Description of problem: At com.arsdigita.ui.admin.UserForm.java:258: query.addFilter("userID != " + userID); addFilter is called by appending a string from a request parameter. This fails for negative numbers, because the negative sign is interpreted as part of the '!=' operator (i.e. as '!=-'). userID should be passed to the filter using a bind variable: Filter filter = query.addFilter("userID != :userID"); filter.set("userID", userID); Version-Release number of selected component (if applicable): 5.3.0.AUTO.02.18.2003 How reproducible: Reproducible Steps to Reproduce: 1. Login as the administrator user 2. Navigate to the admin UI (<site_root>/admin/) 3. Browse Users 4. Select a User with a negative User ID 5. Click Edit User 6. Modify an attribute, and click Save The error occurs. Actual results: A PersistenceException is thrown. Expected results: The user information should be modified.
You get +2 karma for the catch. [16:15] <richardl_home> ccmbot: rank ostewart [16:15] <ccmbot> ostewart has 2 points of karma (rank 243).
Fixed @27513. Should show up in the nightlies.