Tim Starling has submitted this change and it was merged.
Change subject: Deal with garbage user_token values in the DB.
......................................................................
Deal with garbage user_token values in the DB.
Change-Id: I92f1645d4a1cfc4151bd34b566ec3ac05eab427f
---
M includes/User.php
1 file changed, 5 insertions(+), 2 deletions(-)
Approvals:
Tim Starling: Verified; Looks good to me, approved
diff --git a/includes/User.php b/includes/User.php
index ee2635c..ceef238 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -980,10 +980,13 @@
}
if ( $request->getSessionData( 'wsToken' ) ) {
- $passwordCorrect = $proposedUser->getToken( false ) ===
$request->getSessionData( 'wsToken' );
+ $passwordCorrect = ( $proposedUser->getToken( false )
=== $request->getSessionData( 'wsToken' ) );
$from = 'session';
} elseif ( $request->getCookie( 'Token' ) ) {
- $passwordCorrect = $proposedUser->getToken( false ) ===
$request->getCookie( 'Token' );
+ # Get the token from DB/cache and clean it up to remove
garbage padding.
+ # This deals with historical problems with bugs and the
default column value.
+ $token = rtrim( $proposedUser->getToken( false ) ); //
correct token
+ $passwordCorrect = ( strlen( $token ) && $token ===
$request->getCookie( 'Token' ) );
$from = 'cookie';
} else {
# No session or persistent login cookie
--
To view, visit https://gerrit.wikimedia.org/r/51221
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I92f1645d4a1cfc4151bd34b566ec3ac05eab427f
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: wmf/1.21wmf10
Gerrit-Owner: Tim Starling <tstarl...@wikimedia.org>
Gerrit-Reviewer: Aaron Schulz <asch...@wikimedia.org>
Gerrit-Reviewer: Tim Starling <tstarl...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
