Unexpected error on invalid validation hash.
21 views
Skip to first unread message
Oscar Buijten
Dec 14, 2015, 3:42:47 PM12/14/15
to uFlex
Hi there,
Currently I am rewrting an app for which I use the latest version of uFlex.
So far so good, but when I simulate a fake validation code I get this: Notice: Undefined property via __get(): Confirmation in /path/to/vendor/ptejada/uflex/src/User.php on line 675 in /path/to/vendor/ptejada/uflex/src/UserBase.php on line 168
The link looks like this: http://my.domain.eu/?a=120135981938N6e3e01677d25a8c83fea479d767
This is the code snippet I use (nearly at the top of index.php)
//Activating a new account
if (isset($_GET['a']))
{
$hash = $_GET['a'];
$activated = $user->activate($hash);
}
Doing something wrong? Would this be a bug?
Any suggestion to better handle this?
Looking forward to any feedback,
Oscar
Pablo Tejada
Dec 15, 2015, 12:24:08 AM12/15/15
to uFlex
Hey Oscar,
Is very likely this has to do with your database. Form which version are you upgrading from?
Either way check sql scripts in https://github.com/ptejada/uFlex/tree/master/db
And make sure the Confirmations column is in your Users table.
--
Project's home page http://ptejada.com/projects/uFlex/
---
You received this message because you are subscribed to the Google Groups "uFlex" group.
To unsubscribe from this group and stop receiving emails from it, send an email to uflex+un...@googlegroups.com.
To post to this group, send email to uf...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/uflex/98974a45-bdd4-4a5c-8ac0-775371844132%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Sincerely,
Pablo Tejada
From Mobile
Oscar Buijten
Dec 15, 2015, 4:53:48 PM12/15/15
to uFlex
Thanks Pablo.
It's a fresh install.
I can register and logon. That's all fine.
Was just verifying what would happen if someone would try to use an invalid hash, e.g. hack attack...
You might be able to simulate it?
Oscar
Pablo Tejada
Dec 15, 2015, 6:42:14 PM12/15/15
to uFlex
Interesting...
I will check the unit test and see if this scenario is covered. Will post my findings and patch in this thread.
Thank you.
To view this discussion on the web visit https://groups.google.com/d/msgid/uflex/f334b4b4-7cef-4ab9-8f18-8261e99df3df%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Pablo Tejada
Dec 15, 2015, 10:10:14 PM12/15/15
to uFlex
Oscar,
The PHP notice has been resolved. Also updated the unit test to cover this scenario.
Thank you,
Ano Nymous
Dec 29, 2015, 5:59:46 PM12/29/15
to uFlex
over $_GET .... a hash?
You thought about urldecode()?
You thought about urldecode()?
Pablo Tejada
Dec 29, 2015, 6:51:58 PM12/29/15
to uFlex
Hi Ano,
Can you please elaborate?
Thank you.
To view this discussion on the web visit https://groups.google.com/d/msgid/uflex/b8e3d0e8-b1c1-486e-bad9-a7fb7aa580d3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages