Commit 75512ae3 authored by Dries's avatar Dries

- Fixed the update path of user_save().  Patch by Gerhard. Tnx.
parent 3833e4de
......@@ -97,22 +97,25 @@ function user_save($account, $array = array()) {
$data = unserialize(db_result(db_query("SELECT data FROM {users} WHERE uid = %d", $account->uid)));
foreach ($array as $key => $value) {
if ($key == "pass") {
$query .= "$key = '". md5($value) ."', ";
$query .= "$key = '%s', ";
$v[] = md5($value);
}
else if (substr($key, 0, 4) !== "auth") {
if (in_array($key, $user_fields)) {
// escape '%'s:
$value = str_replace("%", "%%", $value);
$query .= "$key = '". check_query($value) ."', ";
$query .= "$key = '%s', ";
$v[] = $value;
}
else {
$data[$key] = $value;
}
}
}
$query .= "data = '". check_query(serialize($data)) ."', ";
$query .= "data = '%s', ";
$v[] = serialize($data);
db_query("UPDATE {users} SET $query timestamp = %d WHERE uid = %d", time(), $account->uid);
db_query("UPDATE {users} SET $query timestamp = %d WHERE uid = %d", array_merge($v, array(time(), $account->uid)));
$user = user_load(array("uid" => $account->uid));
}
......
......@@ -97,22 +97,25 @@ function user_save($account, $array = array()) {
$data = unserialize(db_result(db_query("SELECT data FROM {users} WHERE uid = %d", $account->uid)));
foreach ($array as $key => $value) {
if ($key == "pass") {
$query .= "$key = '". md5($value) ."', ";
$query .= "$key = '%s', ";
$v[] = md5($value);
}
else if (substr($key, 0, 4) !== "auth") {
if (in_array($key, $user_fields)) {
// escape '%'s:
$value = str_replace("%", "%%", $value);
$query .= "$key = '". check_query($value) ."', ";
$query .= "$key = '%s', ";
$v[] = $value;
}
else {
$data[$key] = $value;
}
}
}
$query .= "data = '". check_query(serialize($data)) ."', ";
$query .= "data = '%s', ";
$v[] = serialize($data);
db_query("UPDATE {users} SET $query timestamp = %d WHERE uid = %d", time(), $account->uid);
db_query("UPDATE {users} SET $query timestamp = %d WHERE uid = %d", array_merge($v, array(time(), $account->uid)));
$user = user_load(array("uid" => $account->uid));
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment