[Koha-bugs] [Bug 13779] sessionID declared twice in C4::Auth::checkauth()

Thu Sep 6 02:16:13 CEST 2018

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13779

M. Tompsett <mtompset at hotmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #77099|0                           |1
        is obsolete|                            |

--- Comment #3 from M. Tompsett <mtompset at hotmail.com> ---
Created attachment 78452
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=78452&action=edit
Bug 13779: sessionID declared twice in C4::Auth::checkauth()

The bug is that $sessionID is declared twice in C4::Auth::checkauth().
At the moment, this doesn't actually create a problem, because no
one seems to be using the $sessionID which is returned by checkauth(),
except in the case of opac/external/overdrive/auth.pl which skips
the second declartion as it doesn't require auth.

This patch removes the redefining of the $sessionID variable.

In terms of testing, try logging in with a username and password
and see if it works. The only risk this patch would pose is breaking
auth I would think, since nothing is actually using the return value
from checkauth() for $sessionID.

NOTE:
It was initially defined near the top of the function (~line 791).
I believe the scoping would mean the correct version of $sessionID
would be used in the latter lines for the unset'ing.
I have skimmed code to see if the sessionID return value is used.
I did not test overdrive, as I do not know how. However, this is
the only area, I think this could possibly break. This change makes
sense to me.

QA: Please test overdrive.
opac/external/overdrive/auth.pl only checks if the value is set, so
   this patch might fix/break something there?
opac/svc/overdrive same kind of check.

Signed-off-by: Mark Tompsett <mtompset at hotmail.com>

-- 
You are receiving this mail because:
You are watching all bug changes.