From 8e3229b474acc1bac20a0eff0ff6b34053d51bcb Mon Sep 17 00:00:00 2001
From: HB9HIL <fabian.berg@hb9hil.org>
Date: Mon, 16 Mar 2026 16:11:05 +0100
Subject: [PATCH] fix $query after user was created

---
 application/controllers/Header_auth.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/application/controllers/Header_auth.php b/application/controllers/Header_auth.php
index c51622dab..83ef2d3a3 100644
--- a/application/controllers/Header_auth.php
+++ b/application/controllers/Header_auth.php
@@ -64,11 +64,19 @@ class Header_auth extends CI_Controller {
             // Config check if create user
             if ($this->config->item('auth_header_create')) {
                 $this->_create_user($username, $email, $callsign, $firstname, $lastname);
+                $query = $this->user_model->get($username);
             } else {
                 $this->_sso_error(__("User not found."));
+                return;
             }
         }
 
+        if (!$query || $query->num_rows() !== 1) {
+            log_message('error', 'SSO Authentication: User could not be found or created.');
+            $this->_sso_error();
+            return;
+        }
+
         $user = $query->row();
 
         // Prevent clubstation direct login via header (mirrors User::login)