Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi,
I think the logic in the xmlsitemap_switch_user is not quite correct, resulting in the global $user object being overwritten. It occurs only if uid==0 and xmlsitemap_switch_user(0) is called, which is the case eg. on cron run in the xmlsitemap_menu submodule.
Patch attached.
Comment | File | Size | Author |
---|---|---|---|
switch_user.patch | 452 bytes | digi24 | |
Comments
Comment #1
Dave ReidYes that definitely is a big problem, sorry about that. At least the proper user object is restored in the end and it doesn't affect the rest of the request. Guess I took the work done in #287292: Add functionality to impersonate a user for granted. Looked deeper into the function and saw a few more problems so I'm on this.
Comment #2
Dave ReidCommitted the fix to the function logic and cleaned up the half-assed tests for that function so it's completely tested now. Thanks!
CVS commit and changes: http://drupal.org/cvs?commit=270628