[koha-commits] main Koha release repository branch 3.14.x updated. v3.14.15-3-g314f469
Git repo owner
gitmaster at git.koha-community.org
Thu Jun 18 09:30:36 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, 3.14.x has been updated
via 314f4696e2612b051968dcb42cf9cc613ad0361c (commit)
from 1eb03a7f81110429bf71561c24b7251e4e4cd9fb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 314f4696e2612b051968dcb42cf9cc613ad0361c
Author: Mason James <mtj at kohaaloha.com>
Date: Thu Apr 9 15:33:02 2015 +1200
Bug 12954: Failed login should retain anonymous session (3.16.x)
A failed login should not leave the user in a half logged authenticated
state, but rather return them to an anonymouse session as per the
pre-login attempt state.
To replicate error:
1. Try to log in with some nonexisting user id or wrong password in the
OPAC
2. Go directly to /opac-user.pl (e.g., enter it in the browser address
bar, or just click on the "Log in" link)
3. Observe a DBI error displayed on the screen
4. You are now in the "deadloop" of sorts (opac/opac-user.pl refuses to
display the login screen, no matter how many times you try to reload
it); to break the deadloop, one needs to:
- remove session cookie from the browser (or cause the session to
expire in some other way - closing browser window would be probably
enough for that)
- remove offending session on the server (from mysql sessions table,
..)
- log in with proper credentials using some other page (like
opac/opac-main.pl right-side panel), which does not involve
opac/opac-user.pl being called without "userid" CGI parameter.
To test:
1. Test as above, the DBI error should no longer be present
2. Check that search history works across failed and sucessful login
attempts
Signed-off-by: Chris Cormack <chris at bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart at biblibre.com>
Signed-off-by: Mason James <mtj at kohaaloha.com>
(cherry picked from commit 7f504acc13a361ba93504917498ae955b82ed430)
Signed-off-by: Fridolin Somers <fridolin.somers at biblibre.com>
-----------------------------------------------------------------------
Summary of changes:
C4/Auth.pm | 2 ++
1 file changed, 2 insertions(+)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list