As of Monday, img_auth no longer works because (guessing) when img_auth checks for user rights via:
$title->userCanRead()
The "user" is always anonymous ("not logged in").
Is it possible that webstart.php used to automatically "log in" the user and make available groups via:
$user->getEffectiveGroups()
But in recent updates, this no longer occurs?
Questions:
1) How would I get it to log in users? 2) Would this present a possible xss issue? 3) Was this inadvertant and can it be safely reversed?
Thanks!
jdpond