MDL-14679

diff --git a/auth/none/auth.php b/auth/none/auth.php
index 8914bba3d865b9f7b80623bd350c151f189c74ae..740d4dd1f57b8bda85570c57f4ebfc990f526f1b 100644 (file)
--- a/auth/none/auth.php
+++ b/auth/none/auth.php
@@ -52,8 +52,8 @@ class auth_plugin_none extends auth_plugin_base {
      *
      * called when the user password is updated.
      *
-     * @param  object  $user        User table object  (with system magic quotes)
-     * @param  string  $newpassword Plaintext password (with system magic quotes)
+     * @param  object  $user        User table object
+     * @param  string  $newpassword Plaintext password
      * @return boolean result
      *
      */

diff --git a/iplookup/index.php b/iplookup/index.php
index 6fd6d86c6470d378c405dcd2c25fb2b9b9a74599..78f3ec0167001a2c819bddfb41b1dda351b294e5 100644 (file)
--- a/iplookup/index.php
+++ b/iplookup/index.php
@@ -52,7 +52,7 @@ if ($match[1] == '127' or $match[1] == '10' or ($match[1] == '172' and $match[2]
 }
 
 if ($user) {
-    if ($user = get_record('user', 'id', $user, 'deleted', 0)) {
+    if ($user = $DB->get_record('user', array('id'=>$user, 'deleted'=>0))) {
         $info[] = fullname($user);
     }
 }

diff --git a/login/change_password.php b/login/change_password.php
index 81ca8dc9be1dc529a04dd5acca7662950ef28b63..cc9a35b8564704052800b644e955a0a166ae1c28 100644 (file)
--- a/login/change_password.php
+++ b/login/change_password.php
@@ -12,7 +12,7 @@
 
     $systemcontext = get_context_instance(CONTEXT_SYSTEM);
 
-    if (!$course = get_record('course', 'id', $id)) {
+    if (!$course = $DB->get_record('course', array('id'=>$id))) {
         print_error('No such course!');
     }
 
@@ -36,7 +36,7 @@
 
     if (is_mnet_remote_user($USER)) {
         $message = get_string('usercannotchangepassword', 'mnet');
-        if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) {
+        if ($idprovider = $DB->get_record('mnet_host', array('id'=>$USER->mnethostid))) {
             $message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
         }
         print_error($message);
@@ -62,9 +62,9 @@
 
     if ($mform->is_cancelled()) {
         redirect($CFG->wwwroot.'/user/view.php?id='.$USER->id.'&course='.$course->id);
-    } else if ($data = $mform->get_data()) {
+    } else if ($data = $mform->get_data(false)) {
 
-        if (!$userauth->user_update_password(addslashes_recursive($USER), $data->newpassword1)) {
+        if (!$userauth->user_update_password($USER, $data->newpassword1)) {
             print_error('errorpasswordupdate', 'auth');
         }
 

diff --git a/login/mnet_email.php b/login/mnet_email.php
index 3181b4e1f4050961431ada149dfa1bb265e4c3b6..53c71657f25ffed3fe01106be66301e9df67735c 100644 (file)
--- a/login/mnet_email.php
+++ b/login/mnet_email.php
@@ -15,8 +15,8 @@ $navigation = build_navigation(array(array('name' => 'MNET ID Provider', 'link'
 print_header('MNET ID Provider', 'MNET ID Provider', $navigation, 'form.email' );
 
 if ($form = data_submitted() and confirm_sesskey()) {
-    if ($user = get_record('user', 'username', $username, 'email', $form->email)) {
-        if (!empty($user->mnethostid) and $host = get_record('mnet_host', 'id', $user->mnethostid)) {
+    if ($user = $DB->get_record('user', array('username'=>$username, 'email'=>$form->email))) {
+        if (!empty($user->mnethostid) and $host = $DB->get_record('mnet_host', array('id'=>$user->mnethostid))) {
             notice("You should be able to login at your <a href=\"{$host->wwwroot}/login/\">{$host->name}</a> provider.");
         }
     }