Excelente, thx Roan :)
Please make sure mw:API docs reflect the new behavior.
--yuri
On 11/3/07, Roan Kattouw <roan.kattouw(a)home.nl> wrote:
Yuri Astrakhan schreef:
Is setting session variables directly with the
values provided by a
client is safe? Shouldn't there be some check first? Just a thought,
need to double check.
User::newFromSession() should take care of that. I've tested the patch,
gotten it to work and committed it [1]. In the same commit, I also
removed ApiLogin's sessionID return value, as it didn't really work and
was redundant anyway.
Roan Kattouw
[1]
http://svn.wikimedia.org/viewvc/mediawiki?view=rev&revision=27151
_______________________________________________
Mediawiki-api mailing list
Mediawiki-api(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-api