_Follow along with this video:_ --- ### Business Logic Edge Case By now we've identified fairly clearly how the `enterRaffle` function works. Our finding looks great. Let's next move onto the `refund` function, this one was mentioned explicitly in our documentation. ``` Users are allowed to get a refund of their ticket & value if they call the refund function ``` This is what the function looks like. ```js /// @param playerIndex the index of the player to refund. You can find it externally by calling `getActivePlayerIndex` /// @dev This function will allow there to be blank spots in the array function refund(uint256 playerIndex) public { address playerAddress = players[playerIndex]; require(playerAddress == msg.sender, "PuppyRaffle: Only the player can refund"); require(playerAddress != address(0), "PuppyRaffle: Player already refunded, or is not active"); payable(msg.sender).sendValue(entranceFee); players[playerIndex] = address(0); emit RaffleRefunded(playerAddress); } ``` Remember to start with the documentation so that we understand what's supposed to happen. In order to call this function a player needs to provide their `playerIndex`, and this is acquired through the `getActivePlayerIndex` function. Let's jump over there quickly. ```js /// @notice a way to get the index in the array /// @param player the address of a player in the raffle /// @return the index of the player in the array, if they are not active, it returns 0 function getActivePlayerIndex(address player) external view returns (uint256) { for (uint256 i = 0; i < players.length; i++) { if (players[i] == player) { return i; } } return 0; } ``` I think we may have stumbled upon our next bug. The logic here has a problem. Can you spot it? <details> <summary>The Problem</summary> :br When looking at this function, we have to ask _"Why is this returning zero?"_ Arrays begin at index 0, were the player at this index to call this function it would be very unclear whether or not they were in the raffle or not! </details> ### Wrap Up We're not going to go through writing this finding report together, but I absolutely challenge you to write one yourself before moving forward! **\*Hint:** It's informational severity\* Up next we're going back to the `refund` function!
Follow along with this video:
By now we've identified fairly clearly how the enterRaffle function works. Our finding looks great. Let's next move onto the refund function, this one was mentioned explicitly in our documentation.
This is what the function looks like.
Remember to start with the documentation so that we understand what's supposed to happen. In order to call this function a player needs to provide their playerIndex, and this is acquired through the getActivePlayerIndex function.
Let's jump over there quickly.
I think we may have stumbled upon our next bug. The logic here has a problem. Can you spot it?
When looking at this function, we have to ask "Why is this returning zero?"
Arrays begin at index 0, were the player at this index to call this function it would be very unclear whether or not they were in the raffle or not!
We're not going to go through writing this finding report together, but I absolutely challenge you to write one yourself before moving forward!
*Hint: It's informational severity*
Up next we're going back to the refund function!
Patrick discusses the potential impacts of a user entering PuppyRaffle with a smart contract.