From 5ba1d4ceae6b1fa675c37575b5d59de338911a27 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Thu, 19 Jul 2018 00:49:50 +0200
Subject: [PATCH] Fix handling of already logged-in user in Special:Userlogin

Due to a forgotten return clause, the full request handling
is executed after calling successfulAction() when the user
reloads the login page while logged in. With a typical setup
case this is masked by the fact that successfulAction() does
a redirect (although it probably still impacts performance),
for less common configurations this might result in the login
form rendered below a success message, or in calling extension
hooks which should not be called.

Bug: T185702
Change-Id: If19220c4cf17b08f7e03ca0d06381067f26dda1a
---
 includes/specialpage/LoginSignupSpecialPage.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/includes/specialpage/LoginSignupSpecialPage.php b/includes/specialpage/LoginSignupSpecialPage.php
index d5c889aef0..e94f3db72c 100644
--- a/includes/specialpage/LoginSignupSpecialPage.php
+++ b/includes/specialpage/LoginSignupSpecialPage.php
@@ -265,6 +265,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
 			 $this->getUser()->isLoggedIn()
 		) {
 			$this->successfulAction();
+			return;
 		}
 
 		// If logging in and not on HTTPS, either redirect to it or offer a link.
-- 
2.20.1