Dear Phil. > Firstly, if it is a security issue this is not the right place to > report it. You should be using the existing method: > http://drupal.org/security-team#report-issue
Website down. > Can you be more exact than "The number of rows seems too large"? > Either it's right or wrong. If it's wrong, what is the right number? > And if it's wrong, is the SQL statment wrong, the processing that > comes next or somewhere else? I see no need to run an SQL query resulting in 21.000 rows which are then processed using PHP row-by-row for the sole interest of displaying in a bloc with last and next link. The query takes time to process. An attacker only needs to connect to several different forum pages at the same time. It can overflod the database, not PHP. As I am new on the list, I will stop here. It is not my business to fix this kind of query (if it is wrong). If I were right, you would probably have already fixed it. Kind regards, Jean-Michel
signature.asc
Description: Ceci est une partie de message numériquement signée
