summaryrefslogtreecommitdiff
path: root/modules/user/user.module
diff options
context:
space:
mode:
Diffstat (limited to 'modules/user/user.module')
-rw-r--r--modules/user/user.module4
1 files changed, 3 insertions, 1 deletions
diff --git a/modules/user/user.module b/modules/user/user.module
index 460d6858e..089f121ab 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -1715,10 +1715,12 @@ function user_authenticate_finalize(&$edit) {
->fields(array('login' => $user->login))
->condition('uid', $user->uid)
->execute();
+
// Regenerate the session ID to prevent against session fixation attacks.
// This is called before hook_user in case one of those functions fails
// or incorrectly does a redirect which would leave the old session in place.
drupal_session_regenerate();
+
user_module_invoke('login', $edit, $user);
}
@@ -2482,7 +2484,7 @@ function user_build_filter_query(SelectQuery $query) {
$filters = user_filters();
// Extend Query with filter conditions.
- foreach ($_SESSION['user_overview_filter'] as $filter) {
+ foreach (isset($_SESSION['user_overview_filter']) ? $_SESSION['user_overview_filter'] : array() as $filter) {
list($key, $value) = $filter;
// This checks to see if this permission filter is an enabled permission for
// the authenticated role. If so, then all users would be listed, and we can
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 10:31:17 +0000