Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update 8.0.0.sql to fix admin lockout bug #584

Closed
wants to merge 3 commits into from
Closed

Update 8.0.0.sql to fix admin lockout bug #584

wants to merge 3 commits into from

Conversation

mrkalchemy
Copy link

@mrkalchemy mrkalchemy commented May 25, 2023
edited

Questions Answers
Description? Added SQL UPDATE statements to upgrade process to fix problem cause by missing default values for new date columns in session tables. If MariaDB or MySQL is configured to allow zero dates admin users will be locked out of the backoffice interface unless they manually delete cookies.
Type? bug fix
BC breaks? no
Deprecations? no
Fixed ticket? Fixes #PrestaShop/PrestaShop#32709
Sponsor company -
How to test? Upgrading a 1.7.8.9 install to 8.0.0+ should not lockout backoffice user.

@mrkalchemy mrkalchemy mentioned this pull request May 26, 2023
Closed
2 tasks
0x346e3730
0x346e3730 previously approved these changes May 30, 2023
View reviewed changes
Copy link
Member

@0x346e3730 0x346e3730 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @mrkalchemy and thank you for your contribution !

I've rebased your PR with the dev branch to include this fix that was recently merged, otherwise the CI was red.

nicosomb
nicosomb previously approved these changes May 30, 2023
View reviewed changes
@hibatallahAouadni
Copy link

Hello @mrkalchemy

Thanks for your PR 🚀
Ping @PrestaShop/prestashop-core-developers can someone please validated the linked issue 🙏
And as the issue will be validated by Dev, this PR can be tested by Dev 😉

Thanks!

@kpodemski kpodemski added this to the 4.16.0 milestone May 31, 2023
@mrkalchemy mrkalchemy dismissed stale reviews from 0x346e3730 and nicosomb via 8010d44 June 1, 2023 13:42
@mrkalchemy
Copy link
Author

I just discovered a problem with my original fix while doing some further testing on a different server. If the server had NO_ZERO_IN_DATE set in the [sql_mode] system variable then the sql would fail to run and not fix the issue. It's a bit of an edge case but may as well fix it now. Now it uses < to check if the date is before the 1970 epoch.

@matks matks removed this from the 4.16.0 milestone Jun 6, 2023
@jolelievre jolelievre added this to the 4.16.0 milestone Jun 6, 2023
@WahbiPS WahbiPS removed this from the 4.16.0 milestone Jun 12, 2023
@mrkalchemy mrkalchemy closed this Jun 13, 2023
@mrkalchemy mrkalchemy deleted the fix-admin-session-bug branch July 25, 2023 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicosomb nicosomb nicosomb left review comments

@0x346e3730 0x346e3730 0x346e3730 left review comments

Assignees
No one assigned
Labels
waiting for dev waiting for QA
Projects
None yet
Milestone
No milestone
8 participants
@mrkalchemy @hibatallahAouadni @nicosomb @0x346e3730 @kpodemski @matks @jolelievre @WahbiPS