PHP out of memory issue with Force Password Change [#2663704]

I am using the 7.1 branch of Password Policy and came across an issue with the Force Password Change admin feature. Our site has a large number of users (> 1 million records) and so on the Force Password Change page if a user role is chosen that has a large number of users in that role (obviously authenticated user would be large, but we also have age groups e.g. adult or teen and those are also large).

In the admin page form processing code, a query pulls a list of $uids that belong to the selected role. That array of uids is then passed as the value paramteter to a 'uid IN' condition on the password_policy_force_change table to set field force_change to true.

I found that the drupal db_update() call would throw a PHP out of memory error when the size of the array of $uids passed to the db_update() call was too large resulting in a WSOD.

I have written a small patch that chunks the $uids array into (arbitrary number) groups of 50,000 records to process at a time and iterates over each chunk when running the db_update() call. This resulted in the operation succeeding on the admin page w/o any PHP memory issue. Presumably it's Drupal core that when preparing the db_update() call probably runs into a memory limit when the $uids parameter is just too large.

This is a quick patch for us to get past this issue so feel free to alter and to apply to the 7.2 branch as we are not using that for now.

Comment	File	Size	Author
#5	password_policy-php-memory-limit-error-5.patch	949 bytes	AohRveTPV
#5	7.x-1.x: PHP 5.3 & MySQL 5.5, D7 44 pass
#4	password_policy-php-memory-limit-error-4.patch	1.09 KB	AohRveTPV
#4	7.x-1.x: PHP 5.3 & MySQL 5.5, D7 44 pass
	password_policy-php-memory-limit-error.patch	953 bytes	jaydub
	7.x-1.x: PHP 5.3 & MySQL 5.5, D7 44 pass

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

5 February 2016 at 21:40

jaydub created an issue. See original summary.

Comment #2

5 February 2016 at 21:44

Status:

Needs review

» Needs work

The last submitted patch, password_policy-php-memory-limit-error.patch, failed testing.

Comment #3

AohRveTPV CreditAttribution: AohRveTPV commented 6 February 2016 at 06:12

Status:

Needs work

» Needs review

Patch passed testing on re-test. There seems to be a problem, unrelated to this patch, where the testWarningEmails() test method fails intermittently.

Comment #4

AohRveTPV CreditAttribution: AohRveTPV commented 6 February 2016 at 06:23

File	Size
password_policy-php-memory-limit-error-4.patch	1.09 KB
7.x-1.x: PHP 5.3 & MySQL 5.5, D7 44 pass

Changed indentation for consistency with core documentation.

Comment #5

AohRveTPV CreditAttribution: AohRveTPV commented 6 February 2016 at 06:25

File	Size
password_policy-php-memory-limit-error-5.patch	949 bytes
7.x-1.x: PHP 5.3 & MySQL 5.5, D7 44 pass

Removed inadvertent blank line deletion in last patch.

Comment #6

3 February 2016 at 18:06

AohRveTPV committed e50240d on authored by jaydub

Issue #2663704 by AohRveTPV, jaydub: PHP out of memory issue with Force...

Comment #7

AohRveTPV CreditAttribution: AohRveTPV commented 6 February 2016 at 06:35

Version:	7.x-1.x-dev	» 6.x-1.x-dev
Status:	Needs review	» Patch (to be ported)

Thank you.

That is a lot of users your website has! As a warning, if you are using password expiration, you may also experience problems processing a large number of users: #2252541: Expiration cron does not scale for large numbers of users.

The "force password change" feature does not exist in 7.x-2.x. I don't think it exists in 8.x-3.x either, but should check. 6.x-1.x does have it.