Use of unhashed sessions will break per-user cache locking

Created on 18 July 2023, almost 2 years ago

Updated 22 August 2023, almost 2 years ago

Problem/Motivation

Drupal 7.98 added caching for session IDs (see https://www.drupal.org/node/3364841 → ) but the tests in ctools_object_cache_test() and ctools_object_cache_test_objects() call the PHP function session_id() to set ctools_object_cache.sid and then join against sessions.sid, which will no longer be the same.

Steps to reproduce

Multiple users will be able to edit Views, WYSIWYG profiles, or page manager pages simultaneously.

Proposed resolution

Use drupal_session_id() instead of session_id() if we are using Drupal >= 7.98 and that function exists, in order to be able to join against the core session table.

Remaining tasks

Write the patch :)

User interface changes

None.

API changes

None.

Data model changes

None.

🐛 Bug report

Status

Needs review

Version

1.0

Component

Code

Created by

🇨🇦Canada mvc Montréal, CA

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @mvc
Comment almost 2 years ago →
🇨🇦Canada mvc Montréal, CA
First commit to issue fork.
Open in Jenkins → Open on Drupal.org →
Core: 7.x + Environment: PHP 8.0 & MySQL 5.7
last update almost 2 years ago
57 pass
@pavel_spn opened merge request.
Comment almost 2 years ago →
Pavel_SPN
Hi there!

I have created MR to fix the issue, please check it.

Best Regards,
Pavel
Status changed to Needs review almost 2 years ago8:53am 22 August 2023
Comment almost 2 years ago →
Pavel_SPN

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024