From f70613b2b89086b27f921162ec8ac981b37de4a0 Mon Sep 17 00:00:00 2001
From: Marco <marco1@live.de>
Date: Thu, 19 Oct 2017 02:55:49 +0200
Subject: [PATCH] Ignore defined but empty selectors and tokens from 'remember
 me'

---
 src/Auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Auth.php b/src/Auth.php
index bc4b79a..8012e60 100644
--- a/src/Auth.php
+++ b/src/Auth.php
@@ -117,7 +117,7 @@ final class Auth extends UserManager {
 				$parts = \explode(self::COOKIE_CONTENT_SEPARATOR, $_COOKIE[$this->rememberCookieName], 2);
 
 				// if both selector and token were found
-				if (isset($parts[0]) && isset($parts[1])) {
+				if (!empty($parts[0]) && !empty($parts[1])) {
 					try {
 						$rememberData = $this->db->selectRow(
 							'SELECT a.user, a.token, a.expires, b.email, b.username, b.status, b.roles_mask FROM ' . $this->dbTablePrefix . 'users_remembered AS a JOIN ' . $this->dbTablePrefix . 'users AS b ON a.user = b.id WHERE a.selector = ?',