diff options
| author | Andrew Dolgov <[email protected]> | 2021-02-25 18:21:48 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2021-02-25 18:21:48 +0300 |
| commit | 8915bd1b2109eb561e38752b6574b6ba5c266600 (patch) | |
| tree | b11b788af4f68eef01c27de89968e399e6457c36 /classes | |
| parent | 34c74400a471b31fea22ea85636f47c76d783710 (diff) | |
fix crash caused by non-numeric non-null _SESSION[uid] passed to sql logger
Diffstat (limited to 'classes')
| -rwxr-xr-x | classes/logger.php | 2 | ||||
| -rwxr-xr-x | classes/logger/sql.php | 6 | ||||
| -rw-r--r-- | classes/userhelper.php | 3 |
3 files changed, 8 insertions, 3 deletions
diff --git a/classes/logger.php b/classes/logger.php index ef77c7a05..864b66743 100755 --- a/classes/logger.php +++ b/classes/logger.php @@ -38,7 +38,7 @@ class Logger { return self::get_instance()->_log($errno, $errstr, $context); } - private function _log($errno, $errstr, $context = "") { + private function _log(int $errno, string $errstr, $context = "") { if ($this->adapter) return $this->adapter->log_error($errno, $errstr, '', 0, $context); else diff --git a/classes/logger/sql.php b/classes/logger/sql.php index f88621fbe..d21934aa6 100755 --- a/classes/logger/sql.php +++ b/classes/logger/sql.php @@ -32,10 +32,14 @@ class Logger_SQL implements Logger_Adapter { $errstr = UConverter::transcode($errstr, 'UTF-8', 'UTF-8'); $context = UConverter::transcode($context, 'UTF-8', 'UTF-8'); + // can't use $_SESSION["uid"] ?? null because what if its, for example, false? or zero? + // this would cause a PDOException on insert below + $owner_uid = !empty($_SESSION["uid"]) ? $_SESSION["uid"] : null; + $sth = $this->pdo->prepare("INSERT INTO ttrss_error_log (errno, errstr, filename, lineno, context, owner_uid, created_at) VALUES (?, ?, ?, ?, ?, ?, NOW())"); - $sth->execute([$errno, $errstr, $file, $line, $context, $_SESSION["uid"] ?? null]); + $sth->execute([$errno, $errstr, $file, (int)$line, $context, $owner_uid]); return $sth->rowCount(); } diff --git a/classes/userhelper.php b/classes/userhelper.php index 4edcaf368..998dec507 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -97,7 +97,8 @@ class UserHelper { startup_gettext(); self::load_user_plugins($_SESSION["uid"]); } else { - if (!\Sessions\validate_session()) $_SESSION["uid"] = false; + if (!\Sessions\validate_session()) + $_SESSION["uid"] = null; if (empty($_SESSION["uid"])) { |