Commit info for scoop/lib/Scoop/Admin:
Modified Files:
EditUser.pm
Log Message:
Fixed problem where users could truncate their sig, resulting in invalid HTML being saved and displayed. Bug 687891.
Index: EditUser.pm
===================================================================
RCS file: /cvs/scoop/scoop/lib/Scoop/Admin/EditUser.pm,v
retrieving revision 1.129
retrieving revision 1.130
diff -r1.129 -r1.130
726a727,731
> my $max_sig_length = $S->{UI}->{VARS}->{max_sig_length};
> $max_sig_length = 160 unless ($max_sig_length);
> if (length($params{sig}) > $max_sig_length) {
> return "Your sig is too long. Maximum length is $max_sig_length characters";
> }
786c791,805
< my ($rv, $sth) = $S->db_update({
---
> my ($rv, $sth);
> my ($oldsig, $newsig);
>
> if ($params{sig}) {
> #warn "Getting old sig\n";
> ($rv, $sth) = $S->db_select({
> DEBUG => 0,
> WHAT => 'sig',
> FROM => 'users',
> WHERE => qq|uid = $uid|});
> $oldsig = $sth->fetchrow;
> $sth->finish;
> }
>
> ($rv, $sth) = $S->db_update({
796a816,840
>
> if ($params{sig}) {
> #warn "Checking new sig\n";
> ($rv, $sth) = $S->db_select({
> DEBUG => 0,
> WHAT => 'sig',
> FROM => 'users',
> WHERE => qq|uid = $uid|});
> $newsig = $sth->fetchrow;
> $sth->finish;
> $newsig = $S->{DBH}->quote($newsig);
> $oldsig = $S->{DBH}->quote($oldsig);
> #warn "Saved sig : $newsig\n";
> #warn "Submitted sig : $params{sig}\n";
> if ($newsig ne $params{sig}) {
> ($rv, $sth) = $S->db_update({
> DEBUG => 0,
> WHAT => 'users',
> SET => qq|sig = $oldsig|,
> WHERE => qq|uid = $uid|});
> $params{sig} = $oldsig;
> $S->{CGI}->{params}{sig} = $oldsig;
> $sth->finish if ($rv);
> }
> }