Commit 06fe6cae authored by Dries's avatar Dries

- Patch #763048 by catch: critical bug: remove drupal_unpack()() due to namespacing collisions.

parent 906928c1
......@@ -104,7 +104,6 @@ function _drupal_session_read($sid) {
// active user.
if ($user && $user->uid > 0 && $user->status == 1) {
// This is done to unserialize the data member of $user.
$user = drupal_unpack($user);
$user->data = unserialize($user->data);
// Add roles element to $user.
......
......@@ -1597,14 +1597,13 @@ protected function buildQuery($ids, $conditions = array(), $revision_id = FALSE)
$query->addField('n', 'type', 'node_type');
$query->innerJoin('users', 'u', 'base.uid = u.uid');
$query->addField('u', 'name', 'registered_name');
$query->fields('u', array('uid', 'signature', 'picture', 'data'));
$query->fields('u', array('uid', 'signature', 'picture'));
return $query;
}
protected function attachLoad(&$comments, $revision_id = FALSE) {
// Setup standard comment properties.
foreach ($comments as $key => $comment) {
$comment = drupal_unpack($comment);
$comment->name = $comment->uid ? $comment->registered_name : $comment->name;
$comment->new = node_mark($comment->nid, $comment->changed);
$comment->node_type = 'comment_node_' . $comment->node_type;
......
......@@ -61,7 +61,6 @@ function comment_reply($node, $pid = NULL) {
drupal_goto("node/$node->nid");
}
// Display the parent comment
$comment = drupal_unpack($comment);
$comment->node_type = 'comment_node_' . $node->type;
field_attach_load('comment', array($comment->cid => $comment));
$comment->name = $comment->uid ? $comment->registered_name : $comment->name;
......
......@@ -138,7 +138,7 @@ function _contact_personal_tab_access(stdClass $account) {
// If the requested user has disabled their contact form, or this preference
// has not yet been saved, do not allow users to contact them.
if (empty($account->contact)) {
if (empty($account->data['contact'])) {
return FALSE;
}
......@@ -227,7 +227,7 @@ function contact_form_user_profile_form_alter(&$form, &$form_state) {
$form['contact']['contact'] = array(
'#type' => 'checkbox',
'#title' => t('Personal contact form'),
'#default_value' => !empty($account->contact) ? $account->contact : FALSE,
'#default_value' => !empty($account->data['contact']) ? $account->data['contact'] : FALSE,
'#description' => t('Allow other users to contact you via a <a href="@url">personal contact form</a> which keeps your e-mail address hidden. Note that some privileged users such as site administrators are still able to contact you even if you choose to disable this feature.', array('@url' => url("user/$account->uid/contact"))),
);
}
......
......@@ -238,10 +238,6 @@ function attachLoad(&$queried_users, $revision_id = FALSE) {
$picture_fids = array();
foreach ($queried_users as $key => $record) {
$picture_fids[] = $record->picture;
$queried_users[$key] = drupal_unpack($record);
// As well as unpacking $user->data, also convert the property to an
// unserialized array. This ensures we can always safely reserialize it
// in user_save().
$queried_users[$key]->data = unserialize($record->data);
$queried_users[$key]->roles = array();
if ($record->uid) {
......
......@@ -495,13 +495,13 @@ function user_cancel_confirm($account, $timestamp = 0, $hashed_pass = '') {
$current = REQUEST_TIME;
// Basic validation of arguments.
if (isset($account->user_cancel_method) && !empty($timestamp) && !empty($hashed_pass)) {
if (isset($account->data['user_cancel_method']) && !empty($timestamp) && !empty($hashed_pass)) {
// Validate expiration and hashed password/login.
if ($timestamp <= $current && $current - $timestamp < $timeout && $account->uid && $timestamp >= $account->login && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login)) {
$edit = array(
'user_cancel_notify' => isset($account->user_cancel_notify) ? $account->user_cancel_notify : variable_get('user_mail_status_canceled_notify', FALSE),
'user_cancel_notify' => isset($account->data['user_cancel_notify']) ? $account->data['user_cancel_notify'] : variable_get('user_mail_status_canceled_notify', FALSE),
);
user_cancel($edit, $account->uid, $account->user_cancel_method);
user_cancel($edit, $account->uid, $account->data['user_cancel_method']);
// Since user_cancel() is not invoked via Form API, batch processing needs
// to be invoked manually and should redirect to the front page after
// completion.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment