Authenticate Problem on php 8 #353
Comments
|
A pull request for this one: |
|
By doing if (isset($_REQUEST['state']) && ($_REQUEST['state'] !== $this->getState())) {Don't you bypass the state check if the state is not set? I assume you want something like if (!isset($_REQUEST['state']) || ($_REQUEST['state'] !== $this->getState())) {As you are then throwing the exception if the state is not set, instead of bypassing it. |
|
Hi @LauJosefsen, you are correct. I changed my code. |
azmeuk
added a commit
that referenced
this issue
Mar 16, 2023
Add an extra check on $_REQUEST['state'] (issue #353)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If you use this library on a php 8 project with php warnings enabled you experience this problem.
In OpenIDConnectClient class, in authenticate method there will be a warning in line 341 $_REQUEST['state'] that the state in not defined.
And after this error you get this error Warning: Cannot modify header information - headers already sent by... and then it fails.
I will provide a pull request, with an extra check if $_REQUEST['state'] exists.
The text was updated successfully, but these errors were encountered: