This is an automated email from the ASF dual-hosted git repository. deepak pushed a commit to branch release17.12 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release17.12 by this push: new e9bfc34f39 Replaced direct null checks on username, password, and token with UtilValidate.isEmpty() method calls for consistency. e9bfc34f39 is described below commit e9bfc34f39899bf63f5348692b15db5f9eb2cbbf Author: Deepak Dixit <dee...@apache.org> AuthorDate: Thu Dec 14 18:15:09 2023 +0530 Replaced direct null checks on username, password, and token with UtilValidate.isEmpty() method calls for consistency. --- .../main/java/org/apache/ofbiz/webapp/control/LoginWorker.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java index be8ca2c27e..b3d43a3c25 100644 --- a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java +++ b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java @@ -286,11 +286,11 @@ public class LoginWorker { username = request.getParameter("USERNAME"); password = request.getParameter("PASSWORD"); // check session attributes - if (username == null) username = (String) session.getAttribute("USERNAME"); - if (password == null) password = (String) session.getAttribute("PASSWORD"); + if (UtilValidate.isEmpty(username)) username = (String) session.getAttribute("USERNAME"); + if (UtilValidate.isEmpty(password)) password = (String) session.getAttribute("PASSWORD"); // in this condition log them in if not already; if not logged in or can't log in, save parameters and return error - if ((username == null) || (password == null) || ("error".equals(login(request, response)))) { + if (UtilValidate.isEmpty(username) || UtilValidate.isEmpty(password) || ("error".equals(login(request, response)))) { // make sure this attribute is not in the request; this avoids infinite recursion when a login by less stringent criteria (like not checkout the hasLoggedOut field) passes; this is not a normal circumstance but can happen with custom code or in funny error situations when the userLogin service gets the userLogin object but runs into another problem and fails to return an error request.removeAttribute("_LOGIN_PASSED_"); @@ -356,8 +356,8 @@ public class LoginWorker { } } - if (username == null) username = (String) session.getAttribute("USERNAME"); - if (password == null) password = (String) session.getAttribute("PASSWORD"); + if (UtilValidate.isEmpty(username)) username = (String) session.getAttribute("USERNAME"); + if (UtilValidate.isEmpty(password)) password = (String) session.getAttribute("PASSWORD"); // allow a username and/or password in a request attribute to override the request parameter or the session attribute; this way a preprocessor can play with these a bit... if (UtilValidate.isNotEmpty(request.getAttribute("USERNAME"))) {