[BUGFIX] Avoid wrong SQL query in fe_login user group redirect

Ensure that no invalid group data is collected and check
if any group is set at all before running the SQL query.

Change-Id: I5792ff606d60ba5e5a108ed18c2ec91e354f85ff
Resolves: #64966
Releases: master, 6.2
Reviewed-on: https://review.typo3.org/39447
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Markus Klein <markus.klein@typo3.org>

diff --git a/typo3/sysext/felogin/Classes/Controller/FrontendLoginController.php b/typo3/sysext/felogin/Classes/Controller/FrontendLoginController.php
index 5391199..f53eeee 100644 (file)
--- a/typo3/sysext/felogin/Classes/Controller/FrontendLoginController.php
+++ b/typo3/sysext/felogin/Classes/Controller/FrontendLoginController.php
@@ -639,24 +639,26 @@ class FrontendLoginController extends \TYPO3\CMS\Frontend\Plugin\AbstractPlugin
                         case 'groupLogin':
                             // taken from dkd_redirect_at_login written by Ingmar Schlecht; database-field changed
                             $groupData = $this->frontendController->fe_user->groupData;
-                            $res = $this->databaseConnection->exec_SELECTquery(
-                                'felogin_redirectPid',
-                                $this->frontendController->fe_user->usergroup_table,
-                                'felogin_redirectPid<>\'\' AND uid IN (' . implode(',', $groupData['uid']) . ')'
-                            );
-                            if ($row = $this->databaseConnection->sql_fetch_row($res)) {
+                            if (!empty($groupData['uid'])) {
                                 // take the first group with a redirect page
-                                $redirect_url[] = $this->pi_getPageLink($row[0]);
+                                $row = $this->databaseConnection->exec_SELECTgetSingleRow(
+                                    'felogin_redirectPid',
+                                    $this->frontendController->fe_user->usergroup_table,
+                                    'felogin_redirectPid<>\'\' AND uid IN (' . implode(',', $groupData['uid']) . ')'
+                                );
+                                if ($row) {
+                                    $redirect_url[] = $this->pi_getPageLink($row['felogin_redirectPid']);
+                                }
                             }
                             break;
                         case 'userLogin':
-                            $res = $this->databaseConnection->exec_SELECTquery(
+                            $row = $this->databaseConnection->exec_SELECTgetSingleRow(
                                 'felogin_redirectPid',
                                 $this->frontendController->fe_user->user_table,
                                 $this->frontendController->fe_user->userid_column . '=' . $this->frontendController->fe_user->user['uid'] . ' AND felogin_redirectPid<>\'\''
                             );
-                            if ($row = $this->databaseConnection->sql_fetch_row($res)) {
-                                $redirect_url[] = $this->pi_getPageLink($row[0]);
+                            if ($row) {
+                                $redirect_url[] = $this->pi_getPageLink($row['felogin_redirectPid']);
                             }
                             break;
                         case 'login':

diff --git a/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php b/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
index 40e7e85..636aed9 100644 (file)
--- a/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
+++ b/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
@@ -335,7 +335,7 @@ class FrontendUserAuthentication extends AbstractUserAuthentication
                 unset($serviceObj);
             }
             unset($serviceObj);
-            if ($validGroup) {
+            if ($validGroup && (string)$groupData['uid'] !== '') {
                 $this->groupData['title'][$groupData['uid']] = $groupData['title'];
                 $this->groupData['uid'][$groupData['uid']] = $groupData['uid'];
                 $this->groupData['pid'][$groupData['uid']] = $groupData['pid'];