Author: dsc
Description:
Line 307 in 'includes/SpecialUserlogin.php' is:
$u =& $this->initUser( $u );
The signature of the 'initUser' method on line 268 is:
function &initUser( &$u ) {
return $u;
}
The combination of this use of references means that after calling '$u =&
$this->initUser( $u );', $u will always be an empty object.
Since 'initUser' is a method that takes a reference to a user object and
modifies it, there's no need for it to return anything at all, and there's no
need to assign its return value to the object it is modifying.
Some trivial php code which demonstrates the problem:
<?php
class user {
var $name = 'Foo';
}
function &initUser(&$u) {
$u->name = 'Bar'; return $u;
}
$u = new User();
print_r($u);
$u =& initUser($u);
print_r($u);
?>
The code above prints:
user Object
(
[name] => Foo
)
user Object
(
)
Similarly, if you print the value of $u before and after line 307 of
SpecialUserlogin.php, you'll find same thing happens to it.
Version: 1.6.x
Severity: normal
OS: Linux
Platform: PC