Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.6.4

Bug #10785 STRICT error
Submitted: 2007-04-20 08:33 UTC
From: allixsenos Assigned: aashley
Status: Closed Package: Auth (version 1.5.1)
PHP Version: 5.2.1 OS: Windows Vista
Roadmaps: 1.5.2    
Subscription  


 [2007-04-20 08:33 UTC] allixsenos (Luka Kladaric)
Description: ------------ with Strict errors on, on first access to an Auth-enabled site I get Notice: Undefined index: username in C:\wamp\php\PEAR\Auth.php on line 1021

Comments

 [2007-04-20 09:49 UTC] berdir (Sascha Grossenbacher)
Line 1021 is inside the logout function. It seems that you call logout() before someone is logged in. The error is easily fixable but perhabs you should remove that logout() call. Imho the best fix would be to only call the logout callback if there was someone logged in before.
 [2007-04-20 09:58 UTC] allixsenos (Luka Kladaric)
ok I added an additional check to my code so the logout is not called if $_SESSION['username'] is not set, but I do think that Auth::logout() should not be throwing errors, whatever the scenario of it's call may be
 [2007-04-20 21:15 UTC] berdir (Sascha Grossenbacher)
this is true, I already added a patch with the bugfix, there should be gone with that.. The fix simply calls the logout callback only if actually someone gets logged out. But I can't add the patch to cvs/new version, this must be done from some who has the right karma(=permissions). But I am sure, it will.. PS: It's better to check $auth->checkAuth(), not directly $_SESSION
 [2007-06-12 02:59 UTC] aashley (Adam Ashley)
This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. I used a similar fix to Sascha's but calling checkAuth() at that point can cause an infinite loop if checkAuth() feels the session should be ended (timeout, security violation, etc).