dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
fcdd643
)
SECURITY: Fix User::setToken() call on User::newSystemUser
author
Gergő Tisza
<tgr.huwiki@gmail.com>
Thu, 28 Jan 2016 23:10:00 +0000
(17:10 -0600)
committer
Gergő Tisza
<tgr.huwiki@gmail.com>
Sat, 30 Jan 2016 01:40:21 +0000
(19:40 -0600)
This was supposed to reset the user token but did set it to '1'
because User::setToken accepts bool/string but only treats true
as bool.
Bug: T125161
Change-Id: Ia4196eba92cd4d170a3023db0f540a2972ffad4f
includes/session/SessionManager.php
patch
|
blob
|
history
diff --git
a/includes/session/SessionManager.php
b/includes/session/SessionManager.php
index
0441137
..
6b221fd
100644
(file)
--- a/
includes/session/SessionManager.php
+++ b/
includes/session/SessionManager.php
@@
-539,7
+539,7
@@
final class SessionManager implements SessionManagerInterface {
// Reset the user's token to kill existing sessions
$user = User::newFromName( $username );
if ( $user && $user->getToken( false ) ) {
- $user->setToken(
true
);
+ $user->setToken();
$user->saveSettings();
}