All session attributes are deleted when user logs in first time
|Reported by:||Dirk Stöcker||Owned by:||Steffen Hoffmann|
|Cc:||Ryan J Ollos, stuge||Trac Release:||0.12|
When a new users is created and "verify_email" is false, the entry in "session" is defined as not authenticated:
select * from session where sid == 'zzzt'; zzzt|0|0
When user logs in, the data for username and email is no longer there. When data is entered again, then session structure gets a new entry, which seems dangerous to me:
select * from session where sid == 'zzzt'; zzzt|0|0 zzzt|1|1318262166
Afterwards it seems to work, but I expect trouble.
- After login username/mail data gets lots (but is in database)
- After changes there are two entries in session structure, which may break dataset (sid should be unique).
I get broken database from time to time and I assume this may be the reason for this.
Installed version: TracAccountManager-0.4dev_r10747
Change History (19)
comment:15 Changed 5 years ago by
|Summary:||New user creation broken without verification turned on → All session attributes are deleted when user logs in first time|