From a4668e2e0714621a12e5bf93c2036b359120e0ff Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@osticket.com>
Date: Thu, 21 Jan 2016 16:12:48 +0000
Subject: [PATCH] bug: $staff object can be called uninitialised

---
 include/class.auth.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/include/class.auth.php b/include/class.auth.php
index 9619a389f..a106d6a4c 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -1006,8 +1006,9 @@ class PasswordResetTokenBackend extends StaffAuthenticationBackend {
             return false;
         elseif (!($_config = new Config('pwreset')))
             return false;
-        elseif (($staff = StaffSession::lookup($_POST['userid'])) &&
-                !$staff->getId())
+
+        $staff = StaffSession::lookup($_POST['userid']);
+        if (!$staff || !$staff->getId())
             $errors['msg'] = __('Invalid user-id given');
         elseif (!($id = $_config->get($_POST['token']))
                 || $id != $staff->getId())
-- 
GitLab