Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
D
drupal
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Custom Issue Tracker
Custom Issue Tracker
Labels
Merge Requests
229
Merge Requests
229
Requirements
Requirements
List
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Analytics
Analytics
Code Review
Insights
Issue
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
project
drupal
Commits
c5aa55b3
Commit
c5aa55b3
authored
Jan 10, 2008
by
Gábor Hojtsy
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
#204705
by pwolanin: abort user_save on SQL errors, to avoid data corruption
parent
58ad1fb2
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
41 additions
and
6 deletions
+41
-6
modules/comment/comment.module
modules/comment/comment.module
+7
-1
modules/openid/openid.module
modules/openid/openid.module
+5
-0
modules/user/user.module
modules/user/user.module
+29
-5
No files found.
modules/comment/comment.module
View file @
c5aa55b3
...
...
@@ -1652,7 +1652,13 @@ function comment_controls_submit($form, &$form_state) {
$comments_per_page
=
$form_state
[
'values'
][
'comments_per_page'
];
if
(
$user
->
uid
)
{
$user
=
user_save
(
$user
,
array
(
'mode'
=>
$mode
,
'sort'
=>
$order
,
'comments_per_page'
=>
$comments_per_page
));
$account
=
user_save
(
$user
,
array
(
'mode'
=>
$mode
,
'sort'
=>
$order
,
'comments_per_page'
=>
$comments_per_page
));
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
return
;
}
$user
=
$account
;
}
else
{
$_SESSION
[
'comment_mode'
]
=
$mode
;
...
...
modules/openid/openid.module
View file @
c5aa55b3
...
...
@@ -393,6 +393,11 @@ function openid_authentication($response) {
else
{
unset
(
$form_state
[
'values'
][
'response'
]);
$account
=
user_save
(
''
,
$form_state
[
'values'
]);
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
drupal_goto
();
}
user_external_login
(
$account
);
}
drupal_redirect_form
(
$form
,
$form_state
[
'redirect'
]);
...
...
modules/user/user.module
View file @
c5aa55b3
...
...
@@ -200,6 +200,9 @@ function user_load($array = array()) {
*
* @param $category
* (optional) The category for storing profile information in.
*
* @return
* A fully-loaded $user object upon successful save or FALSE if the save failed.
*/
function
user_save
(
$account
,
$array
=
array
(),
$category
=
'account'
)
{
// Dynamically compose a SQL query:
...
...
@@ -238,7 +241,11 @@ function user_save($account, $array = array(), $category = 'account') {
$query
.
=
"data = '%s' "
;
$v
[]
=
serialize
(
$data
);
db_query
(
"UPDATE
{
users
}
SET
$query
WHERE uid = %d"
,
array_merge
(
$v
,
array
(
$account
->
uid
)));
$success
=
db_query
(
"UPDATE
{
users
}
SET
$query
WHERE uid = %d"
,
array_merge
(
$v
,
array
(
$account
->
uid
)));
if
(
!
$success
)
{
// The query failed - better to abort the save than risk further data loss.
return
FALSE
;
}
// Reload user roles if provided
if
(
isset
(
$array
[
'roles'
])
&&
is_array
(
$array
[
'roles'
]))
{
...
...
@@ -311,10 +318,15 @@ function user_save($account, $array = array(), $category = 'account') {
break
;
}
}
db_query
(
'INSERT INTO {users} ('
.
implode
(
', '
,
$fields
)
.
') VALUES ('
.
implode
(
', '
,
$s
)
.
')'
,
$values
);
$array
[
'uid'
]
=
db_last_insert_id
(
'users'
,
'uid'
);
$success
=
db_query
(
'INSERT INTO {users} ('
.
implode
(
', '
,
$fields
)
.
') VALUES ('
.
implode
(
', '
,
$s
)
.
')'
,
$values
);
if
(
!
$success
)
{
// On a failed INSERT some other existing user's uid may be returned. We
// must abort to avoid overwirting their account.
return
FALSE
;
}
// Build the initial user object.
$array
[
'uid'
]
=
db_last_insert_id
(
'users'
,
'uid'
);
$user
=
user_load
(
array
(
'uid'
=>
$array
[
'uid'
]));
user_module_invoke
(
'insert'
,
$array
,
$user
,
$category
);
...
...
@@ -1361,7 +1373,13 @@ function user_external_login_register($name, $module) {
if
(
!
isset
(
$user
->
uid
))
{
// Register this new user.
$userinfo
=
array
(
'name'
=>
$name
,
'pass'
=>
user_password
(),
'init'
=>
$name
,
'status'
=>
1
,
"authname_
$module
"
=>
$name
);
$user
=
user_save
(
''
,
$userinfo
);
$account
=
user_save
(
''
,
$userinfo
);
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
return
;
}
$user
=
$account
;
watchdog
(
'user'
,
'New external user: %name using module %module.'
,
array
(
'%name'
=>
$name
,
'%module'
=>
$module
),
WATCHDOG_NOTICE
,
l
(
t
(
'edit'
),
'user/'
.
$user
->
uid
.
'/edit'
));
}
}
...
...
@@ -2207,6 +2225,12 @@ function user_register_submit($form, &$form_state) {
$merge_data
[
'status'
]
=
variable_get
(
'user_register'
,
1
)
==
1
;
}
$account
=
user_save
(
''
,
array_merge
(
$form_state
[
'values'
],
$merge_data
));
// Terminate if an error occured during user_save().
if
(
!
$account
)
{
drupal_set_message
(
t
(
"Error saving user account."
),
'error'
);
$form_state
[
'redirect'
]
=
''
;
return
;
}
$form_state
[
'user'
]
=
$account
;
watchdog
(
'user'
,
'New user: %name (%email).'
,
array
(
'%name'
=>
$name
,
'%email'
=>
$mail
),
WATCHDOG_NOTICE
,
l
(
t
(
'edit'
),
'user/'
.
$account
->
uid
.
'/edit'
));
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment