Menu
▾
▴
#579 Infinite loop in WikiUserNew.php userExists()
Using a stock phpwiki-1.3.14 setup, on Apache 2.2.4 with both mod_php 5.2.3 and 5.2.4, we are seeing an error that causes httpd to exit with an 'Illegal Instruction' error whenever a login attempt is POSTed.
Tracing with gdb, it reveals that the userExists() function of WikiUserNew.php is looping.
I see a comment at the bottom of that function wondering if the code there will prevent an endless loop in all PHPs. Well, for me, anyway, it seems the answer is no.
I'm attaching phpinfo() output and can attach the backtrace from gdb, which
at least can verify what I'm saying.
Happy to provide other information as needed.
Regards,
Matt Riffle
Output of phpinfo()
GDB Backtrace showing loop
Logged In: YES
user_id=1888217
Originator: YES
File Added: php-backtrace.txt
Logged In: NO
same problem with php 5.2.5 and Apache 2.2.8
there is a loop in WikiUserNew.php. Here is a part of the endless trace
is_subclass_of isa check_php_version (3x) is_object get_class strtolower (2x) is_subclass_of get_class _DbPassUser->hasHomePage _DbPassUser->userExists get_class strtolower check_php_version UpgradeUser isa check_php_version (3x) is_object get_class strtolower (2x) is_subclass_of isaRegards Stefan
Logged In: NO
One more comment on this:
newest phpwiki from cvs WikiUserNew.php V. 1.147
Authentication against an external mysql table (userauth from SMF Forum) set in config.ini
DBAUTH_AUTH_DSN
DBAUTH_AUTH_CHECK
DBAUTH_AUTH_USER_EXISTS
... etc.
php 4 works without problem
regards Stefan
Logged In: YES
user_id=13755
Originator: NO
Thanks for the backtrace!
So the php 5.2 object cloning (copying the fields) does not work
anymore as it used to be.
As workaround the following config.ini setting will help:
ENABLE_USER_NEW = false
Logged In: NO
Unfortunately the Workaround does not function as desired.
[06-Feb-2008 22:59:38] PHP Fatal error: Call to a member function get() on a non-object in /www/mineralienatlas/htdoc
s/lexikonnew/lib/WikiUser.php on line 140
One more comment to reproduce the loop from WikiUserNew.php.
You can view the wikipage but when you try to logon, you the an empty page without any line of code. Thats whenn the loop appears.
regards Stefan
Logged In: NO
Is there a timeframe, when the problem will be fixed?
I ask about, because we cannot switch to php5 before.
Thank you for helping
Logged In: YES
user_id=13755
Originator: NO
I fixed the workaround by using ENABLE_USER_NEW = false in current cvs.
For the recursive login methods I need to get an 5.2 debugger. This can last longer.
Outstanding probems are automatic disabling of ENABLE_USER_NEW on 5.2 and
same old session problems on 5.2.
Logged In: NO
I managed to fix this (with ENABLE_USER_NEW=true) by doing the following:
In config.ini set USER_AUTH_ORDER = "AdoDb"
Edit lib/WikiUser/AdoDb.php to add include_once("lib/WikiUser/Db.php"); before the class declaration
I now don't get the blank page, not sure if that breaks anything else though :-)
Logged In: NO
I managed to fix this (with ENABLE_USER_NEW=true) by doing the following:
In config.ini set USER_AUTH_ORDER = "AdoDb"
Edit lib/WikiUser/AdoDb.php to add include_once("lib/WikiUser/Db.php"); before the class declaration
I now don't get the blank page, not sure if that breaks anything else though :-)
Logged In: YES
user_id=13755
Originator: NO
Fixed in current CVS.
http://sourceforge.net/cvs/?group_id=6121
or http://phpwiki.sf.net/nightly/phpwiki.nightly.tar.gz
Logged In: YES
user_id=13755
Originator: NO
That easy! I thought it is the hairy object cloning, which I already debugged
a couple of times.
Thanks a lot.