mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-25 16:22:43 +01:00
Fix PHP 8.1 "strlen(null)" exceptions which block adding 2FA factor
Summary: `strlen()` was used in Phabricator to check if a generic value is a non-empty string. This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement. Note: this may highlight other absurd input values that might be worth correcting instead of just ignoring. If phutil_nonempty_string() throws an exception in your instance, report it to Phorge to evaluate and fix that specific corner case. Closes T15388 Test Plan: Applied these two changes; afterwards managed to add a 2FA factor and `/settings/user/username/page/multifactor/?id=1` correctly listed mys Authentication Factors. Additional tests: - Unset any eventual personal MFA - Setup a personal MFA - Login/Logout using the MFA - Remove a personal MFA - Setup a personal enroll message from /auth/mfa/1/ - Setup a personal MFA - Login/Logout using the MFA - (then cleanup removing your test MFA) Reviewers: O1 Blessed Committers, valerio.bozzolan Reviewed By: O1 Blessed Committers, valerio.bozzolan Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno Maniphest Tasks: T15388 Differential Revision: https://we.phorge.it/D25219
This commit is contained in:
parent
10fae71a04
commit
d95200da91
2 changed files with 3 additions and 3 deletions
|
@ -413,8 +413,8 @@ abstract class PhabricatorAuthFactor extends Phobject {
|
|||
$sync_type = PhabricatorAuthMFASyncTemporaryTokenType::TOKENTYPE;
|
||||
$sync_token = null;
|
||||
|
||||
$sync_key = $request->getStr($this->getMFASyncTokenFormKey());
|
||||
if (strlen($sync_key)) {
|
||||
$sync_key = $request->getStr($this->getMFASyncTokenFormKey(), '');
|
||||
if ($sync_key !== '') {
|
||||
$sync_key_digest = PhabricatorHash::digestWithNamedKey(
|
||||
$sync_key,
|
||||
PhabricatorAuthMFASyncTemporaryTokenType::DIGEST_KEY);
|
||||
|
|
|
@ -257,7 +257,7 @@ final class PhabricatorMultiFactorSettingsPanel
|
|||
// example, with SMS).
|
||||
if (!$request->isFormPost() || !$request->getBool('mfa.start')) {
|
||||
$enroll = $selected_provider->getEnrollMessage();
|
||||
if (!strlen($enroll)) {
|
||||
if (!phutil_nonempty_string($enroll)) {
|
||||
$enroll = $selected_provider->getEnrollDescription($viewer);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue