Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 2.1.8

Bug #1497 custom Auth_Container data storage broken
Submitted: 2004-05-25 19:06 UTC
From: sine at donkeypunchmedia dot com Assigned:
Status: Bogus Package: Auth_HTTP
PHP Version: 4.3.6 OS: Linux 2.2.20
Roadmaps: (Not assigned)    
Subscription  


 [2004-05-25 19:06 UTC] sine at donkeypunchmedia dot com
Description: ------------ When $this->_auth_obj->setAuthData() is called from within a custom Auth_Container class by a parent Auth_HTTP class the authData is stored under the session variable '_authsession' during authentication. After authentication the internal session variable is moved to '_authttp'.md5(realm) but the previously stored session data is not copied to the new session variable. Reproduce code: --------------- http://www.theduckets.com/auth_http_container_bug.tar.gz Expected result: ---------------- test1 and test2 were inserted into authData during authentication. they are no longer accessible. test1 = test data1 test2 = test data2 Adding test3 and test2 to the authData. Test3 and test4 are still accessible. test3 = test data3 test4 = test data4 Actual result: -------------- test1 and test2 were inserted into authData during authentication. they are no longer accessible. test1 = test2 = Adding test3 and test2 to the authData. Test3 and test4 are still accessible. test3 = test data3 test4 = test data4

Comments

 [2004-05-25 20:03 UTC] sine at donkeypunchmedia dot com
You can workaround this by by inserting the follow line in Auth/HTTP.php at line 183 182:$this->Auth($storageDriver, $options); 183:$this->storage->_auth_obj->_sessionName =& $this->_sessionName; 184:}
 [2004-05-26 11:12 UTC] User who submitted this comment has not confirmed identity
If you submitted this note, check your email.If you do not have a message, click here to re-send
MANUAL CONFIRMATION IS NOT POSSIBLE.  Write a message to pear-dev@lists.php.net
to request the confirmation link.  All bugs/comments/patches associated with this

email address will be deleted within 48 hours if the account request is not confirmed!
 [2004-05-26 11:36 UTC] User who submitted this comment has not confirmed identity
If you submitted this note, check your email.If you do not have a message, click here to re-send
MANUAL CONFIRMATION IS NOT POSSIBLE.  Write a message to pear-dev@lists.php.net
to request the confirmation link.  All bugs/comments/patches associated with this

email address will be deleted within 48 hours if the account request is not confirmed!
 [2004-06-23 23:21 UTC] User who submitted this comment has not confirmed identity
If you submitted this note, check your email.If you do not have a message, click here to re-send
MANUAL CONFIRMATION IS NOT POSSIBLE.  Write a message to pear-dev@lists.php.net
to request the confirmation link.  All bugs/comments/patches associated with this

email address will be deleted within 48 hours if the account request is not confirmed!
 [2005-02-26 21:43 UTC] pear at sapphire dot no
This problem also affects scripts that uses DB as container. None of my PHP applications that uses AUTH_HTTP works anymore after updating from Auth_HTTP 2.0 to 2.1.4. The data of the additional fields that I want returned from getAuthData is gone. After testing different CVS versions betveen release 2.0 and 2.1.4, the last CVS version that this worked was 1.13. In version 1.14, there was new code in assignData that changes the session name. Since DB uses $this->storage->_auth_obj->_sessionName to find the session name to store the data in, it looks like you have to do as the second comment describes: "Set $this->storage->_auth_obj->_sessionName" too.