Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
drupal
Commits
c5aa55b3
Commit
c5aa55b3
authored
Jan 10, 2008
by
Gábor Hojtsy
Browse files
#204705
by pwolanin: abort user_save on SQL errors, to avoid data corruption
parent
58ad1fb2
Changes
3
Hide whitespace changes
Inline
Side-by-side
modules/comment/comment.module
View file @
c5aa55b3
...
...
@@ -1652,7 +1652,13 @@ function comment_controls_submit($form, &$form_state) {
$comments_per_page
=
$form_state
[
'values'
][
'comments_per_page'
];
if
(
$user
->
uid
)
{
$user
=
user_save
(
$user
,
array
(
'mode'
=>
$mode
,
'sort'
=>
$order
,
'comments_per_page'
=>
$comments_per_page
));
$account
=
user_save
(
$user
,
array
(
'mode'
=>
$mode
,
'sort'
=>
$order
,
'comments_per_page'
=>
$comments_per_page
));
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
return
;
}
$user
=
$account
;
}
else
{
$_SESSION
[
'comment_mode'
]
=
$mode
;
...
...
modules/openid/openid.module
View file @
c5aa55b3
...
...
@@ -393,6 +393,11 @@ function openid_authentication($response) {
else
{
unset
(
$form_state
[
'values'
][
'response'
]);
$account
=
user_save
(
''
,
$form_state
[
'values'
]);
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
drupal_goto
();
}
user_external_login
(
$account
);
}
drupal_redirect_form
(
$form
,
$form_state
[
'redirect'
]);
...
...
modules/user/user.module
View file @
c5aa55b3
...
...
@@ -200,6 +200,9 @@ function user_load($array = array()) {
*
* @param $category
* (optional) The category for storing profile information in.
*
* @return
* A fully-loaded $user object upon successful save or FALSE if the save failed.
*/
function
user_save
(
$account
,
$array
=
array
(),
$category
=
'account'
)
{
// Dynamically compose a SQL query:
...
...
@@ -238,7 +241,11 @@ function user_save($account, $array = array(), $category = 'account') {
$query
.
=
"data = '%s' "
;
$v
[]
=
serialize
(
$data
);
db_query
(
"UPDATE
{
users
}
SET
$query
WHERE uid = %d"
,
array_merge
(
$v
,
array
(
$account
->
uid
)));
$success
=
db_query
(
"UPDATE
{
users
}
SET
$query
WHERE uid = %d"
,
array_merge
(
$v
,
array
(
$account
->
uid
)));
if
(
!
$success
)
{
// The query failed - better to abort the save than risk further data loss.
return
FALSE
;
}
// Reload user roles if provided
if
(
isset
(
$array
[
'roles'
])
&&
is_array
(
$array
[
'roles'
]))
{
...
...
@@ -311,10 +318,15 @@ function user_save($account, $array = array(), $category = 'account') {
break
;
}
}
db_query
(
'INSERT INTO {users} ('
.
implode
(
', '
,
$fields
)
.
') VALUES ('
.
implode
(
', '
,
$s
)
.
')'
,
$values
);
$array
[
'uid'
]
=
db_last_insert_id
(
'users'
,
'uid'
);
$success
=
db_query
(
'INSERT INTO {users} ('
.
implode
(
', '
,
$fields
)
.
') VALUES ('
.
implode
(
', '
,
$s
)
.
')'
,
$values
);
if
(
!
$success
)
{
// On a failed INSERT some other existing user's uid may be returned. We
// must abort to avoid overwirting their account.
return
FALSE
;
}
// Build the initial user object.
$array
[
'uid'
]
=
db_last_insert_id
(
'users'
,
'uid'
);
$user
=
user_load
(
array
(
'uid'
=>
$array
[
'uid'
]));
user_module_invoke
(
'insert'
,
$array
,
$user
,
$category
);
...
...
@@ -1361,7 +1373,13 @@ function user_external_login_register($name, $module) {
if
(
!
isset
(
$user
->
uid
))
{
// Register this new user.
$userinfo
=
array
(
'name'
=>
$name
,
'pass'
=>
user_password
(),
'init'
=>
$name
,
'status'
=>
1
,
"authname_
$module
"
=>
$name
);
$user
=
user_save
(
''
,
$userinfo
);
$account
=
user_save
(
''
,
$userinfo
);
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
return
;
}
$user
=
$account
;
watchdog
(
'user'
,
'New external user: %name using module %module.'
,
array
(
'%name'
=>
$name
,
'%module'
=>
$module
),
WATCHDOG_NOTICE
,
l
(
t
(
'edit'
),
'user/'
.
$user
->
uid
.
'/edit'
));
}
}
...
...
@@ -2207,6 +2225,12 @@ function user_register_submit($form, &$form_state) {
$merge_data
[
'status'
]
=
variable_get
(
'user_register'
,
1
)
==
1
;
}
$account
=
user_save
(
''
,
array_merge
(
$form_state
[
'values'
],
$merge_data
));
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
$form_state
[
'redirect'
]
=
''
;
return
;
}
$form_state
[
'user'
]
=
$account
;
watchdog
(
'user'
,
'New user: %name (%email).'
,
array
(
'%name'
=>
$name
,
'%email'
=>
$mail
),
WATCHDOG_NOTICE
,
l
(
t
(
'edit'
),
'user/'
.
$account
->
uid
.
'/edit'
));
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment