or use a drupal_set_message inside user access, possibly a dsm(debug_backtrace()) if you're patient..<br><br><div class="gmail_quote">On Fri, Oct 31, 2008 at 12:27 AM, David Metzler <span dir="ltr"><<a href="mailto:metzlerd@metzlerd.com">metzlerd@metzlerd.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div style="">
It sounds like you're suggesting that $perm, a static variable within user_access() is being modified without user_access being called, but within a single page load. That doesn't seem possible in PHP, unless there is a PHP bug. Static variables are supposed to be local in scope to the functions that create them. To prove beyond a shadow of doubt, put a $debug statement in at the very beginning of the function user_access and another at the very end of the function. (just before the return). If what you're saying is true, there will be evidence in the "begin" value being different than the "end" value prior to it. <div>
<br><div>What I suspect is that another module is calling user_access, (perhaps with a different user, or modified roles in between) in between. If you serialize the $user and $perm variables within user_access, you ought to be able to tell. Myself I'd be greping for calls in the modules you suspect. </div>
<div><br></div><div>Dave<br><div><div>On Oct 30, 2008, at 10:32 AM, Ron Parker wrote:</div><br><blockquote type="cite"><span style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><div style="font-family: Arial; font-size: 10pt; color: rgb(0, 0, 0);">
<div style="margin: 0px;">The static<span> </span><span style="font-weight: bold;">$perm</span><span> </span>variable in<span> </span><span style="font-weight: bold;">user_access()</span><span> </span>contains the permissions that users have. When<span> </span><code><span style="font-family: arial,helvetica,sans-serif;"><span style="font-weight: bold;">user_access('ClearCache', NULL, TRUE)</span><span> </span>is executed, the static<span> </span><span style="font-weight: bold;">$perm</span><span> </span>value is emptied and re-filled with permissions from the current roles in the<span> </span><span style="font-weight: bold;">$user</span><span> </span>object. Theorectically, when<span> </span><span style="font-weight: bold;">user_access()</span><span> </span>is next called, assuming the $<span style="font-weight: bold;">user</span><span> </span>object contains the same roles, the<span style="font-weight: bold;">$perm</span><span> </span>variable should contain the same permissions which were cached in the first call. This is what happened in Drupal 5.x and the earlier versions of 6.x. This is NOT happening (at least consistently) in the most recent versions of the<span> </span><span style="font-weight: bold;">user.module</span>.</span><br>
</code></div><div style="margin: 0px;"><code><br></code></div><div style="margin: 0px;">I've written a bunch of debug code in the<span> </span><span style="font-weight: bold;">user, node<span> </span></span>and<span> </span><span style="font-weight: bold;">ogur<span> </span></span>modules and now have more details. I am printing the output of<span> </span><span style="font-weight: bold;">user_access</span>() every time it is called.</div>
<div style="margin: 0px;"><br></div><div style="margin: 0px;">When I issue:<br></div><div><code>user_access('ClearCache', NULL, TRUE)</code></div><br>Static<span> </span><span style="font-weight: bold;">$perm</span><span> </span>variable is cleared and re-filled with permissions from current<span> </span><span style="font-weight: bold;">$user</span><span> </span>object. This is correct.<div style="margin: 0px;">
<br></div><div style="margin: 0px;">When<span> </span><span style="font-weight: bold;">module_invoke</span>() is immediately executed next:<br></div><div><code>module_invoke('node_content', 'access', 'create', 'story', $user)</code></div>
<br>It will now make another call to<span> </span><span style="font-weight: bold;">user_access()</span>:<br><div><code>user_access('create story content', $user)</code></div><br>The<span> </span><span style="font-weight: bold;">$user</span><span> </span>object still contains the same roles. The<span> </span><span style="font-weight: bold;">$perm</span><span> </span>variable now contains values. This is correct. But the values in<span style="font-weight: bold;"><span> </span>$perm</span><span> </span>are NOT the same as those inserted during the<span style="font-weight: bold;">ClearCache</span><span> </span>call above! They have changed, and NOT from the<span> </span><span style="font-weight: bold;">user_access()</span><span> </span>function (which I am monitoring)! So the question is: Why has this<span> </span><span style="font-weight: bold;">$perm</span><span> </span>value changed?<div style="margin: 0px;">
<br></div><div style="margin: 0px;">So far, I've found this behaviour occurs with OGUR when one of the following modules is installed:</div><ul><li>taxonomy_access</li><li>tac_lite</li><li>menu_breadcrumb</li><li>admin_menu</li>
</ul><div style="margin: 0px;">I so far am unable to discover what it is about these modules which is causing this problem. This did not occur in 5.x and earlier 6.x versions of Drupal.<span> </span><br></div><div style="margin: 0px;">
<br></div><div style="margin: 0px;">Please, please, please help!</div><div style="margin: 0px;"><br></div><div style="margin: 0px;">-ron<br></div><div style="margin: 0px;"><br></div></div></span><br></blockquote></div><br>
</div></div></div></blockquote></div><br>