revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-21 22:32:41 +01:00
Code Issues Releases Wiki Activity

Fix PHP 8.1 "strlen(null)" exception on LDAP login without password

Browse source 
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

Note: This patch also corrects two further `strlen()` occurrences with the same pattern.

```
ERROR 8192: strlen(): Passing null to parameter #1 ($string) of type string is deprecated at [/var/www/html/phorge/phorge/src/applications/auth/provider/PhabricatorLDAPAuthProvider.php:145]
```

Closes T15893

Test Plan: Create an LDAP user without setting their password; try to log into Phabricator with that user via the LDAP auth provider.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15893

Differential Revision: https://we.phorge.it/D25748
This commit is contained in:
Andre Klapper 2024-07-26 16:45:05 +02:00
parent 903015312a
commit 7909f6a919
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/applications/auth/provider/PhabricatorLDAPAuthProvider.php
View file

@ -142,10 +142,10 @@ final class PhabricatorLDAPAuthProvider extends PhabricatorAuthProvider {
$username = $request->getStr('ldap_username');
$password = $request->getStr('ldap_password');
$has_password = strlen($password);
$has_password = phutil_nonempty_string($password);
$password = new PhutilOpaqueEnvelope($password);
if (!strlen($username) || !$has_password) {
if (!phutil_nonempty_string($username) || !$has_password) {
$response = $controller->buildProviderPageResponse(
$this,
$this->renderLoginForm($request, 'login'));
@ -154,7 +154,7 @@ final class PhabricatorLDAPAuthProvider extends PhabricatorAuthProvider {
if ($request->isFormPost()) {
try {
if (strlen($username) && $has_password) {
if (phutil_nonempty_string($username) && $has_password) {
$adapter = $this->getAdapter();
$adapter->setLoginUsername($username);
$adapter->setLoginPassword($password);