Permalink
Browse files

Fix regression of issue #10930 in commit 0085bcd

The initial fixes for #10930 and issue #11031 did not take into account
the usage of auth_is_user_authenticated() in multiple locations during
the core bootstrap routines.  By defining and looking for a global flag,
rather than an argument to the function, we fix both the problems and
the regression.
  • Loading branch information...
1 parent cadd14c commit 4dab8016128e6b17d233cda751f2cacc60c64aa3 @jreese jreese committed Dec 17, 2009
Showing with 12 additions and 4 deletions.
  1. +4 −0 core.php
  2. +3 −3 core/authentication_api.php
  3. +5 −1 verify.php
View
@@ -225,6 +225,10 @@ function __autoload( $className ) {
config_set_global( 'default_timezone', date_default_timezone_get(), true );
}
+if ( !isset( $g_login_anonymous ) ) {
+ $g_login_anonymous = true;
+}
+
if( auth_is_user_authenticated() ) {
date_default_timezone_set( user_pref_get_pref( auth_get_current_user_id(), 'timezone' ) );
}
@@ -89,12 +89,12 @@ function auth_ensure_user_authenticated( $p_return_page = '' ) {
* @return bool
* @access public
*/
-function auth_is_user_authenticated( $p_login_anonymous=true ) {
- global $g_cache_cookie_valid;
+function auth_is_user_authenticated() {
+ global $g_cache_cookie_valid, $g_login_anonymous;
if( $g_cache_cookie_valid == true ) {
return $g_cache_cookie_valid;
}
- $g_cache_cookie_valid = auth_is_cookie_valid( auth_get_current_user_cookie( $p_login_anonymous ) );
+ $g_cache_cookie_valid = auth_is_cookie_valid( auth_get_current_user_cookie( $g_login_anonymous ) );
return $g_cache_cookie_valid;
}
View
@@ -21,6 +21,10 @@
* @author Marcello Scata' <marcelloscata at users.sourceforge.net> ITALY
* @link http://www.mantisbt.org
*/
+
+ # don't auto-login when trying to verify new user
+ $g_login_anonymous = false;
+
/**
* MantisBT Core API's
*/
@@ -37,7 +41,7 @@
$f_confirm_hash = gpc_get_string('confirm_hash');
# force logout on the current user if already authenticated
- if( auth_is_user_authenticated( false ) ) {
+ if( auth_is_user_authenticated() ) {
auth_logout();
# reload the page after logout

0 comments on commit 4dab801

Please sign in to comment.