From: Brian Wolff <bawolff+wn@gmail.com>
Date: Mon, 8 Jul 2013 01:37:02 +0000 (-0300)
Subject: Have Chunked upload jobs bail if cannot associate with session.
X-Git-Tag: 1.31.0-rc.0~19180^2
X-Git-Url: https://git.cyclocoop.org/%7B%24admin_url%7Dcompta/operations/supprimer.php?a=commitdiff_plain;h=4ccdde83dcf3e2376d4520488a2c1ed36db88bf3;p=lhc%2Fweb%2Fwiklou.git

Have Chunked upload jobs bail if cannot associate with session.

Also add docs about how suhosin.session.encrypt tends to break
this (I was thinking about throwing an exception if the setting was
on in RequestContext::importScopedSession, but the docs seem to
indicate that you can tweak how the session is encrypted, so it
sounds like somebody could set up their php so everything worked).

Bug: 48371
Change-Id: I5a471c1f941fce046451fbb9abce1c830185cabb
---

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index f9d280fef0..6447316bc0 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -323,6 +323,9 @@ $wgAllowImageMoving = true;
  * Enable deferred upload tasks that use the job queue.
  * Only enable this if job runners are set up for both the
  * 'AssembleUploadChunks' and 'PublishStashedFile' job types.
+ *
+ * @note If you use suhosin, this setting is incompatible with
+ *   suhosin.session.encrypt.
  */
 $wgEnableAsyncUploads = false;
 
diff --git a/includes/context/RequestContext.php b/includes/context/RequestContext.php
index cb26dcf7a0..b9dbe77e16 100644
--- a/includes/context/RequestContext.php
+++ b/includes/context/RequestContext.php
@@ -417,7 +417,9 @@ class RequestContext implements IContextSource {
 	 * This will setup the session from the given ID. This is useful when
 	 * background scripts inherit context when acting on behalf of a user.
 	 *
-	 * $param array $params Result of RequestContext::exportSession()
+	 * @note suhosin.session.encrypt may interfere with this method.
+	 *
+	 * @param array $params Result of RequestContext::exportSession()
 	 * @return ScopedCallback
 	 * @throws MWException
 	 * @since 1.21
diff --git a/includes/job/jobs/AssembleUploadChunksJob.php b/includes/job/jobs/AssembleUploadChunksJob.php
index 4fe1753cd4..6237e568a4 100644
--- a/includes/job/jobs/AssembleUploadChunksJob.php
+++ b/includes/job/jobs/AssembleUploadChunksJob.php
@@ -42,6 +42,15 @@ class AssembleUploadChunksJob extends Job {
 				return false;
 			}
 
+			if ( count( $_SESSION ) === 0 ) {
+				// Empty session probably indicates that we didn't associate
+				// with the session correctly. Note that being able to load
+				// the user does not necessarily mean the session was loaded.
+				// Most likely cause by suhosin.session.encrypt = On.
+				$this->setLastError( "Error associating with user session. Try setting suhosin.session.encrypt = Off" );
+				return false;
+			}
+
 			UploadBase::setSessionStatus(
 				$this->params['filekey'],
 				array( 'result' => 'Poll', 'stage' => 'assembling', 'status' => Status::newGood() )
diff --git a/includes/job/jobs/PublishStashedFileJob.php b/includes/job/jobs/PublishStashedFileJob.php
index 5114dc0ea2..5a24f93c3c 100644
--- a/includes/job/jobs/PublishStashedFileJob.php
+++ b/includes/job/jobs/PublishStashedFileJob.php
@@ -42,6 +42,16 @@ class PublishStashedFileJob extends Job {
 				return false;
 			}
 
+			if ( count( $_SESSION ) === 0 ) {
+				// Empty session probably indicates that we didn't associate
+				// with the session correctly. Note that being able to load
+				// the user does not necessarily mean the session was loaded.
+				// Most likely cause by suhosin.session.encrypt = On.
+				$this->setLastError( "Error associating with user session. Try setting suhosin.session.encrypt = Off" );
+				return false;
+			}
+
+
 			UploadBase::setSessionStatus(
 				$this->params['filekey'],
 				array( 'result' => 'Poll', 'stage' => 'publish', 'status' => Status::newGood() )