From 85cead8ab00b13abaa7f729052792fc845756857 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 26 Mar 2016 23:56:38 -0400
Subject: Fix bug in Framework::getCurrentUser() function

If, by some means, the GUID for a logged in user is not valid, that session should be terminated ("$this->setCurrentUser();")
This might happen if the database gets flushed, or if an account gets removed while it is in use...
---
 app/class/framework.class.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/class/framework.class.php b/app/class/framework.class.php
index 74c4b14..4223d68 100644
--- a/app/class/framework.class.php
+++ b/app/class/framework.class.php
@@ -57,7 +57,14 @@ abstract class Framework
     function getCurrentUser()
     {
         if (isset($_SESSION['userguid']))
-            return new User($_SESSION['userguid']);
+        {
+            $user = new User($_SESSION['userguid']);
+
+            if ($user->type == "user")
+                return $user;
+
+            $this->setCurrentUser();
+        }
 
         return false;
     }
-- 
cgit v1.2.3