View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0008630 | mantisbt | authentication | public | 2007-12-01 07:36 | 2007-12-01 07:36 |
Reporter | javierpb | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | N/A |
Status | new | Resolution | open | ||
Product Version | 1.0.8 | ||||
Summary | 0008630: Inconsistency on authentication_api.php | ||||
Description | In the authentication api there are two functions that perform quite similar actions: auth_is_cookie_valid and auth_get_current_user_id. The first one returns true if only one match is found on the DB for the cookie, but the second only checks for zero matches, thus continuing if multiple matches are found (and probably producing later an error if this happens). Without direct modification of tables, it is probably not possible to have duplicated cookie strings stored on database, but this is a bug (quite minor) anyway. | ||||
Tags | No tags attached. | ||||