- Fixes bug #4100: First visit to site results in 'access denied' page.

- Fixed sess_write().
- Removed dead code in index.php.

4 files changed, 11 insertions, 18 deletions

diff --git a/includes/session.inc b/includes/session.inc
index 5b1389a23..1b88ebc9f 100644
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -16,7 +16,14 @@ function sess_close() {
 function sess_read($key) {
   global $user;
 
-  $result = db_query_range("SELECT u.*, s.*, r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '". check_query($key) ."' AND u.status < 3", 0, 1);
+  if ($key) {
+    $result = db_query_range("SELECT u.*, s.*, r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s' AND u.status < 3", $key, 0, 1);
+  }
+
+  if (!db_num_rows($result)) {
+    $result = db_query("SELECT u.*, r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid WHERE u.uid = 0");
+  }
+
   $user = db_fetch_object($result);
   if ($user->data && $data = unserialize($user->data)) {
     foreach ($data as $key => $value) {
@@ -32,7 +39,7 @@ function sess_read($key) {
 function sess_write($key, $value) {
   global $user;
 
-  db_query("UPDATE {sessions} SET uid = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '$key'", $user->uid, $_SERVER["REMOTE_ADDR"], $value, time());
+  db_query("UPDATE {sessions} SET uid = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, $_SERVER["REMOTE_ADDR"], $value, time(), $key);
 
   if (!db_affected_rows()) {
     db_query("INSERT INTO {sessions} (uid, sid, hostname, session, timestamp) values(%d, '%s', '%s', '%s', %d)", $user->uid, $key, $_SERVER["REMOTE_ADDR"], $value, time());
@@ -62,5 +69,4 @@ function sess_gc($lifetime) {
 
 }
 
-
 ?>
\ No newline at end of file
diff --git a/index.php b/index.php
index 6493bdfd0..7c4ea1380 100644
--- a/index.php
+++ b/index.php
@@ -32,13 +32,8 @@ else {
     module_invoke($mod, "page");
   }
   else {
-    if (module_hook(variable_get("site_frontpage", "node"), "page")) {
-      module_invoke(variable_get("site_frontpage", "node"), "page");
-    }
-    else {
-      print theme("header");
-      print theme("footer");
-    }
+    print theme("header");
+    print theme("footer");
   }
 }
 
diff --git a/modules/user.module b/modules/user.module
index 6b7909f6d..3ccfff64d 100644
--- a/modules/user.module
+++ b/modules/user.module
@@ -15,7 +15,6 @@ function user_external_load($authname) {
 }
 
 function user_load($array = array()) {
-
   /*
   ** Dynamically compose a SQL query:
   */
@@ -121,7 +120,6 @@ function user_save($account, $array = array()) {
 }
 
 function user_validate_name($name) {
-
   /*
   ** Verify the syntax of the given name:
   */
@@ -150,7 +148,6 @@ function user_validate_authmap($account, $authname, $module) {
 }
 
 function user_password($length = 10) {
-
   /*
   ** Generate a random alphanumeric password.
   */
@@ -650,7 +647,6 @@ function user_logout() {
   }
 
   drupal_goto(url());
-
 }
 
 function user_pass($edit = array()) {
diff --git a/modules/user/user.module b/modules/user/user.module
index 6b7909f6d..3ccfff64d 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -15,7 +15,6 @@ function user_external_load($authname) {
 }
 
 function user_load($array = array()) {
-
   /*
   ** Dynamically compose a SQL query:
   */
@@ -121,7 +120,6 @@ function user_save($account, $array = array()) {
 }
 
 function user_validate_name($name) {
-
   /*
   ** Verify the syntax of the given name:
   */
@@ -150,7 +148,6 @@ function user_validate_authmap($account, $authname, $module) {
 }
 
 function user_password($length = 10) {
-
   /*
   ** Generate a random alphanumeric password.
   */
@@ -650,7 +647,6 @@ function user_logout() {
   }
 
   drupal_goto(url());
-
 }
 
 function user_pass($edit = array()) {