From ac3e9f64d81cbba5f3f111db389863f904ca499e Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Tue, 28 Jan 2025 20:50:29 +0100
Subject: [PATCH] [ticket/17465] Throw bad request exceptions on invalid data
 requests

PHPBB-17465
---
 phpBB/phpbb/ucp/controller/webpush.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/phpBB/phpbb/ucp/controller/webpush.php b/phpBB/phpbb/ucp/controller/webpush.php
index 50d3eb3739..c36f67d129 100644
--- a/phpBB/phpbb/ucp/controller/webpush.php
+++ b/phpBB/phpbb/ucp/controller/webpush.php
@@ -165,6 +165,11 @@ class webpush
 		$notification_data = $this->db->sql_fetchfield('push_data');
 		$this->db->sql_freeresult($result);
 
+		if (!$notification_data)
+		{
+			throw new http_exception(Response::HTTP_BAD_REQUEST, 'AJAX_ERROR_TEXT');
+		}
+
 		return $this->get_notification_data($notification_data);
 	}
 
@@ -192,6 +197,11 @@ class webpush
 			$notification_row = $this->db->sql_fetchrow($result);
 			$this->db->sql_freeresult($result);
 
+			if (!$notification_row || !isset($notification_row['push_data']) || !isset($notification_row['push_token']))
+			{
+				throw new http_exception(Response::HTTP_BAD_REQUEST, 'AJAX_ERROR_TEXT');
+			}
+
 			$notification_data = $notification_row['push_data'];
 			$push_token = $notification_row['push_token'];