- Fixed small performance bug: when a user has no permissions, the query
  in user_access() was not cached.

modules/user.module

@@ -263,7 +263,9 @@ function user_access($string) {
 
   global $user;
   static $perm;
+  static $cache;
 
+  // User #1 has all priveleges:
   if ($user->uid == 1) {
     return 1;
   }
@@ -273,13 +275,20 @@ function user_access($string) {
   ** in a static variable.
   */
 
-  if (!$perm) {
+  if (!$cache) {
     if ($user->uid) {
       $perm = db_result(db_query("SELECT p.perm FROM {role} r, {permission} p WHERE r.rid = p.rid AND name = '%s'", $user->role), 0);
     }
     else {
       $perm = db_result(db_query("SELECT p.perm FROM {role} r, {permission} p WHERE r.rid = p.rid AND name = 'anonymous user'"), 0);
     }
+
+    /*
+    ** We use a separate $cache variable because $perm might be empty when a
+    ** user has no access rights.
+    */
+
+    $cache = 1;
   }
 
   return strstr($perm, $string);

modules/user/user.module

@@ -263,7 +263,9 @@ function user_access($string) {
 
   global $user;
   static $perm;
+  static $cache;
 
+  // User #1 has all priveleges:
   if ($user->uid == 1) {
     return 1;
   }
@@ -273,13 +275,20 @@ function user_access($string) {
   ** in a static variable.
   */
 
-  if (!$perm) {
+  if (!$cache) {
     if ($user->uid) {
       $perm = db_result(db_query("SELECT p.perm FROM {role} r, {permission} p WHERE r.rid = p.rid AND name = '%s'", $user->role), 0);
     }
     else {
       $perm = db_result(db_query("SELECT p.perm FROM {role} r, {permission} p WHERE r.rid = p.rid AND name = 'anonymous user'"), 0);
     }
+
+    /*
+    ** We use a separate $cache variable because $perm might be empty when a
+    ** user has no access rights.
+    */
+
+    $cache = 1;
   }
 
   return strstr($perm, $string);