Undefined array key 1 warning

Created on 7 October 2024, 4 months ago

I have one of my production sites behind shield to disallow access for the moment.

Sometimes I get this in the Recent logs:

Warning: Undefined array key 1 in Drupal\shield\ShieldMiddleware->handle() (regel 212 van /data/code/energie/www/modules/contrib/shield/src/ShieldMiddleware.php)

#0 /data/code/energie/www/core/includes/bootstrap.inc(166): _drupal_error_handler_real(2, 'Undefined array...', '/data/code/ener...', 212)
#1 /data/code/energie/www/modules/contrib/shield/src/ShieldMiddleware.php(212): _drupal_error_handler(2, 'Undefined array...', '/data/code/ener...', 212)
#2 /data/code/energie/www/core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php(48): Drupal\shield\ShieldMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#3 /data/code/energie/www/core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php(51): Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#4 /data/code/energie/www/core/lib/Drupal/Core/StackMiddleware/AjaxPageState.php(36): Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#5 /data/code/energie/www/core/lib/Drupal/Core/StackMiddleware/StackedHttpKernel.php(51): Drupal\Core\StackMiddleware\AjaxPageState->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#6 /data/code/energie/www/core/lib/Drupal/Core/DrupalKernel.php(741): Drupal\Core\StackMiddleware\StackedHttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#7 /data/code/energie/www/index.php(19): Drupal\Core\DrupalKernel->handle(Object(Symfony\Component\HttpFoundation\Request))
#8 {main}

The code causing it is:

    elseif (!empty($request->server->get('HTTP_AUTHORIZATION'))) {
      [$input_user, $input_pass] = explode(':', base64_decode(substr($request->server->get('HTTP_AUTHORIZATION'), 6)), 2);
    }

I assume someone has a dodgy browser, or it's a hacker trying things. Running it through an "A.I. LLM" gives as improvement:

elseif (!empty($request->server->get('HTTP_AUTHORIZATION'))) {
    $decoded = base64_decode(substr($request->server->get('HTTP_AUTHORIZATION'), 6));
    $credentials = explode(':', $decoded, 2);

    // Ensure there are at least 2 elements before assigning.
    if (count($credentials) === 2) {
         [$input_user, $input_pass] = $credentials;
     } else {
         [$input_user,  $input_pass] = [ '', ''];
     }    
  }

Similar stuff happens in other places in the function as well. The code should be as robust as possible: not assuming the input will always be in the correct format.

🐛 Bug report

Status

Active

Version

1.8

Component

Code

Created by

sboden

Live updates comments and jobs are added and updated live.

Merge Requests

!24Undefined array key 1 warning
Open
🇮🇳India ushma
updated 3 months ago

Comments & Activities

Issue created by @sboden
Comment 4 months ago →
🇮🇳India arunsahijpal
How to reproduce this issue?
First commit to issue fork.
Merge request !24fix undefined key error on explode → (Open) created by ushma
Comment 3 months ago →
🇮🇳India ushma
I have created MR to resolve the warning by checking the array count - https://git.drupalcode.org/project/shield/-/merge_requests/24

Attached the related patch too. Please verify.
Pipeline finished with Success
3 months ago
Total: 187s
#332829
Comment 2 months ago →
🇮🇳India ushma

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024

Undefined array key 1 warning

Merge Requests

!24Undefined array key 1 warningOpen

Comments & Activities

!24Undefined array key 1 warning
Open