From: Marcel Werk Date: Mon, 14 Sep 2020 11:51:37 +0000 (+0200) Subject: Expired session during google auth led to a SystemException X-Git-Tag: 5.3.0_Beta_1~33 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=740ece8da10177354ab904f9aeb6ea914741c025;p=GitHub%2FWoltLab%2FWCF.git Expired session during google auth led to a SystemException --- diff --git a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php index d3f349afa8..841c5b2f7d 100644 --- a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php +++ b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php @@ -67,7 +67,7 @@ class GoogleAuthAction extends AbstractAction { } // validate state, validation of state is executed after fetching the access_token to invalidate 'code' - if (!isset($_GET['state']) || !\hash_equals(WCF::getSession()->getVar('__googleInit'), $_GET['state'])) throw new IllegalLinkException(); + if (!isset($_GET['state']) || !WCF::getSession()->getVar('__googleInit') || !\hash_equals(WCF::getSession()->getVar('__googleInit'), $_GET['state'])) throw new IllegalLinkException(); WCF::getSession()->unregister('__googleInit'); $data = JSON::decode($content);