Mahara

Code to delete session id on logout is not triggered

Bug #826453 reported by Richard Mansfield on 2011-08-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Mahara	Fix Released	Low	Eugene	Mahara 1.5.0

Bug Description

See https://reviews.mahara.org/#change,573

As Brian King noted, there is a bug in the $USER->logout() function that calls table_exists on a string rather than an XMLDBTable object.

What's worse is that this code in logout() doesn't really serve any useful purpose. It is trying to delete a record of the user's session id when the user logs out, but because most of the time ddl.php is not included at this point, it won't be triggered. We should either include ddl.php explicitly, so it succeeds, or else maybe remove that code altogether.

Richard Mansfield (richard-mansfield) on 2011-08-14

Changed in mahara:
status:	New → Confirmed
importance:	Undecided → Low
milestone:	none → 1.5.0

François Marier (fmarier) on 2011-08-18

Changed in mahara:
status:	Confirmed → Fix Committed
assignee:	nobody → Richard Mansfield (richard-mansfield)

Revision history for this message

Richard Mansfield (richard-mansfield) wrote on 2011-08-18:

This is not actually fixed, I created this so we don't forget about it before 1.5.

I merged a commit from Brian King into 1.4, but it needs to be fixed on master in a different way. This is the comment from gerrit:

For master I think we should do it differently because currently that entire if statement is pointless: it's trying to delete a record of the user's session id from usr_session on logout, but because ddl is almost never included, it's going to skip it 99% of the time.

Changed in mahara:
status:	Fix Committed → Confirmed
assignee:	Richard Mansfield (richard-mansfield) → nobody

Eugene (eugenev) on 2011-09-07

Changed in mahara:
assignee:	nobody → Eugene (eugenev)

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2011-09-08: A change has been merged

Reviewed: https://reviews.mahara.org/651
Committed: http://gitorious.org/mahara/mahara/commit/4cc1cd2492fe8f48976237a43124d56bf1080d8b
Submitter: Hugh Davenport (<email address hidden>)
Branch: master

commit 4cc1cd2492fe8f48976237a43124d56bf1080d8b
Author: Eugene Venter <email address hidden>
Date: Wed Sep 7 14:20:47 2011 +1200

auth/user.php: logout - fix user session db delete

Bug #826453

Change-Id: I1e6c102b67ad0342a1d91494e84f74617722db93
Signed-off-by: Eugene Venter <email address hidden>

Revision history for this message

François Marier (fmarier) wrote on 2011-09-08:

Richard, is that fix what you had in mind for master?

Changed in mahara:
status:	Confirmed → In Progress
status:	In Progress → Fix Committed

Revision history for this message

Richard Mansfield (richard-mansfield) wrote on 2011-09-08:

Yep, discussed it with Eugene already.

Melissa Draper (melissa) on 2012-04-18

Changed in mahara:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.