inGroup() in Concrete/Core/User/User

Permalink 1 0 Browser Info Environment
When $g is non-existing the method gives an error.

public function inGroup($g)
    {
        $app = Application::getFacadeApplication();
        $db = $app['database']->connection();
        $v = array($this->uID);
        $cnt = $db->GetOne("select Groups.gID from UserGroups inner join " . $db->getDatabasePlatform()->quoteSingleIdentifier('Groups') . " on UserGroups.gID = Groups.gID where uID = ? and gPath like " . $db->quote($g->getGroupPath() . '%'), $v);
        return $cnt > 0;
    }

should be:
public function inGroup($g)
    {
        if (!is_object($g)) return false;
        $app = Application::getFacadeApplication();
        $db = $app['database']->connection();
        $v = array($this->uID);
        $cnt = $db->GetOne("select Groups.gID from UserGroups inner join " . $db->getDatabasePlatform()->quoteSingleIdentifier('Groups') . " on UserGroups.gID = Groups.gID where uID = ? and gPath like " . $db->quote($g->getGroupPath() . '%'), $v);
        return $cnt > 0;
    }


Status: New
DeWebmakers

concrete5 Environment Information

# concrete5 Version
Core Version - 8.5.2
Version Installed - 8.5.2
Database Version - 20190925072210

# Database Information
Version: 10.4.8-MariaDB
SQL Mode:

# concrete5 Packages
Block Designer (3.3.0), Block Designer Pro (3.0.1), Cardgate Payment Method (1.2), Community Store (2.1.10), Community Store Invoice (1.1), Community Store Postcode Based Shipping (2.0), Cookies Notice (1.3.4), ExchangeCore reCAPTCHA (1.1.1), Formidable (Full Version) (2.0.8), Image Optimizer (3.2.9), Instant Page Speed Magic (1.0.5), Remote Control (1.0.2), Start Theme (1.1)

# concrete5 Overrides
blocks/search/templates/card.php, blocks/search/templates/minibox.php, blocks/search/templates/row.php, blocks/search/templates, blocks/search, blocks/image/view.php, blocks/image, blocks/pure_cookies_notice/view.php, blocks/pure_cookies_notice/controller.php, blocks/pure_cookies_notice/view.js, blocks/pure_cookies_notice, blocks/content/template/default.php, blocks/content/template, blocks/content/view.php, blocks/content, blocks/formidable/templates/bootstrap_default/view.css, blocks/formidable/templates/bootstrap_default/view.php, blocks/formidable/templates/bootstrap_default, blocks/formidable/templates/bootstrap_horizontal/view.css, blocks/formidable/templates/bootstrap_horizontal/view.php, blocks/formidable/templates/bootstrap_horizontal, blocks/formidable/templates, blocks/formidable, controllers/single_page/dashboard/reports.php, controllers/single_page/dashboard/system/permissions/files.php, controllers/single_page/dashboard/system/permissions, controllers/single_page/dashboard/system, controllers/single_page/dashboard, controllers/single_page, elements/system_errors.php, elements/page_controls_header.php, attributes/address/controller.php, attributes/address/country_state.js, attributes/address/form.php, attributes/address/type_form.php, attributes/address, single_pages/page_not_found.php, single_pages/page_forbidden.php, single_pages/login.php, single_pages/dashboard/system/permissions/files.php, single_pages/dashboard/system/permissions, single_pages/dashboard/system, single_pages/dashboard, src/Concrete/User/User.php, src/Concrete/User, src/Concrete

# concrete5 Cache Settings
Block Cache - Off
Overrides Cache - Off
Full Page Caching - Off
Full Page Cache Lifetime - Every 6 hours (default setting).

# Server Software
Apache/2

# Server API
fpm-fcgi

# PHP Version
7.2.23

# PHP Extensions
bcmath, calendar, cgi-fcgi, Core, ctype, curl, date, dom, exif, fileinfo, filter, ftp, gd, gettext, hash, iconv, imagick, intl, json, libxml, mbstring, mysqli, mysqlnd, openssl, pcre, PDO, pdo_mysql, pdo_sqlite, Phar, posix, Reflection, session, SimpleXML, soap, sockets, sodium, SPL, sqlite3, standard, tokenizer, xml, xmlreader, xmlwriter, xsl, zip, zlib

# PHP Settings
max_execution_time - 300
log_errors_max_len - 1024
max_file_uploads - 20
max_input_nesting_level - 64
max_input_time - 300
max_input_vars - 5000
memory_limit - 256M
post_max_size - 64M
upload_max_filesize - 64M
mysqli.max_links - Unlimited
mysqli.max_persistent - Unlimited
pcre.backtrack_limit - 1000000
pcre.recursion_limit - 100000
session.cache_limiter - <i>no value</i>
session.gc_maxlifetime - 7200
soap.wsdl_cache_limit - 5

Browser User-Agent String

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36