Fork me on GitHub
Subscribe 2

Ticket #177 (fixed bug)

1.4.2 sets a bad cookie after registering.

  • Created: 2010-11-05 00:45:02
  • Reported by: Sosukodo
  • Assigned to: Reines
  • Milestone: 1.4.3
  • Component: usability
  • Priority: high

Some of you may have found that the auto-login doesn't happen after registering. This is because on line 160 in register.php:

$new_uid = $db->insert_id();

seems to return an integer in this case.

Comparing 2 cookies:

auto-login after registering:
a:3:{i:1;i:14;i:1;s:32:"8790837b009a5a9dc23ff9f1fb376edf";i:2;i:1288918036;}

normal-login:
a:3:{i:0;s:2:"14";i:1;s:32:"8790837b009a5a9dc23ff9f1fb376edf";i:2;i:1288918147;}

The UID on the invalid (auto-login failure) is an integer while the latter is a string.

Changing line 160 in register.php to:

$new_uid = "".$db->insert_id();

Seems to solve the problem and the auto-login after registration succeeds.

History

Reines 2010-11-08 15:57:08

  • Milestone set to 1.4.3.
  • Owner set to Reines.
  • Priority changed from normal to high.

Thanks for the report, I'll sort this soon and it will be fixed in 1.4.3.

Reines 2010-11-08 16:53:34

Commit 0cc9690 to fluxbb fluxbb-1.4

Explicitly casting the cookie contents to ensure our regex matches correctly when decoding. #177

Reines 2010-11-08 16:55:33

  • Status changed from open to fixed.

Franz 2011-03-09 15:49:19

Commit f233870 to fluxbb fluxbb-1.2

#240: Fix authentication cookie being set incorrectly in some cases.

This is the v1.2.* version of #177.
Reported by dairiki.