php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56254 Fatal error, if you define a password compare ruler after a frozen element.
Submitted: 2004-12-23 10:44 UTC Modified: 2006-12-24 16:04 UTC
From: elias at hallerjugend dot at Assigned: avb (profile)
Status: Closed Package: PECL website (PECL)
PHP Version: Irrelevant OS: Irrelevant
Private report: No CVE-ID: None
 [2004-12-23 10:44 UTC] elias at hallerjugend dot at
Description:
------------
If you define a password compare rule after a frozen element, you'll get an error like:
Fatal error: Call to a member function on a non-object in QuickForm.php on line 1563

After 2 hours of researching I found the error. In the method  "getValidationScript" is a loop, where the variable $element points to $this->_elements[$elementKey]. If the element is frozen, the loop will be skipped. In the next run of the loop the password compare rule will be handled. The variable $dependent will be true, and the object $element will be overwritten with an array(). But $element still points to $this->_elements[$elementKey] like i mentioned above and so $this->_elements[$elementKey] will also be overwritten.
This causes the error.

The solution is to add unset($element) before the lopp will be skipped.

Here is the correct Code:

Reproduce code:
---------------
// Line 1669 in Script HTML/Quickform.php
                    // No JavaScript validation for frozen elements
                    if (is_object($element) && $element->isFrozen()) {
                        unset($element);
                        continue 2;
                    } elseif (is_array($element)) {
                        foreach (array_keys($element) as $key) {
                            if ($element[$key]->isFrozen()) {
                                unset($element);
                                continue 3;
                            }
                        }
                    }


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-12-23 10:48 UTC] elias at hallerjugend dot at
I didn't find the link to close this bug. But I'll do it now.
 [2005-01-11 13:54 UTC] borz_off at cs dot msu dot su
Dunno why the bug was closed, but it is really in there...
 [2005-06-13 09:29 UTC] borz_off at cs dot msu dot su
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pear.php.net.

In case this was a pear.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PEAR better.


 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue Aug 03 01:01:25 2021 UTC