From ecb0c80c933f341850cc5638209cdf221179a01f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no>
Date: Tue, 22 Nov 2016 11:00:16 +0100
Subject: [PATCH] bugfix: the sspmod_saml_IdP_SQLNameID::getIdentities() method
 was broken.

The $store and $params variables were not initialized before trying to execute the prepared statement.
---
 modules/saml/lib/IdP/SQLNameID.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/modules/saml/lib/IdP/SQLNameID.php b/modules/saml/lib/IdP/SQLNameID.php
index d2ad849fe..641cece93 100644
--- a/modules/saml/lib/IdP/SQLNameID.php
+++ b/modules/saml/lib/IdP/SQLNameID.php
@@ -156,6 +156,13 @@ class sspmod_saml_IdP_SQLNameID  {
 		assert('is_string($idpEntityId)');
 		assert('is_string($spEntityId)');
 
+		$store = self::getStore();
+
+		$params = array(
+			'_idp' => $idpEntityId,
+			'_sp' => $spEntityId,
+		);
+
 		$query = 'SELECT _user, _value FROM ' . $store->prefix . '_saml_PersistentNameID WHERE _idp = :_idp AND _sp = :_sp';
 		$query = $store->pdo->prepare($query);
 		$query->execute($params);
-- 
GitLab