| Email confirmation page [message #18182] |
Wed, 12 May 2004 21:31  |
Gribnif
Messages: 82
Registered: December 2003
Karma: 0
|
Member |
|
|
I've come across a case where clicking on the email confirmation link won't automatically log the user into the forum.
If the user either has cookies turned off, or if they quit their browser before clicking on the link, then there is no cookie containing a previous session ID.
Note this code in emailconf.php:
if ($usr->users_opt & 2097152) {
header('Location: {FULL_ROOT}{ROOT}' . ($FUD_OPT_2 & 32768 ? '/rc/' : '?t=reg_conf&') . _rsidl);
return;
} else if (!__fud_real_user__) {
$usr->ses_id = user_login($uid, $usr->ses_id, true);
}
check_return($usr->returnto);
At the point this code runs, $usr contains the Guest account, not the user's real account data. So users_opt reflects the wrong user, and the rest of the code acts incorrectly. reg_conf.php also acts incorrectly, if it gets called.
I think that $usr needs to be reset, based on the $uid variable, before anything is done with users_opt. The correct uid also needs to be put into the session data.
|
|
|
|
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]