From dabb2082c0c7db719a18eaccd5280a016d56d97f Mon Sep 17 00:00:00 2001
From: Henning <leutz@pcsg.de>
Date: Thu, 20 Mar 2025 13:17:19 +0100
Subject: [PATCH] fix: user validation before displaying profile bar items

Updated 'getProfileBarCategories.php' to validate user session before displaying profile bar items.
Previously, an error was thrown if a user was not found. Explicitly catching the exception to
ensure a smoother user experience.

Related: quiqqer/order-guestorder#10
---
 .../profile/getProfileBarCategories.php       | 44 +++++++++++--------
 1 file changed, 25 insertions(+), 19 deletions(-)

diff --git a/ajax/frontend/profile/getProfileBarCategories.php b/ajax/frontend/profile/getProfileBarCategories.php
index ac67ab1..6accaad 100644
--- a/ajax/frontend/profile/getProfileBarCategories.php
+++ b/ajax/frontend/profile/getProfileBarCategories.php
@@ -13,6 +13,7 @@
     'package_quiqqer_frontend-users_ajax_frontend_profile_getProfileBarCategories',
     function () {
         $ProfileSite = Handler::getInstance()->getProfileSite();
+        $User = QUI::getUserBySession();
 
         if (!$ProfileSite) {
             return [];
@@ -32,26 +33,31 @@ function () {
         $categories = utils::setUrlsToCategorySettings($categories);
 
         // Check if "go to profile" button is added
-        try {
-            $profileBarSettings = Handler::getInstance()->getProfileBarSettings();
-
-            if (!empty($profileBarSettings['showToProfile']) && !empty($categories['user'])) {
-                array_unshift($categories['user']['items'], [
-                    'name' => 'toprofile',
-                    'title' => QUI::getLocale()->get(
-                        'quiqqer/frontend-users',
-                        'profilebar.to_profile'
-                    ),
-                    'index' => 0,
-                    'icon' => 'fa fa-user',
-                    'control' => false,
-                    'showinprofilebar' => true,
-                    'content' => false,
-                    'url' => $ProfileSite->getUrlRewritten()
-                ]);
+        if (QUI::getUsers()->isUser($User) && !($User instanceof QUI\Users\Nobody)) {
+            try {
+                $profileBarSettings = Handler::getInstance()->getProfileBarSettings();
+
+                if (
+                    !empty($profileBarSettings['showToProfile'])
+                    && !empty($categories['user'])
+                ) {
+                    array_unshift($categories['user']['items'], [
+                        'name' => 'toprofile',
+                        'title' => QUI::getLocale()->get(
+                            'quiqqer/frontend-users',
+                            'profilebar.to_profile'
+                        ),
+                        'index' => 0,
+                        'icon' => 'fa fa-user',
+                        'control' => false,
+                        'showinprofilebar' => true,
+                        'content' => false,
+                        'url' => $ProfileSite->getUrlRewritten()
+                    ]);
+                }
+            } catch (Exception $Exception) {
+                QUI\System\Log::writeException($Exception);
             }
-        } catch (Exception $Exception) {
-            QUI\System\Log::writeException($Exception);
         }
 
         return $categories;
-- 
GitLab