Merge pull request #3040 from nickvergessen/ticket/13138-asc

[3.1] Ticket/13138 Only use cookie data when we do not force a user_id Conflicts: phpBB/phpbb/session.php
2025-07-30 21:40:43 +02:00 · 2014-10-20 22:19:25 +02:00
parent 973dfbf868 dec6c7ea8c
commit 75b6545bc2
3 changed files with 26 additions and 14 deletions
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -593,15 +593,15 @@ class session
 		}
 		else if (!$bot)
 		{
-            $provider_collection = $phpbb_container->get('auth.provider_collection');
-            $provider = $provider_collection->get_provider();
-            $this->data = $provider->autologin();
+			$provider_collection = $phpbb_container->get('auth.provider_collection');
+			$provider = $provider_collection->get_provider();
+			$this->data = $provider->autologin();

-            if (sizeof($this->data))
-            {
-                $this->cookie_data['k'] = '';
-                $this->cookie_data['u'] = $this->data['user_id'];
-            }
+			if (sizeof($this->data))
+			{
+				$this->cookie_data['k'] = '';
+				$this->cookie_data['u'] = $this->data['user_id'];
+			}

 			// If we're presented with an autologin key we'll join against it.
 			// Else if we've been passed a user_id we'll grab data based on that