Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I'm not sure if this is a bug with Devel, just genuinely curious.
If I enable 'Access developer information' for anonymous users and while logged out do dpm($user) in the theme layer (comment-wrapper.tpl.php) I get the following error at the bottom of the page:
Notice: Undefined property: stdClass::$access in _drupal_session_write() (line 213 of /Applications/MAMP/htdocs/includes/session.inc). =>
And if I refresh the page once then I become logged in as User UID 1. On this page refresh (when the dpm actually first appears) the user object has a uid of 1 but only the one role of 'anonymous user'.
print_r($user) does not create this behavior.
Strange?
Comment | File | Size | Author |
---|---|---|---|
#21 | Screen Shot 2016-09-08 at 8.53.28 AM.png | 57.35 KB | frob |
#21 | Screen Shot 2016-09-08 at 8.52.56 AM.png | 26.38 KB | frob |
#9 | devel_krumo_uid1.2366797.9.patch | 543 bytes | salvis |
Comments
Comment #1
Maedi CreditAttribution: Maedi commentedComment #2
Maedi CreditAttribution: Maedi commentedComment #3
Maedi CreditAttribution: Maedi commentedComment #4
frobThis happened on a recent project with us as well. When running dpm on any user object the user came back with a uid = 1.
If we cast the user object as an array uid didn't get set as 1.
If we get the global $user object and then clone the $user object the new cloned object has a uid of 1 if we dpm it.
If you dpm the global $user object, it sets the uid to 1 and you are logged in as user 1.
We are still working on why this might be causing this. This isn't happening on live and the only other change was an update to Drupal core.
Comment #5
frobOne more, visiting the /user/uid/devel path causes the same thing to happen.
Comment #6
cmonnow CreditAttribution: cmonnow commentedWhile I don't have time to check right now, your issues may be related to a very annoying krumo bug.
The krumong module was made to fix that (among other things) - https://www.drupal.org/project/krumong
Comment #7
HydroZ CreditAttribution: HydroZ commentedHey folks,
I got this critical error as well, so I explain the strange behaviour that occurs:
When I use the PHP-Form under /devel/php and enter
it outputs the correct integer of the current user id.
If I want to output the user-object
the user gets always changed to the admin account (uid = 1).
When I use
for example in hook_preprocess_node() the output shows always $node->uid == 1. But if I use
I get the correct user id.
This error is very critical and a security issue because every user can become administrator.
Comment #8
pcambraI'm marking this as a dupe of #1855468: Krumo side effect: Object vars become references so we can have the discussion in one place
Not sure how much of a security hazard this is, you should NOT have dpm() calls in the wild.
Comment #9
salvisI don't think these are related. I can reproduce this with
in the Execute PHP block under PHP 5.5.15 — it seems to be a PHP misbehavior under doubtful circumstances.
Here's a fix for this one.
Comment #10
salvisComment #12
salvisHmm, bash broke my comment. Was supposed to be
Comment #14
Mykola DolynskyiHi everyone.
I have Drupal 7.36 and Devel 7.x-1.5.
My user name has administrator rights.
And if i do
going to /user make all my user info of admin account
Devel permissions are allowed only to Administrator. It is not about anon user
Other tested func
this is also true for kpr()
particularly dargs()
not true (working correctly) for dvm(), dpr(), dvr()
Comment #15
frobHello nop1984,
Have you tried testing this against the dev branch of devel? While this was committed, I do not think it is in 1.5. The 1.5 release is over a year old and this was just committed 8 months ago.
Comment #16
Mykola DolynskyiHi, frob. No i didnot. Wasted more than 5 hours checking all while i understood that is just about dpm().
Now working with client in hurry, no time for experiments.
Comment #17
salvisAlways use the -dev version of Devel, and always update to the latest when you think that something is not working right.
Comment #18
frob@nop1984,
One more thing. It is best to never run dpm in production code.
Comment #19
webgeer CreditAttribution: webgeer commentedI don't think this is fixed. I am having exactly this problem with my dev environment. When I do something like:
var_dump($myobject->uid); // i see my uid is correct
dpm($myobject); // i see uid == 1 ! Not correct
var_dump($myobject->uid); //it is now == 1
This is very difficult to work with.
I've tried it with both 7.x-1.x.dev and 7.x-1.5 both with the same problem.
The version of PHP in my dev environment is PHP/5.5.18
Much time has been wasted trying to figure out why variables are not being set correctly only to determine that it was the debugging that was causing the problem.
If anyone has any ideas how to fix this problem I would appreciate it. In the meantime I have to switch to using dvm() as that does not seem to have the problem.
Comment #20
amit.drupal CreditAttribution: amit.drupal at gai Technologies Pvt Ltd for gai Technologies Pvt Ltd commentedI have Drupal 7.44 and Devel 7.x-1.5.and i am facing same type issues.
Comment #21
frobThere needs to be a new stable release. Right now dev is what has the fix. @amit.drupal notice the release date for 1.5, it was released in 2014 The latest dev is from 2016 and the code that fixed this was committed in 2015. This is fixed in dev.
Everyone please stop reopening old issues. If you have a problem create a new issue and reference the old one.