first check if user is an object before using it

2025-02-11 09:35:00 +00:00 · 2015-07-14 21:35:53 +02:00 · 2015-07-14 21:35:53 +02:00 · 889779113d
commit 889779113d
parent 9604076555
1 changed files with 6 additions and 5 deletions
--- a/inc/inc.Authentication.php
+++ b/inc/inc.Authentication.php
@ -69,6 +69,11 @@ if (!isset($_COOKIE["mydms_session"])) {
 	/* Load user data */

 	$user = $dms->getUser($resArr["userID"]);
+	if (!is_object($user)) {
+		setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
+		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+		exit;
+	}

 	/* Check if user was substituted */
 	if($resArr["su"] && $su = $dms->getUser($resArr["su"])) {
@ -79,11 +84,7 @@ if (!isset($_COOKIE["mydms_session"])) {
 			$session->resetSu();
 		}
 	}
-	if (!is_object($user)) {
-		setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
-		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
-		exit;
-	}
+
 	$theme = $resArr["theme"];
 	$lang = $resArr["language"];
 }