Leahnaya/pokemon-showdown-client
1
0
Fork 0
mirror of https://github.com/smogon/pokemon-showdown-client.git synced 2026-03-21 17:50:29 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix /users/0

Browse Source 
The website API now reports userid '0' as an unregistered user.

Apparently PHP treats the string '0' as falsy. In the interests of
not overhauling literally all our APIs, I've decided to only change
the code in the website API. The rest doesn't need to be changed
because number-only userids haven't been allowed for a very long
time.

Fixes https://github.com/smogon/pokemon-showdown/pull/7704
This commit is contained in:
Guangcong Luo 2020-11-17 20:43:23 -05:00
parent 4f05461a6e
commit 4df93cd077
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/ntbb-session.lib.php
View File

@ -404,6 +404,7 @@ class NTBBSession {
function getUser($userid=false) {
global $psdb, $curuser;
if ($userid === '0') return false;
if (is_array($userid)) $userid = $userid['userid'];
$userid = $this->userid($userid);
if (!$userid ||

12
website/users.php
View File

@ -84,10 +84,14 @@ $formats = array(
'gen1ou' => '[Gen 1] OU',
);
if (@$_REQUEST['user']) {
$userid = $users->userid(@$_REQUEST['user']);
if (isset($_REQUEST['user']) && strlen($_REQUEST['user'])) {
$userid = $users->userid($_REQUEST['user']);
// 0 is falsy
// I'm hardcoding here to fix a crash, but the rest of the system
// should continue to reject 0 as a valid userid
if ($_REQUEST['user'] === '0') $userid = '0';
if (!$userid) {
if (!strlen($userid)) {
header('HTTP/1.1 404 Not Found');
die("Invalid userid");
}
@ -113,7 +117,7 @@ if (@$_REQUEST['user']) {
}
if ($authLevel >= 3) {
file_put_contents(__DIR__ . '/../config/altaccesslog.txt', "{$curuser['username']} - $userid\n", FILE_APPEND);
//file_put_contents(__DIR__ . '/../config/altaccesslog.txt', "{$curuser['username']} - $userid\n", FILE_APPEND);
}
if (isset($_REQUEST['json'])) {