Wrong implementation of login
andypost - August 14, 2008 - 05:05
| Project: | Site Network |
| Version: | 6.x-1.0 |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
After trying this module on migration from d5 to d6 I got some errors!
1) Because of module validation happens before others (user module validations) it suppose that username is always user@server - it's wrong (some logins are just username) so added check for this situation and change "noticeable" explode
2) After xmlrpc-call $aid is UID so user_external_load($aid) always failed and user_external_login_register happens - so no hook_user(login ) ever happens
Next some fixes in logic
- check for default server and server_only
Suppose there's no need in
<?php
$form_state['#validate'] = array();
$form_state['#submit'] = array();
?>because '_site_network_login_validate' already in validation loop and it's not possible to stop it
I make ...2.patch file with this changes
| Attachment | Size |
|---|---|
| site_network.authentication.inc_.patch | 1.92 KB |
| site_network.authentication.inc2_.patch | 2.4 KB |
#1
Another problem - when registering if profile module enabled
user_external_login_register -> user_save -> profile_save_profile -> _profile_get_fields -> user_access('administer users')
when user is registering there's no global $user variable
* warning: array_fill() [function.array-fill]: Number of elements must be positive in D:\www\docs\rnm\includes\database.inc on line 240.* warning: implode() [function.implode]: Invalid arguments passed in D:\www\docs\rnm\includes\database.inc on line 240.
* warning: array_keys() [function.array-keys]: The first argument should be an array in D:\www\docs\rnm\modules\user\user.module on line 500.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in D:\www\docs\rnm\modules\user\user.module on line 500.
suppose this issue for core...
ups ... fixed in 6.4
#2
Andrey,
thanks again.
1* if explode() cannot find any "@", it will return a simple array. it is faster than doing multiple substr(). $server will be NULL.
2* the external load bug fixed. thanks.
regards,
massa
#3
Massa, trying to use explode and $name[1] brings php notice
(If delimiter contains a value that is not contained in string, then explode() will return an array containing string. )
Better replace
<?php
$name = explode('@', trim($form_state['values']['name']));
$username = $name[0];
$server = $name[1];
// If no server was specified, get the default option if its required
if (empty($server) and variable_get('site_network_client_server', '')) {
$server = variable_get('site_network_client_server', '');
}
?>
With
<?php
$name = explode('@', trim($form_state['values']['name']));
$username = $name[0];
// If no server was specified, get the default option if its required
if (!isset($name[1]) and variable_get('site_network_client_server', '')) {
$server = variable_get('site_network_client_server', '');
}
else {
$server = $name[1];
}
?>
It's more readable and optimized :) and no notices in log
#4
Andrey,
great. commited!
regards,
massa
#5
Automatically closed -- issue fixed for two weeks with no activity.