Repeatable: Always
Steps to repeat:
1. Log out of any Drupal 7.x package
2. Try to navigate to an invalid one-time login URL, e.g. yoursite.com/user/reset/{non-existing-uid}/1209839/asdfasdfasdf
Expected Results:
Some information (e.g. a Drupal Message and/or an Access Denied Page) about invalid request.
Actual Results:
An Access Denied Page AND another page render with, most of the times, a somewhat broken CSS-layout decorated with the following Drupal error message:
Warning: Cannot modify header information - headers already sent by (output started at {drupal-root-dir}/includes/common.inc:2613) in drupal_send_headers() (line 1243 of {my-drupal-root-dir}/includes/bootstrap.inc).
Comments
Comment #1
androidi commentedThis can be fixed by checking the return value of user_load_multiple() call in modules/user/user.pages.inc at row 121, e.g. by adding a check after the call:
Comment #1.0
androidi commentedFixed a typo and quoted the Drupal warning message.
Comment #2
aditya.ghan commentedHi androidi,
I believe this issue is fixed long time back.
I'm not able to reproduce this issue on the latest drupal 7 or in Drupal-7.19
COuld you please close this issue?
Comment #3
cilefen commented