Checking all values for $_SESSION

See https://github.com/friendica/friendica/issues/6918#issuecomment-491492826

diff --git a/mod/redir.php b/mod/redir.php
index 4dbae54..931e07c 100644 (file)
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -7,8 +7,8 @@ use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\Profile;
-use Friendica\Util\Strings;
 use Friendica\Util\Network;
+use Friendica\Util\Strings;
 
 function redir_init(App $a) {
 
@@ -70,7 +70,10 @@ function redir_init(App $a) {
                                && is_array($_SESSION['remote']))
                        {
                                foreach ($_SESSION['remote'] as $v) {
-                                       if ($v['uid'] == $_SESSION['visitor_visiting'] && $v['cid'] == $_SESSION['visitor_id']) {
+                                       if (!empty($v['uid']) && !empty($_SESSION['visitor_visiting']) &&
+                                           !empty($v['cid']) && !empty($_SESSION['visitor_id']) &&
+                                           $v['uid'] == $_SESSION['visitor_visiting'] &&
+                                           $v['cid'] == $_SESSION['visitor_id']) {
                                                // Remote user is already authenticated.
                                                $target_url = defaults($url, $contact_url);
                                                Logger::log($contact['name'] . " is already authenticated. Redirecting to " . $target_url, Logger::DEBUG);