend: fix uninitialized variables

If iSortCol_0, sEcho, or sSearch are unset in the HTTP request, it
could cause variables to be uninitialized, potentially causing error
messages to be included in the HTTP response. These error messages,
if present, can prevent the JSON response from being parsed.

* user list: delete unnecessary quotes

Javascript object key names don't generally need to be quoted.
Remove some quotes that were introduced by a recent change that added
a body to the AJAX POST request to retrieve the user list.
---
 admin/themes/default/template/user_list.tpl |  8 +++++++-
 admin/user_list_backend.php                 | 10 ++++++----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/admin/themes/default/template/user_list.tpl b/admin/themes/default/template/user_list.tpl
index 79abbe985..4b255dc01 100644
--- a/admin/themes/default/template/user_list.tpl
+++ b/admin/themes/default/template/user_list.tpl
@@ -615,7 +615,13 @@ jQuery(document).on('click', '.close-user-details',  function(e) {
     processing: true,
     serverSide: true,
 		serverMethod: "POST",
-    ajaxSource: "admin/user_list_backend.php",
+    ajax: {
+        url : "admin/user_list_backend.php",
+        type : "POST",
+        data : {
+            pwg_token : pwg_token
+        }
+    },
 		pagingType: "simple",
     language: {
       processing: "{/literal}{'Loading...'|translate|escape:'javascript'}{literal}",
diff --git a/admin/user_list_backend.php b/admin/user_list_backend.php
index 50673fae0..87509a4bc 100644
--- a/admin/user_list_backend.php
+++ b/admin/user_list_backend.php
@@ -70,7 +70,8 @@ if ( isset( $_REQUEST['iDisplayStart'] ) && $_REQUEST['iDisplayLength'] != '-1'
   $sLimit = "LIMIT ".$_REQUEST['iDisplayStart'].", ".$_REQUEST['iDisplayLength'];
 }
 	
-	
+$sOrder = "";
+
 /*
  * Ordering
  */
@@ -104,7 +105,7 @@ if ( isset( $_REQUEST['iSortCol_0'] ) )
  * on very large tables, and MySQL's regex functionality is very limited
  */
 $sWhere = "";
-if ( $_REQUEST['sSearch'] != "" )
+if ( isSet( $_REQUEST['sSearch']) && $_REQUEST['sSearch'] != "" )
 {
   $sWhere = "WHERE (";
   for ( $i=0 ; $i<count($aColumns) ; $i++ )
@@ -161,12 +162,13 @@ $rResultTotal = pwg_query($sQuery);
 $aResultTotal = pwg_db_fetch_array($rResultTotal);
 $iTotal = $aResultTotal[0];
 	
-	
+$sEcho = isSet($_REQUEST['sEcho']) ? intval($_REQUEST['sEcho']) : 0;
+
 /*
  * Output
  */
 $output = array(
-  "sEcho" => intval($_REQUEST['sEcho']),
+  "sEcho" => $sEcho,
   "iTotalRecords" => $iTotal,
   "iTotalDisplayRecords" => $iFilteredTotal,
   "aaData" => array()