All session attributes are deleted when user logs in first time
|Reported by:||stoecker||Owned by:||hasienda|
|Cc:||rjollos, stuge||Trac Release:||0.12|
When a new users is created and "verify_email" is false, the entry in "session" is defined as not authenticated:
select * from session where sid == 'zzzt'; zzzt|0|0
When user logs in, the data for username and email is no longer there. When data is entered again, then session structure gets a new entry, which seems dangerous to me:
select * from session where sid == 'zzzt'; zzzt|0|0 zzzt|1|1318262166
Afterwards it seems to work, but I expect trouble.
- After login username/mail data gets lots (but is in database)
- After changes there are two entries in session structure, which may break dataset (sid should be unique).
I get broken database from time to time and I assume this may be the reason for this.
Installed version: TracAccountManager-0.4dev_r10747
Change History (19)
comment:6 in reply to: ↑ description Changed 3 years ago by hasienda
- Priority changed from highest to high
comment:15 Changed 3 years ago by peter@…
- Cc peter@… added
- Summary changed from New user creation broken without verification turned on to All session attributes are deleted when user logs in first time