Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.6.4

Bug #3099 Bad is_null() check in getAuthData($name = null)
Submitted: 2005-01-04 21:20 UTC
From: herojoker at nexgo dot de Assigned: yavo
Status: Closed Package: Auth
PHP Version: Irrelevant OS: Irrelevant
Roadmaps: (Not assigned)    
Subscription  


 [2005-01-04 21:20 UTC] herojoker at nexgo dot de
Description: ------------ In Auth.php on line 576 in getAuthData($name = null) is a check whether the passed parameter is not null. If it is not, the session value with the passed parameter is returned, but there is no assurance for the existence of the "returned" value. Reproduce code: --------------- The error causing method: function getAuthData($name = null) { if (!isset($this->session['data'])) { return null; } if (!is_null($name)) { return $this->session['data'][$name]; } return $this->session['data']; } The bad check is if (!is_null($name)) {...} You should add or change something like this: if (isset($this->session['data'][$name])) { return $this->session['data'][$name]; } Expected result: ---------------- There should be no PHP error when asking for non existent session values. Actual result: -------------- If you ask for a non existent value there will be even an error thrown "Undefined index:...".

Comments

 [2005-01-04 21:22 UTC] herojoker at nexgo dot de
I hope you will fix it soon, Thx, Hero Wanders
 [2005-01-04 22:31 UTC] herojoker at nexgo dot de
You should better use the following code. It meets the description of the method and returns what the user expects. function getAuthData($name = null) { if (!isset($this->session['data'])) { return null; } if (is_null($name)) { return $this->session['data']; } if (isset($this->session['data'][$name])) { return $this->session['data'][$name]; } else { return null; } }
 [2005-02-16 08:32 UTC] yavo
This bug has been fixed in CVS. In case this was a documentation problem, the fix will show up at the end of next Sunday (CET) on pear.php.net. In case this was a pear.php.net website problem, the change will show up on the website in short time. Thank you for the report, and for helping us make PEAR better.