2 files changed, 31 insertions, 28 deletions
diff --git a/phpBB/phpbb/search/fulltext_sphinx.php b/phpBB/phpbb/search/fulltext_sphinx.php
index 7e3679cef9..eb53ca6d40 100644
--- a/phpBB/phpbb/search/fulltext_sphinx.php
+++ b/phpBB/phpbb/search/fulltext_sphinx.php
@@ -256,8 +256,8 @@ class fulltext_sphinx
 				array('type',						$this->dbtype . ' # mysql or pgsql'),
 				// This config value sql_host needs to be changed incase sphinx and sql are on different servers
 				array('sql_host',					$dbhost . ' # SQL server host sphinx connects to'),
-				array('sql_user',					$dbuser),
-				array('sql_pass',					$dbpasswd),
+				array('sql_user',					'[dbuser]'),
+				array('sql_pass',					'[dbpassword]'),
 				array('sql_db',						$dbname),
 				array('sql_port',					$dbport . ' # optional, default is 3306 for mysql and 5432 for pgsql'),
 				array('sql_query_pre',				'SET NAMES \'utf8\''),
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index da8b848fa5..234842b550 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -577,32 +577,7 @@ class session
 			}
 		}
 
-		$provider_collection = $phpbb_container->get('auth.provider_collection');
-		$provider = $provider_collection->get_provider();
-		$this->data = $provider->autologin();
-
-		if (sizeof($this->data))
-		{
-			$this->cookie_data['k'] = '';
-			$this->cookie_data['u'] = $this->data['user_id'];
-		}
-
-		// If we're presented with an autologin key we'll join against it.
-		// Else if we've been passed a user_id we'll grab data based on that
-		if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
-		{
-			$sql = 'SELECT u.*
-				FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
-				WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
-					AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
-					AND k.user_id = u.user_id
-					AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
-			$result = $db->sql_query($sql);
-			$this->data = $db->sql_fetchrow($result);
-			$db->sql_freeresult($result);
-			$bot = false;
-		}
-		else if ($user_id !== false && !sizeof($this->data))
+		if ($user_id !== false && !sizeof($this->data))
 		{
 			$this->cookie_data['k'] = '';
 			$this->cookie_data['u'] = $user_id;
@@ -616,6 +591,34 @@ class session
 			$db->sql_freeresult($result);
 			$bot = false;
 		}
+		else if (!$bot)
+		{
+            $provider_collection = $phpbb_container->get('auth.provider_collection');
+            $provider = $provider_collection->get_provider();
+            $this->data = $provider->autologin();
+
+            if (sizeof($this->data))
+            {
+                $this->cookie_data['k'] = '';
+                $this->cookie_data['u'] = $this->data['user_id'];
+            }
+
+			// If we're presented with an autologin key we'll join against it.
+			// Else if we've been passed a user_id we'll grab data based on that
+			if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
+			{
+				$sql = 'SELECT u.*
+					FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
+					WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
+						AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
+						AND k.user_id = u.user_id
+						AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
+				$result = $db->sql_query($sql);
+				$this->data = $db->sql_fetchrow($result);
+				$db->sql_freeresult($result);
+				$bot = false;
+			}
+		}
 
 		// Bot user, if they have a SID in the Request URI we need to get rid of it
 		// otherwise they'll index this page with the SID, duplicate content oh my!