From: Gergő Tisza <tgr.huwiki@gmail.com>
Date: Wed, 18 Jul 2018 22:49:50 +0000 (+0200)
Subject: Fix handling of already logged-in user in Special:Userlogin
X-Git-Tag: 1.34.0-rc.0~4713^2
X-Git-Url: http://git.cyclocoop.org/%24image?a=commitdiff_plain;h=5ba1d4ceae6b1fa675c37575b5d59de338911a27;p=lhc%2Fweb%2Fwiklou.git

Fix handling of already logged-in user in Special:Userlogin

Due to a forgotten return clause, the full request handling
is executed after calling successfulAction() when the user
reloads the login page while logged in. With a typical setup
case this is masked by the fact that successfulAction() does
a redirect (although it probably still impacts performance),
for less common configurations this might result in the login
form rendered below a success message, or in calling extension
hooks which should not be called.

Bug: T185702
Change-Id: If19220c4cf17b08f7e03ca0d06381067f26dda1a
---

diff --git a/includes/specialpage/LoginSignupSpecialPage.php b/includes/specialpage/LoginSignupSpecialPage.php
index d5c889aef0..e94f3db72c 100644
--- a/includes/specialpage/LoginSignupSpecialPage.php
+++ b/includes/specialpage/LoginSignupSpecialPage.php
@@ -265,6 +265,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
 			 $this->getUser()->isLoggedIn()
 		) {
 			$this->successfulAction();
+			return;
 		}
 
 		// If logging in and not on HTTPS, either redirect to it or offer a link.