[#9230] - Fix session reset for updates from 3.4.8.
- Closed
- 27 Feb 2016
- Medium
- Build: staging
- # 9230
- Diff
- Harmageddon:update_session_fix
- Pending Human Test Results: 1 Successful 0 Failed. Details
User tests: Successful: Unsuccessful:
Pull Request for Issue #9014 .
Credits for this PR to @zero-24 who investigated this issue and proposed this fix!
Summary of Changes
- Change 1: Restart the session only, if we have no active session.
- Change 2: Inside the "truncateTable" function, the table name is quoted already, so we don't need to quote the argument, which would lead to a double quoted table name and thus to a MySQL error.
Testing Instructions
An update package including this change (modified version of the beta 2 package) can be found here. Please note that the only change included in this package is the one from this PR. So you might encounter other issues which were already fixed since the release of beta2.
Please test this update package (or an own one including these changes) for the following cases:
- Update from 3.4.5 or older versions.
- Expected behavior: You should be logged out, because the session in the old format from 3.4.5 or older has to be deleted and a new session in the new, safer format has to be started.
- Update from 3.4.8
- Expected behavior: You should not be logged out, because you already have a session in the new format.
- Update from beta2
- Expected behavior: Same as for 3.4.8.
@nikosdion As the first change of this PR will mostly affect updates via Akeeba CLI, could you please check if this introduces any issues?
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Category | ⇒ | Authentication Updating |
| Rel_Number | 0 | ⇒ | 9014 |
| Relation Type | ⇒ | Pull Request for |
Session restart under CLI has no effect except, at worst, a warning message. It's fine by me :)
| Status | Pending | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-02-27 14:40:47 |
| Closed_By | ⇒ | wilsonge |
| Milestone |
Added: |
||
Merged - thanks guys for delving into this one!
OK I have bad news for both of you. This breaks updates from 2.5.28 to 3.4. It fatals with
Fatal error: Call to undefined method JSession::isActive() in /path/to/joomla/tmp/install_56d23f3a6c21b/administrator/components/com_admin/script.php on line 1618
Unless you guys can find a solution I'll need to revert this PR :(
@wilsonge i guess you mean 2.5.28 to 3.5?
Therfor we Can try to check with The method: getstate() !== 'active'
Please not revert here an let me check if I'm back to my Computer from Essen.
The Problem as always in that updater Script we have only that methods that are availibary in the former release. So getActive was released in the 3.x. But please let me check this withe the other method.
@zero-24 Or, you could do it backwards- and forwards-compatible:
$activeSession = method_exists($session, 'isActive') ? $session->isActive() : $session->getState() !== 'active';
if (!$activeSession)
{
$session->restart();
}This will allow your code to work also when getState() is removed: IIRC this is what Framework 2.0 has done and that change will get into the Joomla! CMS at some point.
And I still maintain that the source of many upgrade problems is allowing script.php to run inside the context of the old Joomla! version's code base. But I digress. The fix above should work with all versions of Joomla! 2.5 and 3.x.
This will allow your code to work also when getState() is removed: IIRC this is what Framework 2.0 has done and that change will get into the Joomla! CMS at some point.
I just looked into the framework repo (not sure though if I found the right one) and getState is still there and not marked as deprecated: https://github.com/joomla-framework/session/blob/master/Session.php#L202
I have tested this item
successfully on d83e73f
Works good here. I have tested all three steps with success. #jcamp2016
@wilsonge @roland-d please have a look here too as it is a show stopper for 3.5
Thanks @Harmageddon for helping testing and fixing
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9230.