Last modified: 2013-04-22 16:16:09 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T41674, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 39674 - User::load() does not account for failure to load from session.
User::load() does not account for failure to load from session.
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
unspecified
All All
: Normal normal (vote)
: ---
Assigned To: Tyler Romeo
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-27 02:23 UTC by Tyler Romeo
Modified: 2013-04-22 16:16 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Tyler Romeo 2012-08-27 02:23:22 UTC 
It seems when a user is loaded from session, but the UserLoadFromSession hook aborts the process (by settings $result to false), User::load() will just not do anything. In other words, when a hook aborts, the User private variables are not initialized, meaning $mId and $mName are still null rather than false. Because of this, MediaWiki thinks the user is logged in and has a blank username, causing an exception to be thrown when the personal URLs are generated in SkinTemplate::loadPersonalUrls(). This occurred using Git master.

Steps to reproduce:
1. Add this function somewhere:
function wfBugTest( $user, &$result ) {
    $result = false;
    return true;
}
2. Add the function into the UserLoadFromSession hook.
3. Try to access the wiki.
Expected Result: User is logged out no matter what.
Actual Result: Exception is thrown (details below).

MediaWiki internal error.

Original exception: exception 'MWException' with message 'SkinTemplate::makeTalkUrlDetails given invalid pagename User:' in /var/www/site/wiki/includes/SkinTemplate.php:727
Stack trace:
#0 /var/www/site/wiki/includes/SkinTemplate.php(654): SkinTemplate->makeTalkUrlDetails('User:')
#1 /var/www/site/wiki/includes/SkinTemplate.php(455): SkinTemplate->buildPersonalUrls()
#2 /var/www/site/wiki/includes/OutputPage.php(1998): SkinTemplate->outputPage()
#3 /var/www/site/wiki/includes/Wiki.php(543): OutputPage->output()
#4 /var/www/site/wiki/includes/Wiki.php(446): MediaWiki->main()
#5 /var/www/site/wiki/index.php(58): MediaWiki->run()
#6 {main}

Exception caught inside exception handler: exception 'MWException' with message 'SkinTemplate::makeTalkUrlDetails given invalid pagename User:' in /var/www/site/wiki/includes/SkinTemplate.php:727
Stack trace:
#0 /var/www/site/wiki/includes/SkinTemplate.php(654): SkinTemplate->makeTalkUrlDetails('User:')
#1 /var/www/site/wiki/includes/SkinTemplate.php(455): SkinTemplate->buildPersonalUrls()
#2 /var/www/site/wiki/includes/OutputPage.php(1998): SkinTemplate->outputPage()
#3 /var/www/site/wiki/includes/Exception.php(227): OutputPage->output()
#4 /var/www/site/wiki/includes/Exception.php(273): MWException->reportHTML()
#5 /var/www/site/wiki/includes/Exception.php(624): MWException->report()
#6 /var/www/site/wiki/includes/Exception.php(705): MWExceptionHandler::report(Object(MWException))
#7 /var/www/site/wiki/includes/Wiki.php(449): MWExceptionHandler::handle(Object(MWException))
#8 /var/www/site/wiki/index.php(58): MediaWiki->run()
#9 {main}
Comment 1 Tyler Romeo 2012-08-27 02:26:54 UTC 
Seems to be because, although User::loadFromSession() calls loadDefaults() almost any time it fails, the one time it doesn't call it is when the hook aborts.
Comment 2 Tyler Romeo 2012-08-27 02:33:49 UTC 
https://gerrit.wikimedia.org/r/21546
Comment 3 Dereckson 2012-08-27 09:23:00 UTC 
[ Bug assigned to code submitter. Priority: normal. ]
Comment 4 Dereckson 2012-08-27 10:45:33 UTC 
Adding catrope as cc, as he reviewed previous login/session MediaWiki core bugs.
Comment 5 Tyler Romeo 2012-09-28 14:02:52 UTC 
Merged in change linked above.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links