From: Ori Livneh <ori@wikimedia.org>
Date: Wed, 24 Feb 2016 23:32:57 +0000 (-0800)
Subject: SessionBackend: skip isUserSessionPrevented check for anons
X-Git-Tag: 1.31.0-rc.0~7844^2
X-Git-Url: http://git.cyclocoop.org/data/%24oldEdit?a=commitdiff_plain;h=43420a0506b3115833d4b5d11b9e56579a967cdd;p=lhc%2Fweb%2Fwiklou.git

SessionBackend: skip isUserSessionPrevented check for anons

For anon requests, the call to SessionManager::isUserSessionPrevented(
$this->user->getName() ) is both expensive (because of the need to
sanitize the IP) and pointless, because the session-prevention feature
is intended for named accounts. So short-circuit the check if the user is not
logged in.

Change-Id: I17386b97e229b492723b46db1e1ae16fd4b0fc5a
---

diff --git a/includes/session/SessionBackend.php b/includes/session/SessionBackend.php
index 0a9191b123..0424a2da07 100644
--- a/includes/session/SessionBackend.php
+++ b/includes/session/SessionBackend.php
@@ -572,7 +572,9 @@ final class SessionBackend {
 	 * @param bool $closing Whether the session is being closed
 	 */
 	public function save( $closing = false ) {
-		if ( $this->provider->getManager()->isUserSessionPrevented( $this->user->getName() ) ) {
+		$anon = $this->user->isAnon();
+
+		if ( !$anon && $this->provider->getManager()->isUserSessionPrevented( $this->user->getName() ) ) {
 			$this->logger->debug(
 				'SessionBackend "{session}" not saving, user {user} was ' .
 				'passed to SessionManager::preventSessionsForUser',
@@ -585,7 +587,6 @@ final class SessionBackend {
 
 		// Ensure the user has a token
 		// @codeCoverageIgnoreStart
-		$anon = $this->user->isAnon();
 		if ( !$anon && !$this->user->getToken( false ) ) {
 			$this->logger->debug(
 				'SessionBackend "{session}" creating token for user {user} on save',