Code to delete session id on logout is not triggered

Bug #826453 reported by Richard Mansfield
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Fix Released
Low
Eugene

Bug Description

See https://reviews.mahara.org/#change,573

As Brian King noted, there is a bug in the $USER->logout() function that calls table_exists on a string rather than an XMLDBTable object.

What's worse is that this code in logout() doesn't really serve any useful purpose. It is trying to delete a record of the user's session id when the user logs out, but because most of the time ddl.php is not included at this point, it won't be triggered. We should either include ddl.php explicitly, so it succeeds, or else maybe remove that code altogether.

Changed in mahara:
status: New → Confirmed
importance: Undecided → Low
milestone: none → 1.5.0
Changed in mahara:
status: Confirmed → Fix Committed
assignee: nobody → Richard Mansfield (richard-mansfield)
Revision history for this message
Richard Mansfield (richard-mansfield) wrote :

This is not actually fixed, I created this so we don't forget about it before 1.5.

I merged a commit from Brian King into 1.4, but it needs to be fixed on master in a different way. This is the comment from gerrit:

For master I think we should do it differently because currently that entire if statement is pointless: it's trying to delete a record of the user's session id from usr_session on logout, but because ddl is almost never included, it's going to skip it 99% of the time.

Changed in mahara:
status: Fix Committed → Confirmed
assignee: Richard Mansfield (richard-mansfield) → nobody
Eugene (eugenev)
Changed in mahara:
assignee: nobody → Eugene (eugenev)
Revision history for this message
Mahara Bot (dev-mahara) wrote : A change has been merged

Reviewed: https://reviews.mahara.org/651
Committed: http://gitorious.org/mahara/mahara/commit/4cc1cd2492fe8f48976237a43124d56bf1080d8b
Submitter: Hugh Davenport (<email address hidden>)
Branch: master

commit 4cc1cd2492fe8f48976237a43124d56bf1080d8b
Author: Eugene Venter <email address hidden>
Date: Wed Sep 7 14:20:47 2011 +1200

    auth/user.php: logout - fix user session db delete

    Bug #826453

    Change-Id: I1e6c102b67ad0342a1d91494e84f74617722db93
    Signed-off-by: Eugene Venter <email address hidden>

Revision history for this message
François Marier (fmarier) wrote :

Richard, is that fix what you had in mind for master?

Changed in mahara:
status: Confirmed → In Progress
status: In Progress → Fix Committed
Revision history for this message
Richard Mansfield (richard-mansfield) wrote :

Yep, discussed it with Eugene already.

Melissa Draper (melissa)
Changed in mahara:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.