Jump to content
thirty bees forum

PHP 8.1, bleeding edge, employee access error

pauld

By pauld
in English

 Share

Recommended Posts

pauld Apprentice

pauld

Posted
Posted

When non SuperAdmin employee login (with rights to display dashboard) Access forbidden error is shown. This only happens on PHP 8.1.

Does anyone else have this issue? Can someone reproduce?

thirtybees-emloyee-login-error.thumb.png.e74572cbf804bc066132aad60f299e2d.png

 

datakick Mentor

datakick

Posted
Posted

I've reproduced this. Nasty issue, actually.

This is caused by https://www.php.net/manual/en/migration81.incompatible.php#migration81.incompatible.pdo.mysql

DB driver in php8.1 returns integer and decimal number values from database as integers and floats. In previous php versions, the return values were simple strings.

So, sql query 

SELECT * FROM tb_access WHERE id_tab = 1 AND id_profile = 2

used to return data 

[
  'view' => '1',
  'add' => '1',
  'delete' => '1',
  'edid' => '1'
]

But in PHP8.1 it returns 

[
  'view' => 1,
  'add' => 1,
  'delete' => 1,
  'edid' => 1
]

Couple this change with strict comparison operator: 

if ($access['view'] === '1') {
   // ...
}

And we have a huge problem.

datakick Mentor

datakick

Posted
Posted
On 9/9/2022 at 10:16 PM, pauld said:

Nice to know, but I think about it as a temporarily workaround. Next PHP versions move and PDO extension may remove this attribute.

Very unlikely they will remove this anytime soon.

But you are right, we should prepare for this, and fixed the code, so it works both with stringified and native values.

It's very hard to find all the places in the core that depends on this stringification functionality, though

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...