From ed440c734e45de01183d885e8750c173fc20a726 Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@prodromou.name>
Date: Tue, 9 Dec 2008 12:04:13 -0500
Subject: better error reporting for rememberme cookie handling

rememberme cookies are probably the most complained-about parts of the
system. We use "weak", one-use, low-info cookies that don't allow
changing settings like passwords or email addresses.

This change adds some better error-reporting to the rememberme
function. Hopefully we'll find out if there are other rm problem.

darcs-hash:20081209170413-84dde-6845ae5524d3ee1d1a491548bb22386f11f0e867.gz
---
 lib/util.php | 84 +++++++++++++++++++++++++++++++++++++++++-------------------
 1 file changed, 58 insertions(+), 26 deletions(-)

(limited to 'lib/util.php')

diff --git a/lib/util.php b/lib/util.php
index 259ea7a96..0e0198ee3 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -620,33 +620,65 @@ function common_rememberme($user=NULL) {
 }
 
 function common_remembered_user() {
+
 	$user = NULL;
-	# Try to remember
-	$packed = isset($_COOKIE[REMEMBERME]) ? $_COOKIE[REMEMBERME] : '';
-	if ($packed) {
-		list($id, $code) = explode(':', $packed);
-		if ($id && $code) {
-			$rm = Remember_me::staticGet($code);
-			if ($rm && ($rm->user_id == $id)) {
-				$user = User::staticGet($rm->user_id);
-				if ($user) {
-					# successful!
-					$result = $rm->delete();
-					if (!$result) {
-						common_log_db_error($rm, 'DELETE', __FILE__);
-						$user = NULL;
-					} else {
-						common_log(LOG_INFO, 'logging in ' . $user->nickname . ' using rememberme code ' . $rm->code);
-						common_set_user($user->nickname);
-						common_real_login(false);
-						# We issue a new cookie, so they can log in
-						# automatically again after this session
-						common_rememberme($user);
-					}
-				}
-			}
-		}
-	}
+
+	$packed = isset($_COOKIE[REMEMBERME]) ? $_COOKIE[REMEMBERME] : NULL;
+
+	if (!$packed) {
+        return NULL;
+    }
+
+    list($id, $code) = explode(':', $packed);
+
+    if (!$id || !$code) {
+        common_warning('Malformed rememberme cookie: ' . $packed);
+        common_forgetme();
+        return NULL;
+    }
+
+    $rm = Remember_me::staticGet($code);
+
+    if (!$rm) {
+        common_warning('No such remember code: ' . $code);
+        common_forgetme();
+        return NULL;
+    }
+
+    if ($rm->user_id != $id) {
+        common_warning('Rememberme code for wrong user: ' . $rm->user_id . ' != ' . $id);
+        common_forgetme();
+        return NULL;
+    }
+
+    $user = User::staticGet($rm->user_id);
+
+    if (!$user) {
+        common_warning('No such user for rememberme: ' . $rm->user_id);
+        common_forgetme();
+        return NULL;
+    }
+
+	# successful!
+    $result = $rm->delete();
+
+    if (!$result) {
+        common_log_db_error($rm, 'DELETE', __FILE__);
+        common_warning('Could not delete rememberme: ' . $code);
+        common_forgetme();
+        return NULL;
+    }
+
+    common_log(LOG_INFO, 'logging in ' . $user->nickname . ' using rememberme code ' . $rm->code);
+
+    common_set_user($user->nickname);
+    common_real_login(false);
+
+    # We issue a new cookie, so they can log in
+    # automatically again after this session
+
+    common_rememberme($user);
+
 	return $user;
 }
 
-- 
cgit v1.2.3-54-g00ecf