http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12954
--- Comment #13 from M. Tompsett <[email protected]> --- Comment on attachment 34551 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=34551 Bug 12954 - Questionable logic regarding session handling in C4::Auth::checkauth() Review of attachment 34551: --> (http://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=12954&attachment=34551) ----------------------------------------------------------------- ::: C4/Auth.pm @@ +1060,5 @@ > + if ($session) { > + $session->delete(); > + $session->flush; > + } > + C4::Context->_unset_userenv($sessionID) if $sessionID; I'm not sure moving this outside the if ($userid) check is right. I vaguely recall strangeness with all the 5 test cases that I recommended when I was testing a custom authentication for our organization in terms of setting of userid and return and sessionID. I haven't tried this, but this code change seems wrong to me. I'll possibly attempt later. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
