Some say its justice, some call it irony, whatever the case may be, a bug in the world’s largest social network caused some privacy concerns among Facebook users.

A technical bug in the Facebook inappropriate photo reporting tool, caused private photos of users to be visible to non friends. The bug allowed you to click on a profile picture of any user to report it and then brought up a screen displaying other private non public shared photos the user could browse through to report as well.

The bug meant that users could access other users’ private photos even though they were set to private. CEO and founder of Facebook, Mark Zuckerberg, was used to demonstrate the exploit and caused many of his private photographs leaked to the internet. These photos included photos of him and his long time girlfriend, his dog, him and Barack Obama and even photos of him holding up a just slaughtered chicken.

Facebook has since responded with the following statement:

“Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously. The bug allowed anyone to view a limited number of another user’s most recently uploaded photos irrespective of the privacy settings for these photos. This was the result of one of our recent code pushes and was live for a limited period of time.

“Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed.”

With my latest project TweSMS I decided to go the json route with the twitter API. Now if you have worked with the twitter API before you would know that twitter has some serious big id values thus it was important to store these values in big int fields in the database.

I first discovered the bug when I had to get mention ids from twitter and saw that every time I get the same id returned, the id returned was 2147483647 the maximum value a 32 bit integer can store. After some investigation I found that the php5 json_decode function converted big int values to a normal 32bit integer. With the help of some regex I soon came up with a fix for this, the fix is to convert the integer to a string.

function jsonIntToStr($json){
$pattern = “/\”id\”:([0-9]+),/”;
$replace = “\”id\”:\”$1\”,”;
$new_json = preg_replace($pattern, $replace, $json);
return $new_json;
}

To use this replace id with the json fields you are trying to convert to string and call it like this json_decode(jsonIntToStr($jsonstring))