Dev: checkPassword on null

LimeSurvey · Nov 3, 2017 · 66ff11e · 66ff11e
1 parent 8cc8557
commit 66ff11e
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/application/core/plugins/Authdb/Authdb.php b/application/core/plugins/Authdb/Authdb.php
@@ -132,13 +132,15 @@ public function newUserSession()
               $this->setUsername($user->users_name);
           }
         }
-
         if ($user !== null && $user->uid != 1 && !Permission::model()->hasGlobalPermission('auth_db','read',$user->uid))
         {
             $this->setAuthFailure(self::ERROR_AUTH_METHOD_INVALID, gT('Internal database authentication method is not allowed for this user'));
             return;
         }
-
+        if ($user === null) {
+            $this->setAuthFailure(self::ERROR_USERNAME_INVALID);
+            return;
+        }
         if ($user !== null && ($username!=$user->users_name && $username!=$user->email)) // Control of equality for uppercase/lowercase with mysql
         {
             $this->setAuthFailure(self::ERROR_USERNAME_INVALID);