MDL-30878 core_user_update_users user password is reset if not specified

Conflicts: user/lib.php
moodle · Jan 27, 2012 · 2e91e1a · 2e91e1a
1 parent b1945c7
commit 2e91e1a
Showing 1 changed file with 28 additions and 17 deletions.
diff --git a/user/lib.php b/user/lib.php
@@ -27,47 +27,60 @@
 
 /**
  * Creates a user
+ *
  * @param object $user user to create
  * @return int id of the newly created user
  */
 function user_create_user($user) {
     global $DB;
 
-/// set the timecreate field to the current time
+    // set the timecreate field to the current time
     if (!is_object($user)) {
             $user = (object)$user;
     }
 
-    /// hash the password
-    $user->password = hash_internal_user_password($user->password);
+    // save the password in a temp value for later
+    if (isset($user->password)) {
+        $userpassword = $user->password;
+        unset($user->password);
+    }
 
     $user->timecreated = time();
     $user->timemodified = $user->timecreated;
 
-/// insert the user into the database
+    // insert the user into the database
     $newuserid = $DB->insert_record('user', $user);
 
-/// create USER context for this user
+    // trigger user_created event on the full database user row
+    $newuser = $DB->get_record('user', array('id' => $newuserid));
+    events_trigger('user_created', $newuser);
+
+    // create USER context for this user
     get_context_instance(CONTEXT_USER, $newuserid);
 
+    // update user password if necessary
+    if (isset($userpassword)) {
+        update_internal_user_password($newuser, $userpassword);
+    }
+
     return $newuserid;
 
 }
 
 /**
  * Update a user with a user object (will compare against the ID)
- * @param object $user - the user to update
+ *
+ * @param object $user the user to update
  */
 function user_update_user($user) {
     global $DB;
 
-    /// set the timecreate field to the current time
+    // set the timecreate field to the current time
     if (!is_object($user)) {
             $user = (object)$user;
     }
-
-    //MDL-30878
-    //unset password here, for updating later
+
+    // unset password here, for updating later
     if (isset($user->password)) {
         $passwd = $user->password;
         unset($user->password);
@@ -76,19 +89,17 @@ function user_update_user($user) {
     $user->timemodified = time();
     $DB->update_record('user', $user);
 
-    /// trigger user_updated event on the full database user row
+    // trigger user_updated event on the full database user row
     $updateduser = $DB->get_record('user', array('id' => $user->id));
+    events_trigger('user_updated', $updateduser);
 
-    //MDL-30878
-    //if password was set, then update its hash
-    if (isset($passwd))
+    // if password was set, then update its hash
+    if (isset($passwd)) {
         update_internal_user_password($updateduser, $passwd);
-
-    events_trigger('user_updated', $updateduser);
+    }
 
 }
 
-
 /**
  * Marks user deleted in internal user database and notifies the auth plugin.
  * Also unenrols user from all roles and does other cleanup.