Project

General

Profile

Actions

Bug #104348

closed

Harden "fetchPossibleUsers" of the class "AbstractUserAuthentication"

Added by Eric Chavaillaz 4 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Authentication
Target version:
Start date:
2024-07-10
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
8.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

In the method "fetchPossibleUsers" of the class "AbstractUserAuthentication", the method "getUser" is called. This method return either an array or false.

In case of return of an empty array, the following condition is met (if (is_array($row))) and a PHP warning is thrown.

The condition must be hardened and check the the variable $row is an array and not an empty one.

Another possibility is to throw an exception if return is an array, but "uid" and "username" column are not in there.

Actions

Also available in: Atom PDF