After logging out, using any of the picks in the left-hand navigation menu results in the display of a SQL exception about 'x' not being a valid integer, just below the search/advanced search box.
This is happening because the logout process sets the three cookies -- isfdbUserId, isfdbUserName, and isfdbToken -- to 'x' and intends to set a past expiration so that the browser will no longer deliver them. But the expiration date is not in a valid cookie date format and isn't parsing, so the cookies don't get expired (the expiration date is ignored). One ends up with a session with cookies for user 'x', id 'x'. That 'x' is then used to look up the user by id in the database, giving the SQL exception.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
This is fixed the the commit of common/login.py 1.4 on 20-Jul-2009. Modified the cookie setting and clearing functions to use the cookie-standard date format. This causes the cookies to be expired and not delivered. As a back-up, also modified GetUserData to check for isfdbUserID and isfdbToken with values 'x' and to treat this as no-cookies/not logged in ("clearing" the cookies sets the values to 'x').
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
This is happening because the logout process sets the three cookies -- isfdbUserId, isfdbUserName, and isfdbToken -- to 'x' and intends to set a past expiration so that the browser will no longer deliver them. But the expiration date is not in a valid cookie date format and isn't parsing, so the cookies don't get expired (the expiration date is ignored). One ends up with a session with cookies for user 'x', id 'x'. That 'x' is then used to look up the user by id in the database, giving the SQL exception.
This is fixed the the commit of common/login.py 1.4 on 20-Jul-2009. Modified the cookie setting and clearing functions to use the cookie-standard date format. This causes the cookies to be expired and not delivered. As a back-up, also modified GetUserData to check for isfdbUserID and isfdbToken with values 'x' and to treat this as no-cookies/not logged in ("clearing" the cookies sets the values to 'x').
Fixed in r2009-13.