(bug 39674) Fixed loading User from session when hook aborts.

Rather than have separate calls to User::loadDefaults()
every time User::loadFromSession() fails, there is now just
one call in User::load() if loadFromSession() returns false.
This fixes the case where a UserLoadFromSession hook aborts
loading from session, leaving the User object uninitialized.

Change-Id: I8d1a114d7ec361b27b260791f742c473a1497f26
Signed-off-by: Tyler Anthony Romeo <tylerromeo@gmail.com>

diff --git a/includes/User.php b/includes/User.php
index 0a3db4c..d8a7f52 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -286,7 +286,10 @@ class User {
                                $this->loadFromId();
                                break;
                        case 'session':
-                               $this->loadFromSession();
+                               if( !$this->loadFromSession() ) {
+                                       // Loading from session failed. Load defaults.
+                                       $this->loadDefaults();
+                               }
                                wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
                                break;
                        default:
@@ -933,8 +936,7 @@ class User {
        }
 
        /**
-        * Load user data from the session or login cookie. If there are no valid
-        * credentials, initialises the user as an anonymous user.
+        * Load user data from the session or login cookie.
         * @return Bool True if the user is logged in, false otherwise.
         */
        private function loadFromSession() {
@@ -962,7 +964,6 @@ class User {
                if ( $cookieId !== null ) {
                        $sId = intval( $cookieId );
                        if( $sessId !== null && $cookieId != $sessId ) {
-                               $this->loadDefaults(); // Possible collision!
                                wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
                                        cookie user ID ($sId) don't match!" );
                                return false;
@@ -971,7 +972,6 @@ class User {
                } elseif ( $sessId !== null && $sessId != 0 ) {
                        $sId = $sessId;
                } else {
-                       $this->loadDefaults();
                        return false;
                }
 
@@ -981,21 +981,18 @@ class User {
                        $sName = $request->getCookie( 'UserName' );
                        $request->setSessionData( 'wsUserName', $sName );
                } else {
-                       $this->loadDefaults();
                        return false;
                }
 
                $proposedUser = User::newFromId( $sId );
                if ( !$proposedUser->isLoggedIn() ) {
                        # Not a valid ID
-                       $this->loadDefaults();
                        return false;
                }
 
                global $wgBlockDisablesLogin;
                if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
                        # User blocked and we've disabled blocked user logins
-                       $this->loadDefaults();
                        return false;
                }
 
@@ -1007,7 +1004,6 @@ class User {
                        $from = 'cookie';
                } else {
                        # No session or persistent login cookie
-                       $this->loadDefaults();
                        return false;
                }
 
@@ -1019,7 +1015,6 @@ class User {
                } else {
                        # Invalid credentials
                        wfDebug( "User: can't log in from $from, invalid credentials\n" );
-                       $this->loadDefaults();
                        return false;
                }
        }