From f6c58d14e3e156bce6e166b8e4f9fbd9cd78f9d4 Mon Sep 17 00:00:00 2001
From: Vincent Zanotti <vincent.zanotti@m4x.org>
Date: Sat, 11 Apr 2009 03:17:34 +0200
Subject: [PATCH] Adds a safeguard in User::getLogin to prevent a null/empty
 login from returning a valid but random profile.

Signed-off-by: Vincent Zanotti <vincent.zanotti@m4x.org>
---
 classes/user.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/classes/user.php b/classes/user.php
index 8b9e141..f633e4e 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -26,6 +26,10 @@ class User extends PlUser
     {
         global $globals;
 
+        if (!$login) {
+            throw new UserNotFoundException();
+        }
+
         // If $data is an integer, fetches directly the result.
         if (is_numeric($login)) {
             $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE user_id = {?}", $login);
-- 
2.1.4