Update of /cvs/scoop/scoop/lib/Scoop/Users
In directory lithium.sabren.com:/tmp/cvs-serv6676/lib/Scoop/Users
Modified Files:
NewUser.pm
Log Message:
Fixes for bugs 23 and 115: removing use_diaries (in favour of section
permissions) and some sql quoting fixes in the user creation code.
-janra
Index: NewUser.pm
===================================================================
RCS file: /cvs/scoop/scoop/lib/Scoop/Users/NewUser.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** NewUser.pm 21 Jan 2005 14:14:31 -0000 1.3
--- NewUser.pm 23 Jan 2005 03:45:59 -0000 1.4
***************
*** 167,174 ****
my $S = shift;
my ($rv, $sth) = $S->db_select({
WHAT => 'uid',
FROM => 'users',
! WHERE => qq|creation_ip = "$S->{REMOTE_IP}" AND creation_time >= DATE_SUB(NOW(), INTERVAL 24 HOUR)|
});
--- 167,176 ----
my $S = shift;
+ my $dsub = $S->db_date_sub("NOW()", "24 HOUR");
+ my $ip = $S->dbh->quote($S->{REMOTE_IP});
my ($rv, $sth) = $S->db_select({
WHAT => 'uid',
FROM => 'users',
! WHERE => qq|creation_ip = $ip AND creation_time >= $dsub|
});
***************
*** 227,240 ****
my ($nick, $pass, $email) = @_;
! my $c_pass = $S->crypt_pass($pass);
my $f_nick = $S->dbh->quote($nick);
my $f_email = $S->dbh->quote($email);
! my $default_group = $S->_get_default_group;
my ($rv, $sth) = $S->db_insert({
INTO => 'users',
COLS => 'nickname, origemail, realemail, passwd, perm_group, creation_ip, creation_time, is_new_account',
! VALUES => qq|$f_nick, $f_email, $f_email, "$c_pass", "$default_group", "$S->{REMOTE_IP}", NOW(),1|});
$sth->finish;
--- 229,243 ----
my ($nick, $pass, $email) = @_;
! my $c_pass = $S->dbh->quote($S->crypt_pass($pass));
my $f_nick = $S->dbh->quote($nick);
my $f_email = $S->dbh->quote($email);
! my $default_group = $S->dbh->quote($S->_get_default_group);
! my $ip = $S->dbh->quote($S->{REMOTE_IP});
my ($rv, $sth) = $S->db_insert({
INTO => 'users',
COLS => 'nickname, origemail, realemail, passwd, perm_group, creation_ip, creation_time, is_new_account',
! VALUES => qq|$f_nick, $f_email, $f_email, $c_pass, $default_group, $ip, NOW(),1|});
$sth->finish;
***************
*** 323,326 ****
--- 326,330 ----
my $S = shift;
my $nick = shift;
+ my $q_nick = $S->dbh->quote($nick);
return '<br />Username is already in use.<br />Please try a different one.'
***************
*** 334,338 ****
WHAT => 'uid',
FROM => 'users',
! WHERE => qq|nickname = "$nick"|});
$sth->finish;
--- 338,342 ----
WHAT => 'uid',
FROM => 'users',
! WHERE => qq|nickname = $q_nick|});
$sth->finish;
***************
*** 347,350 ****
--- 351,355 ----
my $S = shift;
my $email = shift;
+ my $q_email = $S->dbh->quote($email);
unless ($email) {
***************
*** 355,359 ****
WHAT => 'uid',
FROM => 'users',
! WHERE => qq|realemail = "$email" OR origemail = "$email"|});
#$sth->finish;
--- 360,364 ----
WHAT => 'uid',
FROM => 'users',
! WHERE => qq|realemail = $q_email OR origemail = $q_email|});
#$sth->finish;