News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

[930] Undefined index: id_member in /Sources/Security.php

Started by FfdG, July 30, 2012, 11:23:53 AM

Previous topic - Next topic

FfdG

Bug is closed, but I am able to reproduce the error. With my setup (SMF 2.0.2) this only happens with uzbl browser (2011.11.28. webkit-gtk 1.8.1-r201) and the difference is in the capitalization of the array keys:

FF/Opera:

    [ban] => Array
        (
            [last_checked] => 1343659382
            [id_member] => 0
            [ip] => ...
            [ip2] => ...
            [email] =>
        )


vs. uzbl:

    [ban] => Array
        (
            [last_checked] => 1343651233
            [ID_MEMBER] => 0
            [ip] => ...
            [ip2] => ...
            [email] =>
        )

emanuele

Hello FfdG,

thanks for the report!

Could you please explain how and where did you obtain that two arrays? (where did you put the code in particular)
Could you please check in you Security.php at line 236 what you have?
Could you also please report exactly the error message? (line 202 in the current Security.php doesn't have anything to do with id_member)


Take a peek at what I'm doing! ;D




Hai bisogno di supporto in Italiano?

Aiutateci ad aiutarvi: spiegate bene il vostro problema: no, "non funziona" non è una spiegazione!!
1) Cosa fai,
2) cosa ti aspetti,
3) cosa ottieni.

FfdG

Hi,
Quote from: emanuele on July 30, 2012, 11:38:58 AM
Could you please explain how and where did you obtain that two arrays? (where did you put the code in particular)
Could you please check in you Security.php at line 236 what you have?
Could you also please report exactly the error message? (line 202 in the current Security.php doesn't have anything to do with id_member)

I added print_r statements() for $_SESSION, $modSettings and $user_info in front of

// Only check the ban every so often. (to reduce load.)
if ($forceCheck || !isset($_SESSION['ban']) || empty($modSettings['banLastUpdated']) || ($_SESSION['ban']['last_checked'] < $modSettings['banLastUpdated']) || $_SESSION['ban']['id_member'] != $user_info['id'] || $_SESSION['ban']['ip'] != $user_info['ip'] || $_SESSION['ban']['ip2'] != $user_info['ip2'] || (isset($user_info['email'], $_SESSION['ban']['email']) && $_SESSION['ban']['email'] != $user_info['email']))
{
// Innocent until proven guilty.  (but we know you are! :P)
$_SESSION['ban'] = array(
'last_checked' => time(),
'id_member' => $user_info['id'],
'ip' => $user_info['ip'],
'ip2' => $user_info['ip2'],
'email' => $user_info['email'],
);

in is_not_banned(). Error message is:
8: Undefined index: id_member
File: /path/Sources/Security.php
Line: 231

Line 231 is the if statement.

Oldiesmann

I can't figure out how the browser you use would have any effect on the session variable.

The only place where ID_MEMBER appears in 2.0 is in Subs-Members.php (the "$current_ID_MEMBER" variable).

The only thing I can suggest would be to add this code before that if statement:

if (!empty($_SESSION['ban']['ID_MEMBER']))
{
    $_SESSION['ban']['id_member'] = $_SESSION['ban']['ID_MEMBER'];
}
Michael Eshom
Christian Metal Fans

FfdG

I think I found the cause. I recently upgraded from 1.1.16 to 2.0.2 and uzbl somehow got the old sessions (I restarted the browsers different times)?! Compare 1.1.x:
$_SESSION['ban']['ID_MEMBER'] != $ID_MEMBER
and 2.0.x:
$_SESSION['ban']['id_member'] != $user_info['id']
Now everything works fine.

emanuele

Ahh...okay, that does make sense! (And probably it explain why it was not possible to repeat I guess)

Anyway that part of the bans is not exactly the best I think, probably we should do some checks...

Thanks for digging into the issue FfdG! :)


Take a peek at what I'm doing! ;D




Hai bisogno di supporto in Italiano?

Aiutateci ad aiutarvi: spiegate bene il vostro problema: no, "non funziona" non è una spiegazione!!
1) Cosa fai,
2) cosa ti aspetti,
3) cosa ottieni.

Arantor

Since this only occurs on upgrades from 1.1.x to 2.0, and only occurs until the session disappears and gets regenerated (or the ban check kicks in again), I'm inclined to not worry about this too much at this stage.

Advertisement: