From db0630b0f9b11a8014c893a5f570fd63ef574d78 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sat, 12 Oct 2019 21:06:47 -0400 Subject: [PATCH] Catch missing Certainty bundle exception when checking for exposed password in Model\User --- src/Model/User.php | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/Model/User.php b/src/Model/User.php index b6121ad04e..ef49f45eda 100644 --- a/src/Model/User.php +++ b/src/Model/User.php @@ -412,6 +412,7 @@ class User * * @param string $password * @return bool + * @throws Exception */ public static function isPasswordExposed($password) { @@ -420,9 +421,20 @@ class User 'cacheDirectory' => get_temppath() . '/password-exposed-cache/', ]); - $PasswordExposedCHecker = new PasswordExposed\PasswordExposedChecker(null, $cache); + try { + $passwordExposedChecker = new PasswordExposed\PasswordExposedChecker(null, $cache); + + return $passwordExposedChecker->passwordExposed($password) === PasswordExposed\PasswordStatus::EXPOSED; + } catch (\Exception $e) { + Logger::error('Password Exposed Exception: ' . $e->getMessage(), [ + 'code' => $e->getCode(), + 'file' => $e->getFile(), + 'line' => $e->getLine(), + 'trace' => $e->getTraceAsString() + ]); - return $PasswordExposedCHecker->passwordExposed($password) === PasswordExposed\PasswordStatus::EXPOSED; + return false; + } } /** -- 2.39.5