From: Brian Wolff Date: Sat, 9 Mar 2013 08:38:02 +0000 (-0400) Subject: createaccount api action didn't handle no token and no cookie X-Git-Tag: 1.31.0-rc.0~20406^2 X-Git-Url: https://git.cyclocoop.org/%28%28?a=commitdiff_plain;h=8e02f6abe99af691753091923c5fdbc05105ed73;p=lhc%2Fweb%2Fwiklou.git createaccount api action didn't handle no token and no cookie If you made a request to action=createaccount and this was the first time (so no account creation token had yet been generated for you) a "nocookiesfornew" error was returned. This is incorrect, what is supposed to happen in that case is the api returns what token to use. This is how users are supposed to request tokens, so the issue is very confusing. No release notes since this module was introduced in this version. Also removed sessionfailure from possible errors, as it isn't one (that status triggers the needtoken result). Change-Id: Ibfc3879fa89b1e11303aef65feb45a91afc215e6 --- diff --git a/includes/api/ApiCreateAccount.php b/includes/api/ApiCreateAccount.php index 7a36ce855a..3f059d6f60 100644 --- a/includes/api/ApiCreateAccount.php +++ b/includes/api/ApiCreateAccount.php @@ -108,8 +108,10 @@ class ApiCreateAccount extends ApiBase { $apiResult = $this->getResult(); - if( $status->hasMessage( 'sessionfailure' ) ) { - // Token was incorrect, so add it to result, but don't throw an exception. + if( $status->hasMessage( 'sessionfailure' ) || $status->hasMessage( 'nocookiesfornew' ) ) { + // Token was incorrect, so add it to result, but don't throw an exception + // since not having the correct token is part of the normal + // flow of events. $result['token'] = LoginForm::getCreateaccountToken(); $result['result'] = 'needtoken'; } elseif( !$status->isOK() ) { @@ -230,7 +232,6 @@ class ApiCreateAccount extends ApiBase { public function getPossibleErrors() { $localErrors = array( 'wrongpassword', - 'sessionfailure', 'sorbs_create_account_reason', 'noname', 'userexists',