Commit 0b78886d authored by Nigel McNie's avatar Nigel McNie
Browse files

Improve the robustness of authinstance-in-session handling, to handle an...

Improve the robustness of authinstance-in-session handling, to handle an unduplicatable bug (at least by me).

All users who log in to the system should have a valid authinstance in their session. Apparently however, some don't. I can't narrow down how this happens, but this patch will make sure things don't blow up in this case.
parent fcdaef8b
......@@ -365,8 +365,13 @@ function auth_setup () {
if ($sessionlogouttime && isset($_GET['logout'])) {
// Call the authinstance' logout hook
$authinstance = $SESSION->get('authinstance');
if ($authinstance) {
$authobj = AuthFactory::create($authinstance);
$authobj->logout();
}
else {
log_debug("Strange: user " . $USER->get('username') . " had no authinstance set in their session");
}
$USER->logout();
$SESSION->add_ok_msg(get_string('loggedoutok'));
......@@ -411,6 +416,7 @@ function auth_setup () {
// The session timed out
$authinstance = $SESSION->get('authinstance');
if ($authinstance) {
$authobj = AuthFactory::create($authinstance);
$mnetuser = 0;
......@@ -427,6 +433,10 @@ function auth_setup () {
$SESSION->set('mnetuser', $mnetuser);
$SESSION->set('authinstance', $authinstance);
}
}
else {
log_debug("Strange: user " . $USER->get('username') . " had no authinstance set in their session");
}
if (defined('JSON')) {
json_reply('global', get_string('sessiontimedoutreload'), 1);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment