MDL-29862 incorrect wwwroot must be detected before session start

diff --git a/lib/setup.php b/lib/setup.php
index e2faeef..5e7587b 100644 (file)
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -675,6 +675,9 @@ if (isset($_SERVER['PHP_SELF'])) {
     unset($phppos);
 }
 
+// initialise ME's - this must be done BEFORE starting of session!
+initialise_fullme();
+
 // init session prevention flag - this is defined on pages that do not want session
 if (CLI_SCRIPT) {
     // no sessions in CLI scripts possible
@@ -697,10 +700,6 @@ session_get_instance();
 $SESSION = &$_SESSION['SESSION'];
 $USER    = &$_SESSION['USER'];
 
-// initialise ME's
-// This must presently come AFTER $USER has been set up.
-initialise_fullme();
-
 // Late profiling, only happening if early one wasn't started
 if (!empty($CFG->profilingenabled)) {
     require_once($CFG->libdir . '/xhprof/xhprof_moodle.php');

diff --git a/lib/setuplib.php b/lib/setuplib.php
index 9b300c2..f06f6b5 100644 (file)
--- a/lib/setuplib.php
+++ b/lib/setuplib.php
@@ -661,7 +661,7 @@ function initialise_cfg() {
  * setup.php.
  */
 function initialise_fullme() {
-    global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
+    global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT, $USER;
 
     // Detect common config error.
     if (substr($CFG->wwwroot, -1) == '/') {
@@ -715,6 +715,11 @@ function initialise_fullme() {
             if (!defined('NO_MOODLE_COOKIES')) {
                 define('NO_MOODLE_COOKIES', true);
             }
+            if (!isset($USER->id)) {
+                // MDL-27899 workaround
+                $USER = new stdClass();
+                $USER->id = 0;
+            }
             redirect($CFG->wwwroot, get_string('wwwrootmismatch', 'error', $CFG->wwwroot), 3);
         }
     }