credential timeout causes type error, several versions now

Get help from other users here.

Moderators: Developer, Contributor

Post Reply
mushu
Posts: 349
Joined: 04 Jan 2017, 17:41

credential timeout causes type error, several versions now

Post by mushu »

IIS 8.5, Windows Server 2012 R2, mySQLi driver, PHP 5.6, MantisBT 2.7.0

Both manager and administrator only it seems. When you use LDAP authentication for sign-on and allow your session to timeout, then try to click a ticket that is NOT assigned to you already, you get the attached error. If you select a ticket that is already assigned to you, there is no error and it opens fine. When you re-authenticate to Mantis again you can properly select any ticket and do whatever. Perhaps this is a session cookie thing? Or perhaps the program is not checking to ensure you are logged in already when you first select a ticket? It happened in ther 2.6.0 version previously as well, and I didn't report it then because I hoped it was something that would be fixed in the new version...
mbug.jpg
mbug.jpg (122.13 KiB) Viewed 6465 times
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

Re: credential timeout causes type error, several versions n

Post by atrol »

I am pretty sure that changing line 1115 in core/html_api.php
from

Code: Select all

			check_selected( $t_id, $t_default_assign_to );
to

Code: Select all

			check_selected( $t_id, (int)$t_default_assign_to );
fixes the issue.

Can you confirm?
If so, I will ask you for some more changes.
I would like to understand what is happening, as the change is just dealing with symptoms but not the root cause.

BTW, could you use 2.8.0 as the line numbers from current version and your version differ.
Please use Search before posting and read the Manual
mushu
Posts: 349
Joined: 04 Jan 2017, 17:41

Re: credential timeout causes type error, several versions n

Post by mushu »

Thank you, that fixed it!

I will schedule the installation of version 2.8.0 onto our Development server, because this version is running in Production and even my little "fiddling" with it is frowned upon. We can keep this thread open and when I'm done with the DEV upgrade to 2.8.0 and able to duplicate the original error I will post here again so we can continue to debug this issue.
mushu
Posts: 349
Joined: 04 Jan 2017, 17:41

Re: credential timeout causes type error, several versions n

Post by mushu »

Ok, had some time this afternoon so updated our DEV site to MantisBT 2.8.0 and was able to reproduce the error. Attached is a screenshot for your viewing pleasure.
mbt.jpg
mbt.jpg (311.41 KiB) Viewed 6437 times
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

Re: credential timeout causes type error, several versions n

Post by atrol »

Please undo the former change and after that could you check if changing line 1073 in core/html_api.php
from

Code: Select all

		$t_default_assign_to = $t_current_user_id;
to

Code: Select all

		$t_default_assign_to = (int)$t_current_user_id;
fixes the issue?
Please use Search before posting and read the Manual
mushu
Posts: 349
Joined: 04 Jan 2017, 17:41

Re: credential timeout causes type error, several versions n

Post by mushu »

Ok, that also prevents the error. When I remove the integer cast the error returns.
Post Reply