Undefined index: xxxx in views_handler_filter->accept_exposed_input() line 1273 of views/handlers/views_handler_filter.inc). [#2447227]

Hi,
this is causing very bad issues as when accept_exposed_input crashes, all users or nodes get returned, which is very bad for security, clearing the cache fixes it,
Stephen :)

LOCATION	https://mywebsite.com/group/node/1065/admin/people?uid=&page=1&order=name&sort=desc
LOCATION	https://mywebsite.com/group/node/1065/admin/people
MESSAGE	Notice: Undefined index: state in views_handler_filter->accept_exposed_input() (line 1273 of /www/htdocs/sites/all/modules/contrib/views/handlers/views_handler_filter.inc).


for a group calendar or a members faces page:

Undefined index: gid in views_handler_filter->accept_exposed_input() (line 1273 of /www/htdocs/sites/all/modules/contrib/views/handlers/views_handler_filter.inc).

Comments

Comment #1

StephenRobinson CreditAttribution: StephenRobinson commented 6 March 2015 at 12:35

I have blocked such requests:

      ////////// Patched By Stephen //////////
      // $value = $input[$this->options['expose']['identifier']]; removed
      $value = '';
      if(isset($input[$this->options['expose']['identifier']])){
        $value = $input[$this->options['expose']['identifier']];
      }
      else{
        watchdog('accept_exposed_input-error', 'this<pre>'.htmlspecialchars(print_r($this,1)).'</pre>');
        watchdog('accept_exposed_input-error', 'input<pre>'.htmlspecialchars(print_r($input,1)).'</pre>');
        drupal_set_message('Sorry there is a cache crash so couldn\'t show you this page, ask the administrator to clear the cache');
        drupal_access_denied();
      }
     ////////// Patched By Stephen ///////////////

Comment #2

StephenRobinson CreditAttribution: StephenRobinson commented 29 April 2015 at 11:13

had another cache crash, this didnt help, added a custom calendar-item.tpl.php with some extra code, e.g.:


  if(strpos($_SERVER['REQUEST_URI'], '/groups/calendar?group=')===0){
    if(!isset($item->entity->og_group_ref['und'][0]['target_id'])){
      $rendered_fields=array(' ');
    }
    elseif($item->entity->og_group_ref['und'][0]['target_id']!=(int)str_replace('/groups/calendar?group=', '', $_SERVER['REQUEST_URI'])){
      $rendered_fields=array(' ');
    }
  }