From 8915bd1b2109eb561e38752b6574b6ba5c266600 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Thu, 25 Feb 2021 18:21:48 +0300
Subject: fix crash caused by non-numeric non-null _SESSION[uid] passed to sql
 logger

---
 classes/logger/sql.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'classes/logger')

diff --git a/classes/logger/sql.php b/classes/logger/sql.php
index f88621fbe..d21934aa6 100755
--- a/classes/logger/sql.php
+++ b/classes/logger/sql.php
@@ -32,10 +32,14 @@ class Logger_SQL implements Logger_Adapter {
 			$errstr = UConverter::transcode($errstr, 'UTF-8', 'UTF-8');
 			$context = UConverter::transcode($context, 'UTF-8', 'UTF-8');
 
+			// can't use $_SESSION["uid"] ?? null because what if its, for example, false? or zero?
+			// this would cause a PDOException on insert below
+			$owner_uid = !empty($_SESSION["uid"]) ? $_SESSION["uid"] : null;
+
 			$sth = $this->pdo->prepare("INSERT INTO ttrss_error_log
 				(errno, errstr, filename, lineno, context, owner_uid, created_at) VALUES
 				(?, ?, ?, ?, ?, ?, NOW())");
-			$sth->execute([$errno, $errstr, $file, $line, $context, $_SESSION["uid"] ?? null]);
+			$sth->execute([$errno, $errstr, $file, (int)$line, $context, $owner_uid]);
 
 			return $sth->rowCount();
 		}
-- 
cgit v1.2.3