Remove redundant check on user id in validate()

mantisbt · May 2, 2020 · 23c7247 · 23c7247
1 parent 0753c34
commit 23c7247
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/core/commands/UserResetPasswordCommand.php b/core/commands/UserResetPasswordCommand.php
@@ -59,7 +59,10 @@ function __construct( array $p_data ) {
 	 */
 	function validate() {
 		$this->user_id_reset = (int)$this->query( 'id', null );
-		if( $this->user_id_reset <= 0 || !user_exists( $this->user_id_reset ) ) {
+
+		# Make sure the account exists
+		$t_user = user_get_row( $this->user_id_reset );
+		if( $t_user === false ) {
 			throw new ClientException( 'Invalid user id', ERROR_INVALID_FIELD_VALUE, array( 'id' ) );
 		}
 
@@ -80,12 +83,6 @@ function validate() {
 			);
 		}
 
-		# @TODO this seems redundant with the check at beginning of function
-		$t_user = user_get_row( $this->user_id_reset );
-		if( $t_user === false ) { // cannot be
-			throw new ClientException( 'Invalid user id', ERROR_INVALID_FIELD_VALUE, array( 'id' ) );
-		}
-
 		# Ensure that the account to be reset is of equal or lower access than
 		# the current user.
 		if( !access_has_global_level( $t_user['access_level'] ) ) {