From 185721a4988ac2b5e4daf680c286f6466fef987f Mon Sep 17 00:00:00 2001 From: skodak Date: Sat, 31 May 2008 13:57:49 +0000 Subject: [PATCH] MDL-14679 towards /admin/auth conversion --- auth/cas/auth.php | 13 +++++++------ auth/db/auth.php | 12 ++++++------ auth/ldap/auth.php | 12 ++++++------ lib/moodlelib.php | 1 - 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/auth/cas/auth.php b/auth/cas/auth.php index ad7c2109ad..bc6a2015f0 100644 --- a/auth/cas/auth.php +++ b/auth/cas/auth.php @@ -796,7 +796,7 @@ error('fix temporary table code in CAS'); $maxxcount = 100; foreach ($users as $user) { echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id)); - if (!$this->update_user_record(addslashes($user->username), $updatekeys)) { + if (!$this->update_user_record($user->username, $updatekeys)) { echo " - ".get_string('skipped'); } echo "\n"; @@ -880,14 +880,15 @@ error('fix temporary table code in CAS'); * If you don't pass $updatekeys, there is a performance hit and * values removed from LDAP won't be removed from moodle. * - * @param string $username username (with system magic quotes) + * @param string $username username */ function update_user_record($username, $updatekeys = false) { - global $CFG; + global $CFG, $DB; + //just in case check text case $username = trim(moodle_strtolower($username)); // get the current user record - $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id); + $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id)); if (empty($user)) { // trouble error_log("Cannot update non-existent user: ".stripslashes($username)); print_error('auth_dbusernotexist','auth',$username); @@ -908,14 +909,14 @@ error('fix temporary table code in CAS'); } if (!empty($this->config->{'field_updatelocal_' . $key})) { if ($user->{$key} != $value) { // only update if it's changed - set_field('user', $key, addslashes($value), 'id', $userid); + $DB->set_field('user', $key, $value, array('id'=>$userid)); } } } } else { return false; } - return get_record_select('user', "id = $userid AND deleted = 0"); + return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0)); } /** * Bulk insert in SQL's temp table diff --git a/auth/db/auth.php b/auth/db/auth.php index d913a0ed94..cbff82a70e 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -306,7 +306,7 @@ class auth_plugin_db extends auth_plugin_base { foreach ($update_users as $user) { echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id)); - if (!$this->update_user_record(addslashes($user->username), $updatekeys)) { + if (!$this->update_user_record($user->username, $updatekeys)) { echo " - ".get_string('skipped'); } echo "\n"; @@ -451,16 +451,16 @@ class auth_plugin_db extends auth_plugin_base { * If you don't pass $updatekeys, there is a performance hit and * values removed from DB won't be removed from moodle. * - * @param string $username username (with system magic quotes) + * @param string $username username */ function update_user_record($username, $updatekeys=false) { - global $CFG; + global $CFG, $DB; //just in case check text case $username = trim(moodle_strtolower($username)); // get the current user record - $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id); + $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id)); if (empty($user)) { // trouble error_log("Cannot update non-existent user: $username"); print_error('auth_dbusernotexist','auth',$username); @@ -486,12 +486,12 @@ class auth_plugin_db extends auth_plugin_base { if (!empty($this->config->{'field_updatelocal_' . $key})) { if ($user->{$key} != $value) { // only update if it's changed - set_field('user', $key, addslashes($value), 'id', $userid); + $DB->set_field('user', $key, $value, array('id'=>$userid)); } } } } - return get_record_select('user', "id = $userid AND deleted = 0"); + return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0)); } /** diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index 3334e27527..73c38a8954 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -755,7 +755,7 @@ error('fix temporary table code in CAS'); foreach ($users as $user) { echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id)); - if (!$this->update_user_record(addslashes($user->username), $updatekeys)) { + if (!$this->update_user_record($user->username, $updatekeys)) { echo " - ".get_string('skipped'); } echo "\n"; @@ -850,7 +850,7 @@ error('fix temporary table code in CAS'); * If you don't pass $updatekeys, there is a performance hit and * values removed from LDAP won't be removed from moodle. * - * @param string $username username (with system magic quotes) + * @param string $username username */ function update_user_record($username, $updatekeys = false) { global $CFG; @@ -859,9 +859,9 @@ error('fix temporary table code in CAS'); $username = trim(moodle_strtolower($username)); // get the current user record - $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id); + $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id)); if (empty($user)) { // trouble - error_log("Cannot update non-existent user: ".stripslashes($username)); + error_log("Cannot update non-existent user: ".$username); print_error('auth_dbusernotexist','auth','',$username); die; } @@ -885,14 +885,14 @@ error('fix temporary table code in CAS'); if (!empty($this->config->{'field_updatelocal_' . $key})) { if ($user->{$key} != $value) { // only update if it's changed - set_field('user', $key, addslashes($value), 'id', $userid); + $DB->set_field('user', $key, $value, array('id'=>$userid)); } } } } else { return false; } - return get_record_select('user', "id = $userid AND deleted = 0"); + return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0)); } /** diff --git a/lib/moodlelib.php b/lib/moodlelib.php index cc829ff790..d454d76674 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -2884,7 +2884,6 @@ function update_user_record($username, $authplugin) { continue; } if ($confval === 'onlogin') { - $value = addslashes(stripslashes($value)); // Just in case // MDL-4207 Don't overwrite modified user profile values with // empty LDAP values when 'unlocked if empty' is set. The purpose // of the setting 'unlocked if empty' is to allow the user to fill -- 2.39.5