From 62f01a839e7a5bdc4045d3742c04c220bdf52655 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <barisusakli@gmail.com>
Date: Fri, 14 Dec 2018 00:09:15 -0500
Subject: [PATCH] fix: dont save data for non-positive uids

---
 src/controllers/authentication.js |  6 +++++-
 src/user/admin.js                 | 12 +++++-------
 src/user/auth.js                  |  3 +++
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js
index 3b05ac578c..b2f456691d 100644
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@@ -365,7 +365,11 @@ authenticationController.onSuccessfulLogin = function (req, uid, callback) {
 					user.auth.addSession(uid, req.sessionID, next);
 				},
 				function (next) {
-					db.setObjectField('uid:' + uid + ':sessionUUID:sessionId', uuid, req.sessionID, next);
+					if (uid > 0) {
+						db.setObjectField('uid:' + uid + ':sessionUUID:sessionId', uuid, req.sessionID, next);
+					} else {
+						next();
+					}
 				},
 				function (next) {
 					user.updateLastOnlineTime(uid, next);
diff --git a/src/user/admin.js b/src/user/admin.js
index 1b273bca48..d545921bbe 100644
--- a/src/user/admin.js
+++ b/src/user/admin.js
@@ -10,6 +10,9 @@ var plugins = require('../plugins');
 
 module.exports = function (User) {
 	User.logIP = function (uid, ip, callback) {
+		if (!(parseInt(uid, 10) > 0)) {
+			return setImmediate(callback);
+		}
 		var now = Date.now();
 		async.waterfall([
 			function (next) {
@@ -31,10 +34,7 @@ module.exports = function (User) {
 				db.getSortedSetRevRange('uid:' + uid + ':ip', 0, stop, next);
 			},
 			function (ips, next) {
-				ips = ips.map(function (ip) {
-					return validator.escape(String(ip));
-				});
-				next(null, ips);
+				next(null, ips.map(ip => validator.escape(String(ip))));
 			},
 		], callback);
 	};
@@ -48,9 +48,7 @@ module.exports = function (User) {
 				db.getSortedSetRangeWithScores('username:uid', 0, -1, next);
 			},
 			function (users, next) {
-				uids = users.map(function (user) {
-					return user.score;
-				});
+				uids = users.map(user => user.score);
 				plugins.fireHook('filter:user.csvFields', { fields: ['uid', 'email', 'username'] }, next);
 			},
 			function (data, next) {
diff --git a/src/user/auth.js b/src/user/auth.js
index 87bb3f5ef4..1d2e2ddc27 100644
--- a/src/user/auth.js
+++ b/src/user/auth.js
@@ -141,6 +141,9 @@ module.exports = function (User) {
 
 	User.auth.addSession = function (uid, sessionId, callback) {
 		callback = callback || function () {};
+		if (!(parseInt(uid, 10) > 0)) {
+			return setImmediate(callback);
+		}
 		db.sortedSetAdd('uid:' + uid + ':sessions', Date.now(), sessionId, callback);
 	};