Won't fix XenForo_DataWriter_Helper_User

[silence]

Here is the function:

    public static function verifyUserId(&$user_id, XenForo_DataWriter $dw, $fieldName = false)
    {
        $db = XenForo_Application::getDb();
        $existing_user_id = $db->fetchOne('
                SELECT user_id
                FROM xf_user
                WHERE user_id = ?
            ', $user_id);

        if ($existing_user_id == $user_id)
        {
            return true;
        }

        $dw->error(new XenForo_Phrase('requested_user_not_found'), $fieldName);
        return false;
    }

Basically I'm using it to check if user_id 0 is valid. It queries `xf_user` for 0, returns false. Then it checks if the query and the parameter user_id are equal, and since false = 0, it returns true!

Soooooooooo yeah is this a glitch cause it feels like it is to me :C

 

[tyteen4a03]

Not sure what you are onto about - $existing_user_id should be null in your case.

Have you already tested with user_id 0?

 

[silence]

Not sure what you are onto about - $existing_user_id should be null in your case.

Have you already tested with user_id 0?

Yes and it returns true. I made a temp fix in my addon and just check if user_id is 0. If so, return false.

 

[Jon W]

Since $existing_user_id will always either equal $user_id or null, then why not just replace:

if ($existing_user_id == $user_id)
        {
            return true;
        }

with

if ($existing_user_id)
        {
            return true;
        }

 

[Mike]

This would potentially be a big BC break so this won't be changed for some period. If you need the behavior to be different, you'll need to run your own code.

 

[silence]

This would potentially be a big BC break so this won't be changed for some period. If you need the behavior to be different, you'll need to run your own code.

Ok already did! Thanks for the response!

 

[tyteen4a03]

This would potentially be a big BC break so this won't be changed for some period. If you need the behavior to be different, you'll need to run your own code.

Wouldn't it be a Future Fix then? Even if it means 2.0.

 

[Mike]

No, not necessarily. I'm not promising anything would change here - it's only debatably a bug, as there are various situations where a 0 user_id can be expected and allowed.