From 35826189ec0a97d82a414675023606e6fdef5389 Mon Sep 17 00:00:00 2001 From: Tim Moritz Date: Thu, 14 Apr 2022 16:40:15 +0200 Subject: [PATCH 1/2] check if the user of the session is in the database --- bl-kernel/login.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bl-kernel/login.class.php b/bl-kernel/login.class.php index 7d9352ad..463a9602 100644 --- a/bl-kernel/login.class.php +++ b/bl-kernel/login.class.php @@ -48,10 +48,10 @@ class Login { { if (Session::get('fingerPrint')===$this->fingerPrint()) { $username = Session::get('username'); - if (!empty($username)) { + if (!empty($username) && $this->users->getUserDB($username) !== false) { return true; } else { - Log::set(__METHOD__.LOG_SEP.'Session username empty, destroying the session.'); + Log::set(__METHOD__.LOG_SEP.'Session username empty or user not found, destroying the session.'); Session::destroy(); return false; } From 4a72c5968e4b069b99ae9257997531404cffed69 Mon Sep 17 00:00:00 2001 From: Tim Moritz Date: Mon, 9 May 2022 08:42:24 +0200 Subject: [PATCH 2/2] check if the user of the session is in the database - change method --- bl-kernel/login.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bl-kernel/login.class.php b/bl-kernel/login.class.php index 463a9602..bb86952d 100644 --- a/bl-kernel/login.class.php +++ b/bl-kernel/login.class.php @@ -48,7 +48,7 @@ class Login { { if (Session::get('fingerPrint')===$this->fingerPrint()) { $username = Session::get('username'); - if (!empty($username) && $this->users->getUserDB($username) !== false) { + if (!empty($username) && $this->users->exists($username)) { return true; } else { Log::set(__METHOD__.LOG_SEP.'Session username empty or user not found, destroying the session.');