user_save regenerates the session even when current user != edited user. [#169937]

Comment	File	Size	Author
#5	user.module-169937-5_D6.patch	657 bytes	darren oh
#2	user.module.patch	676 bytes	drumm
	sess_regen_current_user.patch	925 bytes	heine

Comment #1

heine commented 9 October 2007 at 16:07

Status:

Active

» Needs review

Log in or register to post comments

Comment #2

drumm

he/him

NY, US

commented 3 December 2008 at 18:26

Version:	5.x-dev	» 7.x-dev
Status:	Needs review	» Reviewed & tested by the community

Status	File	Size
new	user.module.patch	676 bytes

Still applies to 5.x and even 6.x, but needs to be committed to HEAD and backported. Attached is the 6.x version. It is a straightforward update and looks good, so marking RTBC.

Log in or register to post comments

Comment #3

alexanderpas commented 15 December 2008 at 02:11

Priority:

Normal

» Critical

this bug affects all tests that'll try so do something as the root user admin.
this (example) test gives WSOD due to this bug.

class UserRootAdminLoginTestCase extends DrupalWebTestCase {
  function getInfo() {
    return array(
      'name' => t('Login as root admin'),
      'description' => t('Tries to login as root admin.'),
      'group' => t('User')
    );
  }

  /**
   * Try logging in as root administrator
   */
  function testRootAdminLogin() {
    // generate a password for the user
    $password = user_password();
    $root_admin = user_save(user_load(1), array('pass' => $password));

    // Add the raw password so that we can log in as this user.
    $root_admin->pass_raw = $password;

    // login as the root administrator
    $this->drupalLogin($root_admin);
  }
}