Rather than have separate calls to User::loadDefaults()
every time User::loadFromSession() fails, there is now just
one call in User::load() if loadFromSession() returns false.
This fixes the case where a UserLoadFromSession hook aborts
loading from session, leaving the User object uninitialized.
Change-Id: I8d1a114d7ec361b27b260791f742c473a1497f26
Signed-off-by: Tyler Anthony Romeo <tylerromeo@gmail.com>
$this->loadFromId();
break;
case 'session':
$this->loadFromId();
break;
case 'session':
- $this->loadFromSession();
+ if( !$this->loadFromSession() ) {
+ // Loading from session failed. Load defaults.
+ $this->loadDefaults();
+ }
wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
break;
default:
wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
break;
default:
- * Load user data from the session or login cookie. If there are no valid
- * credentials, initialises the user as an anonymous user.
+ * Load user data from the session or login cookie.
* @return Bool True if the user is logged in, false otherwise.
*/
private function loadFromSession() {
* @return Bool True if the user is logged in, false otherwise.
*/
private function loadFromSession() {
if ( $cookieId !== null ) {
$sId = intval( $cookieId );
if( $sessId !== null && $cookieId != $sessId ) {
if ( $cookieId !== null ) {
$sId = intval( $cookieId );
if( $sessId !== null && $cookieId != $sessId ) {
- $this->loadDefaults(); // Possible collision!
wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
cookie user ID ($sId) don't match!" );
return false;
wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
cookie user ID ($sId) don't match!" );
return false;
} elseif ( $sessId !== null && $sessId != 0 ) {
$sId = $sessId;
} else {
} elseif ( $sessId !== null && $sessId != 0 ) {
$sId = $sessId;
} else {
$sName = $request->getCookie( 'UserName' );
$request->setSessionData( 'wsUserName', $sName );
} else {
$sName = $request->getCookie( 'UserName' );
$request->setSessionData( 'wsUserName', $sName );
} else {
return false;
}
$proposedUser = User::newFromId( $sId );
if ( !$proposedUser->isLoggedIn() ) {
# Not a valid ID
return false;
}
$proposedUser = User::newFromId( $sId );
if ( !$proposedUser->isLoggedIn() ) {
# Not a valid ID
return false;
}
global $wgBlockDisablesLogin;
if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
# User blocked and we've disabled blocked user logins
return false;
}
global $wgBlockDisablesLogin;
if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
# User blocked and we've disabled blocked user logins
$from = 'cookie';
} else {
# No session or persistent login cookie
$from = 'cookie';
} else {
# No session or persistent login cookie
} else {
# Invalid credentials
wfDebug( "User: can't log in from $from, invalid credentials\n" );
} else {
# Invalid credentials
wfDebug( "User: can't log in from $from, invalid credentials\n" );