From 759d025bb836d56f63550b4a0c12ce6b9f360266 Mon Sep 17 00:00:00 2001
From: Christoph Burschka
Date: Sun, 13 Apr 2014 23:44:16 +0200
Subject: Fix #3: Check session bridge before using it.

When config['session'] is not set, the session
bridge doesn't exist and should not be used.
---
 core/EjabberdAuth.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/EjabberdAuth.php b/core/EjabberdAuth.php
index d88c990..7817d64 100644
--- a/core/EjabberdAuth.php
+++ b/core/EjabberdAuth.php
@@ -11,7 +11,7 @@ class EjabberdAuth {
     $this->bridge = $bridge;
     $this->session = $session;
     $this->bridge->parent = $this;
-    $this->session->parent = $this;
+    if ($this->session) $this->session->parent = $this;
     if (!empty($config['log_path']) && is_dir($config['log_path']) && is_writable($config['log_path']))
       $this->logfile = fopen($config['log_path'] . 'activity-' . date('Y-m-d') . '.log', 'a');
     else $this->logfile = STDERR;
@@ -69,10 +69,10 @@ class EjabberdAuth {
 
     switch ($command) {
       case 'isuser':
-        return $this->session->isuser($username, $server) ||
+        return ($this->session && $this->session->isuser($username, $server)) ||
                $this->bridge->isuser($username, $server);
       case 'auth':
-        return $this->session->auth($username, $server, $password) ||
+        return ($this->session && $this->session->auth($username, $server, $password)) ||
                $this->bridge->auth($username, $server, $password);
       case 'setpass':
       case 'tryregister':
-- 
cgit v1.1