Error when adding preHook to Login

Development
1

Hi there, I’m trying to add an auth control to validate if a user is already logged or not, to achieve this, I based my work on this How to limit one session at a time for a single account? | MODX Community Forums and this is my final prehook code:

<?php
$modx->log(modX::LOG_LEVEL_ERROR, "Running login preHook ");
if (!isset($_GET['service'])){
	$formFields = $hook->getValues();
	$username = $formFields['username'];
	$modx->user = $modx->getObject('modUser', array('username' => $username, ));
	//Agregarle validacion
	if (isset($modx->user)) {
		$modx->log(modX::LOG_LEVEL_ERROR, "Captured usernames is ".$username. ' loaded user is ' . isset($modx->user));
		$profile = $modx->user->getOne('Profile');
		if (isset($profile)) {
			$extended = $profile->get('extended');
			$modx->log(modX::LOG_LEVEL_ERROR, "Logged is ".$extended['logged'] );
			if ($extended['logged'] == '1') {
				  $url = $modx->makeURL(38, '',  array('userblocked' => $username), 'https');
				  $modx->log(modX::LOG_LEVEL_ERROR, "Url is ".$url );
				  $modx->sendRedirect($url);
				  return false;
			}        
		} else {
			$errorMsg = "User profile for ".$username. " not found";
			$modx->log(modX::LOG_LEVEL_ERROR, $errorMsg );
			$hook->addError('user',$errorMsg);
			return false;
		}
		
	} else {
		$errorMsg = "User ".$username. " not found";
		$modx->log(modX::LOG_LEVEL_ERROR, $errorMsg );
		$hook->addError('user',$errorMsg);
		return false;
	}
	
} else {
	return true;    
}

When I try to login with a valid user, its working as expected, but when I type random gibberish on the login name I’m getting this error:

Fatal error: Uncaught Error: Call to a member function get() on null in /home/magdal31/coreM0dXF1L3s/model/modx/modaccessibleobject.class.php:215 Stack trace: #0 /home/magdal31/coreM0dXF1L3s/model/modx/modaccessibleobject.class.php(36): modAccessibleObject->checkPolicy(‘load’) #1 /home/magdal31/coreM0dXF1L3s/xpdo/xpdo.class.php(757): modAccessibleObject::_loadInstance(Object(modX), ‘modChunk’, ‘modChunk’, Array) #2 /home/magdal31/coreM0dXF1L3s/xpdo/om/xpdoquery.class.php(584): xPDO->call(‘modChunk’, ‘_loadInstance’, Array) #3 /home/magdal31/coreM0dXF1L3s/xpdo/om/xpdoquery.class.php(566): xPDOQuery->hydrateGraphParent(Array, Array) #4 /home/magdal31/coreM0dXF1L3s/xpdo/om/xpdoobject.class.php(539): xPDOQuery->hydrateGraph(Object(PDOStatement), true) #5 /home/magdal31/coreM0dXF1L3s/xpdo/xpdo.class.php(757): xPDOObject::loadCollectionGraph(Object(modX), ‘modChunk’, Array, Array, true) #6 /home/magdal31/coreM0dXF1L3s/xpdo/xpdo.class.php(1088): xPDO->call(‘modChunk’, ‘loadCollectionG…’, Array) #7 /home/magdal31/coreM0dXF1L3s/ in /home/magdal31/coreM0dXF1L3s/model/modx/modaccessibleobject.class.php on line 215

My inner modx log only says:

[2020-10-20 12:24:30] (ERROR @ /home/magdal31/coreM0dXF1L3s/cache/includes/elements/modsnippet/114.include.cache.php : 2) Running login preHook
[2020-10-20 12:24:30] (ERROR @ /home/magdal31/coreM0dXF1L3s/cache/includes/elements/modsnippet/114.include.cache.php : 29) User sdfasfa not found

Any idea on what could be going on?

2

Purely from a PHP perspective, check your return values. If, for example isset($profile) is true and $extended['logged'] is not equal to 1, there’s no explicit return statement (I’m guessing you want to return true?).

Other than that, I can’t be sure what the impact of doing $modx->user = is going to have on an existing session. If you’re logged in as someone other than the username you’re entering in the form, then that will probably invalidate any existing user session (which is what the exception is suggesting).

Can you replicate this in a logged out, private browsing session?

1 Like
3

You probably shouldn’t override $modx->user with null. Try if it works if you use

$myuser = $modx->getObject('modUser', array('username' => $username, ));
//Agregarle validacion
if ($myuser) {
    $modx->user = $myuser;
    ...

instead of

$modx->user = $modx->getObject('modUser', array('username' => $username, ));
//Agregarle validacion
if (isset($modx->user)) {
   ....
1 Like
4

@halftrainedharry thanks a lot totally saved my life, was already going crazy with this error for such a simple issue, if you use stackoverflow and want to add the answer there I’m more than happy to mark it as the right fix so you get the points, otherwise I’ll answer myself in a couple days https://stackoverflow.com/questions/64444438/modx-login-prehook-breaks-when-invalid-user

5

Thanks for pinpointing this error, that was the next bug after @halftrainedharry helped with the null bug