From 7d757dff14c3b121710fa89068695e095a6379c8 Mon Sep 17 00:00:00 2001
From: Roan Kattouw <catrope@users.mediawiki.org>
Date: Sat, 3 Nov 2007 09:57:42 +0000
Subject: [PATCH] API: * Allow staying logged in through lg* parameters instead
 of cookies (modified patch by Eddie Roger) * Removed ApiLogin's sessionID
 return value, as it doesn't always work and is redundant anyway

---
 RELEASE-NOTES             |  1 +
 includes/api/ApiLogin.php |  1 -
 includes/api/ApiMain.php  | 13 +++++++++++++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 9155bbe98b..b9024b8193 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -157,6 +157,7 @@ Full API documentation is available at http://www.mediawiki.org/wiki/API
 * (bug 11721) Use a different title for results than for the help page.
 * (bug 11562) Added a user_registration parameter/field to the list=allusers query.
 * (bug 11588) Preserve document structure for empty dataset in backlinks query.
+* Allow staying logged in through lg* parameters instead of cookies
 
 === Languages updated in 1.12 ===
 
diff --git a/includes/api/ApiLogin.php b/includes/api/ApiLogin.php
index 851b531441..31be273397 100644
--- a/includes/api/ApiLogin.php
+++ b/includes/api/ApiLogin.php
@@ -104,7 +104,6 @@ class ApiLogin extends ApiBase {
 				$result['lgusername'] = $_SESSION['wsUserName'];
 				$result['lgtoken'] = $_SESSION['wsToken'];
 				$result['cookieprefix'] = $wgCookiePrefix;
-				$result['sessionid'] = $_COOKIE["{$wgCookiePrefix}_session"];
 				break;
 
 			case LoginForm :: NO_NAME :
diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 406d23a018..ccfa9fa222 100644
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -88,11 +88,24 @@ class ApiMain extends ApiBase {
 	* @param $enableWrite bool should be set to true if the api may modify data
 	*/
 	public function __construct($request, $enableWrite = false) {
+		global $wgRequest, $wgUser; 
 
 		$this->mInternalMode = ($request instanceof FauxRequest);
 
 		// Special handling for the main module: $parent === $this
 		parent :: __construct($this, $this->mInternalMode ? 'main_int' : 'main');
+		
+		// Check if request has cookie-like variables, and set them
+		if( ($request->getVal('lgtoken')) && ($request->getVal('lgusername')) && ($request->getVal('lguserid')) ) {
+			
+			// Got variables, set cookies. 
+			$_SESSION['wsUserID'] = $request->getVal('lguserid');
+			$_SESSION['wsUserName'] = $request->getVal('lgusername');
+			$_SESSION['wsToken'] = $request->getVal('lgtoken');
+			
+			// Reinitialize $wgUser from session data
+			$wgUser = User::newFromSession();			
+		} 
 
 		if (!$this->mInternalMode) {
 			
-- 
2.20.1