From: <gi...@ma...> - 2009-09-13 00:22:40
|
The branch, master has been updated via 0abe9b4544c4440d13cb6fbcbae6070b11371da3 (commit) from 2a53ece7a339c158e8e48b972a9302736b2d6a9d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0abe9b4544c4440d13cb6fbcbae6070b11371da3 Author: John Reese <jr...@le...> Date: Sat Sep 12 20:13:59 2009 -0400 Fix #10930: Fix verification redirect loop User verification was logging out the user, and then calling auth_api functions that implicitly logged in the anonymous user, resulting in an endless redirection loop. By adding a parameter to the appropriate auth_api function, the verification page can specify that the anonymous user should not be implicitly logged in. ----------------------------------------------------------------------- Summary of changes: core/authentication_api.php | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) ----------------------------------------------------------------------- commit 0abe9b4544c4440d13cb6fbcbae6070b11371da3 Author: John Reese <jr...@le...> Date: Sat Sep 12 20:13:59 2009 -0400 Fix #10930: Fix verification redirect loop User verification was logging out the user, and then calling auth_api functions that implicitly logged in the anonymous user, resulting in an endless redirection loop. By adding a parameter to the appropriate auth_api function, the verification page can specify that the anonymous user should not be implicitly logged in. diff --git a/core/authentication_api.php b/core/authentication_api.php index 159b293..4879699 100644 --- a/core/authentication_api.php +++ b/core/authentication_api.php @@ -93,7 +93,7 @@ function auth_is_user_authenticated() { if( $g_cache_cookie_valid == true ) { return $g_cache_cookie_valid; } - $g_cache_cookie_valid = auth_is_cookie_valid( auth_get_current_user_cookie() ); + $g_cache_cookie_valid = auth_is_cookie_valid( auth_get_current_user_cookie( false ) ); return $g_cache_cookie_valid; } @@ -550,10 +550,11 @@ function auth_is_cookie_string_unique( $p_cookie_string ) { * if no user is logged in and anonymous login is enabled, returns cookie for anonymous user * otherwise returns '' (an empty string) * + * @param boolean auto-login anonymous user * @return string current user login cookie string * @access public */ -function auth_get_current_user_cookie() { +function auth_get_current_user_cookie( $p_login_anonymous=true ) { global $g_script_login_cookie, $g_cache_anonymous_user_cookie_string; # if logging in via a script, return that cookie @@ -567,7 +568,7 @@ function auth_get_current_user_cookie() { # if cookie not found, and anonymous login enabled, use cookie of anonymous account. if( is_blank( $t_cookie ) ) { - if( ON == config_get( 'allow_anonymous_login' ) ) { + if( $p_login_anonymous && ON == config_get( 'allow_anonymous_login' ) ) { if( $g_cache_anonymous_user_cookie_string === null ) { if( function_exists( 'db_is_connected' ) && db_is_connected() ) { ----------------------------------------------------------------------- -- Mantis Bug Tracker |