Thanks for committing this! I'm really glad I could help, and excited to be able to use lg* vars instead of cookies. There's probably more patches where that came from - it's kind of a rush to see code actually submitted.
Eddie On 11/3/07, Roan Kattouw <[EMAIL PROTECTED]> wrote: > Yuri Astrakhan schreef: > > Is setting session variables directly with the values provided by a > > client is safe? Shouldn't there be some check first? Just a thought, > > need to double check. > > > User::newFromSession() should take care of that. I've tested the patch, > gotten it to work and committed it [1]. In the same commit, I also > removed ApiLogin's sessionID return value, as it didn't really work and > was redundant anyway. > > Roan Kattouw > > [1] http://svn.wikimedia.org/viewvc/mediawiki?view=rev&revision=27151 > > _______________________________________________ > Mediawiki-api mailing list > [email protected] > http://lists.wikimedia.org/mailman/listinfo/mediawiki-api > _______________________________________________ Mediawiki-api mailing list [email protected] http://lists.wikimedia.org/mailman/listinfo/mediawiki-api
