Currently, the unique way to disable the update of session_page is to pass
"false" to the parameter of session_begin(). This method is directly
called in app.php, so pages served from the routing system can't disable
the update of session informations.
By moving the update to page_footer, we can allow controllers to tell to
the session manager that we don't want to update the session infos.
PHPBB3-14261
As requested events are named *_after
core.session_start_after is moved after
USERS_TABLE update to prevent returning
session data from extensions
PHPBB3-13817
Ticket was changed to add few more session related events
core.session_kill - send user_id and session_id
core.session_gc - just triger event
PHPBB3-13817
* github-marc1706/ticket/12352: (33 commits)
[ticket/12352] Do not check hashes that don't have the necessary length
[ticket/12352] Update file headers to fit new format
[ticket/12352] Use custom provider collection for auth providers
[ticket/12352] Add checks for existing user_pass_convert to migrations
[ticket/12352] Remove usages of user_pass_convert column
[ticket/12352] Update schema json file
[ticket/12352] Remove user_pass_convert column from database
[ticket/12352] Check each newly added passwords driver in manager_test
[ticket/12352] Add get_settings_only method to passwords driver base
[ticket/12352] Add passwords driver for xenforo 1.0, 1.1 passwords
[ticket/12352] Add tests for wcf1 and wcf2 drivers
[ticket/12352] Add driver for woltlab community framework 1 passwords
[ticket/12352] Add driver for woltlab community framework 2 passwords
[ticket/12352] Add missing $ to md5_mybb and md5_vb driver
[ticket/12352] Fix spacing in passwords tests
[ticket/12352] Add passwords driver for vB passwords
[ticket/12352] Use correct hashing method in md5_mybb driver
[ticket/12352] Add driver for myBB md5 passwords
[ticket/12352] Rename phpbb2_md5 driver to fit filenames of other drivers
[ticket/12352] Add passwords driver for sha1 password hashes
...
Using this custom provider collection, we can properly check whether the
configured auth provider does exist. The method get_provider() has been added
for returning the default auth provider or the standard db auth provider if
the specified one does not exist.
Additionally, the method get_provider() will throw an RuntimeException if
none of the above exist.
PHPBB3-12352
This will make sure that we will not encounter a non-existing auth provider.
We will revert to the default db auth provider if the one set in the config
does not exist in our auth provider collection.
PHPBB3-12352
