Trivial When a user has no existing session and tries to log in, a notice is raised:
PHP Notice: Undefined index: session_page in phpbb/session.php on line 1649
{{ #0 includes/functions.php(4285): phpbb\session->update_session_infos() }}
{{ #1 includes/functions.php(2574): page_header('Login')}}
{{ #2 phpbb/session.php(1292): login_box('index.php')}}
{{ #3 phpbb/session.php(1353): phpbb\session->check_ban(1, Array)}}
{{ #4 phpbb/session.php(690): phpbb\session->check_ban_for_current_session(Object(phpbb\config\db)) }}
{{ #5 phpbb/session.php(505): phpbb\session->session_create()}}
{{ #6 ucp.php(40): phpbb\session->session_begin()}}
{{ #7 {main}}}
Adding an isset guard on the variable avoids raising a notice:
}}{{--- a/phpbb/session.php
+++ b/phpbb/session.php
@@ -1646,7 +1646,7 @@ class session
{{ }}}
{{ // Do not update the session page for ajax requests, so the view online still works as intended}}
- $page_changed = $this->update_session_page && $this->data['session_page'] != $this->page['page'] && !$request->is_ajax();
+ $page_changed = $this->update_session_page && (!isset($this->data['session_page']) || $this->data['session_page'] != $this->page['page']) && !$request->is_ajax();
{{ // Only update session DB a minute or so after last update or if page changes}}
{{ if ($this->time_now - (isset($this->data['session_time']) ? $this->data['session_time'] : 0) > 60 || $page_changed)}}
The backtrace is from 3.2.9, the problem also exists in 3.3.0.
- depends on
-
PHPBB-16706 Undefined array key when user is banned
-
- Closed
-
- was obsoleted by solution of
-
-
- Closed
-