From a44a01aaf3bc95bacf2953759a1e319f31182088 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Tue, 20 Feb 2024 15:12:23 +0100 Subject: [PATCH] Bug 36102: Fix expired session on the login page of the installer (?) I *think* this change fixes a bug when starting the installer with an expired session. I am no longer able to reproduce the problem however. Just skip if it does not make sense. Signed-off-by: Jonathan Druart --- C4/InstallAuth.pm | 37 ++++++++++++++++--------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/C4/InstallAuth.pm b/C4/InstallAuth.pm index 7a01e4829b..7dc0284e32 100644 --- a/C4/InstallAuth.pm +++ b/C4/InstallAuth.pm @@ -245,11 +245,14 @@ sub checkauth { # state variables my $loggedin = 0; my %info; - my ( $userid, $cookie, $sessionID, $flags, $envcookie ); + my ( $userid, $cookie, $flags, $envcookie ); my $logout = $query->param('logout.x'); - if ( $sessionID = $query->cookie("CGISESSID") ) { + + my $sessionID = $query->cookie("CGISESSID"); + my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } ); + + if ( $session ) { C4::Context->_new_userenv($sessionID); - my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } ); if ( $session->param('cardnumber') ) { C4::Context->set_userenv( $session->param('number'), @@ -272,26 +275,18 @@ sub checkauth { $loggedin = 1; $userid = $session->param('cardnumber'); } + } - if ($logout) { - - # voluntary logout the user - C4::Context->_unset_userenv($sessionID); - $sessionID = undef; - $userid = undef; - # Commented out due to its lack of usefulness - # open L, ">>/tmp/sessionlog"; - # my $time = localtime( time() ); - # printf L "%20s from %16s logged out at %30s (manually).\n", $userid, - # $ip, $time; - # close L; - } + if ($logout || !$session) { + # voluntary logout the user + C4::Context->_unset_userenv($sessionID); + $session = Koha::Session->get_session( { storage_method => 'file' } ); } + + $sessionID = $session->id; + unless ($userid) { - my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } ); - $sessionID = $session->id; - $userid = $query->param('login_userid'); - C4::Context->_new_userenv($sessionID); + $userid = $query->param('login_userid'); my $password = $query->param('login_password'); C4::Context->_new_userenv($sessionID); my ( $return, $cardnumber ) = checkpw( $userid, $password ); @@ -393,7 +388,7 @@ sub checkauth { } unless ( $sessionID ) { - my $session = Koha::Session->get_session( { storage_method => 'file' } ); + $session = Koha::Session->get_session( { storage_method => 'file' } ); $sessionID = $session->id; } $template->param( -- 2.39.5