From 9968910f8c8960d10fee36e56060a61e0ca63a62 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sun, 11 Mar 2007 21:44:23 +0000 Subject: [PATCH] r1440: - Fixed a huge bug in Authentication::_syncBugdarUser() that would use the authid as the user ID in the Bugdar database as the condition when syncing - Only call Authenticatoin::clearCookies() in Autthentication::authenticateCookies() if the cookie data fails to verify, and not in other cases --- includes/auth/auth.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/includes/auth/auth.php b/includes/auth/auth.php index b4d54d7..6326cf3 100644 --- a/includes/auth/auth.php +++ b/includes/auth/auth.php @@ -149,16 +149,13 @@ class Authentication { if (!$this->_fetchCookieUniqueId() OR !$this->_fetchCookiePassword()) { - $this->clearCookies(); return false; } $this->authUser = $this->_fetchUserUsingCookies(); - if (!$this->authUser) { $this->authUser = null; - $this->clearCookies(); return false; } @@ -298,7 +295,7 @@ class Authentication $change = false; $user = new UserAPI($this->registry); - $user->set('userid', $this->authUser[ $this->fieldMap['authid'] ]); + $user->set('userid', $this->bugdarUser['userid']); $user->set_condition(); foreach ($fields AS $bugdar => $auth) { -- 2.43.5