Hi, I've noticed that even though I will log out of my account on a recently-installed Wikimedia 1.3.11, it will keep me logged in in at least the main page.
Seems to be same for both IE6 and FireFox 1, so I thought it could be a cookie problem. Then I found what I believe is the issue in Bug 63, here:
http://bugzilla.wikipedia.org/show_bug.cgi?id=63
The bug is marked fixed, but the last post merely says it was fixed in the CVS ("... set cookie with logged in and log out timestamp, then check them when checking If-Modified-Since.").
I was just wondering if someone who is using CVS could fill me in on the code modified, or give me some pointers for how to do it myself. Thank you!
Pieter Konink wrote:
Hi, I've noticed that even though I will log out of my account on a recently-installed Wikimedia 1.3.11, it will keep me logged in in at least the main page.
This doesn't keep you logged in; rather, some pages which were cached while you were logged in will continue to show the cached copies (which have your username in the corner etc).
The bug is marked fixed, but the last post merely says it was fixed in the CVS ("... set cookie with logged in and log out timestamp, then check them when checking If-Modified-Since.").
I was just wondering if someone who is using CVS could fill me in on the code modified, or give me some pointers for how to do it myself. Thank you!
Upgrade to 1.4rc1, which will include the fix.
The specific changes will be iirc in OutputPage.php, User.php, and I think SpecialUserlogin.php. A timestamp cookie is set on logout to invalidate prior cached pages. This may not 'fix' issues like expired sessions or a closed and re-opened browser which circumvent the cookie-setting, though the presence/absense of session cookies may do it anyway; that hasn't been thoroughly tested.
-- brion vibber (brion @ pobox.com)
On Thu, 03 Mar 2005 13:07:10 -0800, Pieter Konink pk@pieterkonink.com wrote:
http://bugzilla.wikipedia.org/show_bug.cgi?id=63
The bug is marked fixed, but the last post merely says it was fixed in the CVS ("... set cookie with logged in and log out timestamp, then check them when checking If-Modified-Since.").
I was just wondering if someone who is using CVS could fill me in on the code modified, or give me some pointers for how to do it myself. Thank you!
I felt like playing with CVS, so I reckon this looks like the edits in question. Don't come crying to me if they don't work, but if you really don't like the idea of upgrading, but really really want this fix, take a look at this diff:
Index: includes/OutputPage.php =================================================================== @@ -110,11 +110,11 @@ # this breaks strtotime(). $modsince = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] ); $ismodsince = wfTimestamp( TS_MW, strtotime( $modsince ) ); wfDebug( "-- client send If-Modified-Since: " . $modsince . "\n", false ); wfDebug( "-- we might send Last-Modified : $lastmod\n", false ); - if( ($ismodsince >= $timestamp ) and $wgUser->validateCache( $ismodsince ) ) { + if( ($ismodsince >= $timestamp ) && $wgUser->validateCache( $ismodsince ) ) { # Make sure you're in a place you can leave when you call us! header( "HTTP/1.0 304 Not Modified" ); $this->mLastModified = $lastmod; $this->sendCacheControl(); wfDebug( "CACHED client: $ismodsince ; user: $wgUser->mTouched ; page: $timestamp\n", false );
Index: includes/User.php =================================================================== @@ -151,11 +151,11 @@ static $n=0; $n++; $fname = 'User::loadDefaults' . $n; wfProfileIn( $fname ); - global $wgContLang, $wgIP; + global $wgContLang, $wgIP, $wgDBname; global $wgNamespacesToBeSearchedDefault;
$this->mId = 0; $this->mNewtalk = -1; $this->mName = $wgIP; @@ -173,13 +173,20 @@ $this->mOptions['searchNs'.$nsnum] = $val; } unset( $this->mSkin ); $this->mDataLoaded = false; $this->mBlockedby = -1; # Unset - $this->mTouched = '0'; # Allow any pages to be cached $this->setToken(); # Random $this->mHash = false; + + if ( isset( $_COOKIE[$wgDBname.'LoggedOut'] ) ) { + $this->mTouched = wfTimestamp( TS_MW, $_COOKIE[$wgDBname.'LoggedOut'] ); + } + else { + $this->mTouched = '0'; # Allow any pages to be cached + } + wfProfileOut( $fname ); }
/** * Used to load user options from a language. @@ -912,10 +919,13 @@
$_SESSION['wsUserID'] = 0;
setcookie( $wgDBname.'UserID', '', time() - 3600, $wgCookiePath, $wgCookieDomain ); setcookie( $wgDBname.'Token', '', time() - 3600, $wgCookiePath, $wgCookieDomain ); + + # Remember when user logged out, to prevent seeing cached pages + setcookie( $wgDBname.'LoggedOut', wfTimestampNow(), time() + 86400, $wgCookiePath, $wgCookieDomain ); }
/** * Save object settings into database */
wikitech-l@lists.wikimedia.org