Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

MDL-30878 core_user_update_users user password is reset if not specified

  • Loading branch information...
commit 367ed4621e502f951b90d0cf4c449000c763c55d 1 parent d951fed
Jérôme Mouneyrac mouneyrac authored

Showing 1 changed file with 25 additions and 18 deletions. Show diff stats Hide diff stats

  1. +25 18 user/lib.php
43 user/lib.php
@@ -27,51 +27,60 @@
27 27
28 28 /**
29 29 * Creates a user
  30 + *
30 31 * @param object $user user to create
31 32 * @return int id of the newly created user
32 33 */
33 34 function user_create_user($user) {
34 35 global $DB;
35 36
36   -/// set the timecreate field to the current time
  37 + // set the timecreate field to the current time
37 38 if (!is_object($user)) {
38 39 $user = (object)$user;
39 40 }
40 41
41   - /// hash the password
42   - $user->password = hash_internal_user_password($user->password);
  42 + // save the password in a temp value for later
  43 + if (isset($user->password)) {
  44 + $userpassword = $user->password;
  45 + unset($user->password);
  46 + }
43 47
44 48 $user->timecreated = time();
45 49 $user->timemodified = $user->timecreated;
46 50
47   -/// insert the user into the database
  51 + // insert the user into the database
48 52 $newuserid = $DB->insert_record('user', $user);
49 53
50   -/// trigger user_created event on the full database user row
  54 + // trigger user_created event on the full database user row
51 55 $newuser = $DB->get_record('user', array('id' => $newuserid));
52 56 events_trigger('user_created', $newuser);
53 57
54   -/// create USER context for this user
  58 + // create USER context for this user
55 59 get_context_instance(CONTEXT_USER, $newuserid);
56 60
  61 + // update user password if necessary
  62 + if (isset($userpassword)) {
  63 + update_internal_user_password($newuser, $userpassword);
  64 + }
  65 +
57 66 return $newuserid;
58 67
59 68 }
60 69
61 70 /**
62 71 * Update a user with a user object (will compare against the ID)
63   - * @param object $user - the user to update
  72 + *
  73 + * @param object $user the user to update
64 74 */
65 75 function user_update_user($user) {
66 76 global $DB;
67 77
68   - /// set the timecreate field to the current time
  78 + // set the timecreate field to the current time
69 79 if (!is_object($user)) {
70 80 $user = (object)$user;
71 81 }
72   -
73   - //MDL-30878
74   - //unset password here, for updating later
  82 +
  83 + // unset password here, for updating later
75 84 if (isset($user->password)) {
76 85 $passwd = $user->password;
77 86 unset($user->password);
@@ -80,19 +89,17 @@ function user_update_user($user) {
80 89 $user->timemodified = time();
81 90 $DB->update_record('user', $user);
82 91
83   - /// trigger user_updated event on the full database user row
  92 + // trigger user_updated event on the full database user row
84 93 $updateduser = $DB->get_record('user', array('id' => $user->id));
  94 + events_trigger('user_updated', $updateduser);
85 95
86   - //MDL-30878
87   - //if password was set, then update its hash
88   - if (isset($passwd))
  96 + // if password was set, then update its hash
  97 + if (isset($passwd)) {
89 98 update_internal_user_password($updateduser, $passwd);
90   -
91   - events_trigger('user_updated', $updateduser);
  99 + }
92 100
93 101 }
94 102
95   -
96 103 /**
97 104 * Marks user deleted in internal user database and notifies the auth plugin.
98 105 * Also unenrols user from all roles and does other cleanup.

0 comments on commit 367ed46

Please sign in to comment.
Something went wrong with that request. Please try again.