From 9968910f8c8960d10fee36e56060a61e0ca63a62 Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Sun, 11 Mar 2007 21:44:23 +0000
Subject: [PATCH] r1440: - Fixed a huge bug in
 Authentication::_syncBugdarUser() that would use the authid as the user ID in
 the Bugdar database as the condition when syncing - Only call
 Authenticatoin::clearCookies() in Autthentication::authenticateCookies() if
 the cookie data fails to verify, and not in other cases

---
 includes/auth/auth.php | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/includes/auth/auth.php b/includes/auth/auth.php
index b4d54d7..6326cf3 100644
--- a/includes/auth/auth.php
+++ b/includes/auth/auth.php
@@ -149,16 +149,13 @@ class Authentication
 	{
 		if (!$this->_fetchCookieUniqueId() OR !$this->_fetchCookiePassword())
 		{
-			$this->clearCookies();
 			return false;
 		}
 		
 		$this->authUser = $this->_fetchUserUsingCookies();
-		
 		if (!$this->authUser)
 		{
 			$this->authUser = null;
-			$this->clearCookies();
 			return false;
 		}
 		
@@ -298,7 +295,7 @@ class Authentication
 		$change = false;
 		
 		$user = new UserAPI($this->registry);
-		$user->set('userid', $this->authUser[ $this->fieldMap['authid'] ]);
+		$user->set('userid', $this->bugdarUser['userid']);
 		$user->set_condition();
 		foreach ($fields AS $bugdar => $auth)
 		{
-- 
2.22.5