Hello,

I'm working on CH1. I had some errors copying the code and when I was debugging verify.php I noticed the validate the user routine always returns an object regardless of whether the ID is valid or not. So I added the following to User.php:
Just curious if anyone else had encountered this and/or if there was any benefit/drawback to adding this code?

Hi technicalknockout

You do not have to change anything in User.php.

In User.php, when you create the user object in function getById,
it gets some initial values. These values are the ones you see in
the beginning of the User class, in function __construct.
If the $user_id that gets passed into getById is not in the
database, then getById will return
a user object with these initial values. Notice the uid (userId) is null.
If the $user_id is in the database it will return the database record.


There is a problem in the verify.php file.

In verify.php, line 18, try changing this line from
to two lines.
It appears this if block was never getting entered,
control would go to the else block in all cases.
Now, in the else block, there is a safety net.
When you call $user->setActive you
must have a userId and token that match a corresponding
userId and token in the pending table in the database;
without this, you cannot activate the user.
This safety net explains why verify.php is working for a lot people,
even though there is a problem with the if statement above.

I hope this helps.