Download & Extend
SMFforum Integration module » Issues

Needs to call hook_user with login...

Posted by sethcohn on January 27, 2010 at 11:03pm
Project:SMFforum Integration module
Version:6.x-1.x-dev
Component:Code
Category:bug report
Priority:critical
Assigned:Unassigned
Status:needs review

Issue Summary

In tracking down a problem where smfforum is being used with ubercart, I think I've found the source of a lot of the weird login problems people have been having: Missing the hook_user call for 'login'.

To compare what happens 'normally' with login:

The very last thing a normal login does is call user_authenticate_finalize

<?php
function user_authenticate_finalize(&$edit) {
  global $user;
  watchdog('user', 'Session opened for %name.', array('%name' => $user->name));
  // Update the user table timestamp noting user has logged in.
  // This is also used to invalidate one-time login links.
  $user->login = time();
  db_query("UPDATE {users} SET login = %d WHERE uid = %d", $user->login, $user->uid);

  // Regenerate the session ID to prevent against session fixation attacks.
  sess_regenerate();
  user_module_invoke('login', $edit, $user);
}
?>

Compare to:

<?php
function _smfforum_drupal_login() {
  global $smf_user_info, $user;

//snipped for comparison

    $user = $account;
    _smfforum_watchdog('Session opened for %name.', array('%name' => $user->name));
    // Update the user table timestamp noting user has logged in.
    db_query("UPDATE {users} SET login = %d WHERE uid = %d", time(), $user->uid);
    sess_regenerate();
    variable_set('smfforum_user_login', 1);
    // Update changed user settings
    smfforum_update_user('login2', SMF_SYNC_TO_DRUPAL, $account, '', '', $account->mail);

// end snip
?>

The missing bit:

  user_module_invoke('login', $edit, $user);

This is critical for allowing other modules to do housekeeping that needs to happen on login, for example, allowing ubercart to save the cart id that the anonymous user had, by giving it to the newly logged in user. Without that call to allow other modules, weird things happen, like lost carts, login actions never getting triggered, drupal not realizing you're logged in and logging you in twice (or waiting till the next page load to log you in, and give you messages) etc.

Adding in a hook_user call for login _should_ fix the problem (untested as of right now):

module_invoke_all('user', 'login', NULL, $user);

I'll follow up if this fixes my lost cart issue(s), and post a patch.

Login or register to post comments

Comments

#1

Posted by vb on January 28, 2010 at 8:44am

Thanks, i am waiting your test.
May be it would be better to do this way?

$edit['name'] = $username;
user_module_invoke('login', $edit, $user);

#2

Posted by sethcohn on January 29, 2010 at 4:39pm

This works as desired, didn't solve all of my problems due to particulars on the site(s) in question (syncing multiple Drupal installs with one SMF), but your 2 lines above do seem to work, and certainly are needed in some cases, so I'd suggest they be added.