On 11/23/11 9:54 AM, bryan wrote:
Hmm..what I did was select "remember me" when logging in, and then
before the session expired, I deleted the user from the database. From
what I saw in the code, it would retrieve a null object because the
username associated to the session doesn't exist in the database anymore.
I'm not sure whether this is sufficient information..if it isn't, let me
know, and i'll post a more elaborate scenario when I get home.
If you are using the Doctrine user provider, a non-existent user should
throw a UsernameNotFoundException, not a null value. Which user provider
are you using?
Fabien
=) Bryan
--
If you want to report a vulnerability issue on symfony, please send it
to security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to symfony-devs@googlegroups.com
To unsubscribe from this group, send email to
symfony-devs+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to symfony-devs@googlegroups.com
To unsubscribe from this group, send email to
symfony-devs+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
