Permalink
Browse files

MDL-30878 core_user_update_users user password is reset if not specified

  • Loading branch information...
1 parent d951fed commit 367ed4621e502f951b90d0cf4c449000c763c55d @mouneyrac mouneyrac committed Jan 27, 2012
Showing with 25 additions and 18 deletions.
  1. +25 −18 user/lib.php
View
43 user/lib.php
@@ -27,51 +27,60 @@
/**
* Creates a user
+ *
* @param object $user user to create
* @return int id of the newly created user
*/
function user_create_user($user) {
global $DB;
-/// set the timecreate field to the current time
+ // set the timecreate field to the current time
if (!is_object($user)) {
$user = (object)$user;
}
- /// hash the password
- $user->password = hash_internal_user_password($user->password);
+ // save the password in a temp value for later
+ if (isset($user->password)) {
+ $userpassword = $user->password;
+ unset($user->password);
+ }
$user->timecreated = time();
$user->timemodified = $user->timecreated;
-/// insert the user into the database
+ // insert the user into the database
$newuserid = $DB->insert_record('user', $user);
-/// trigger user_created event on the full database user row
+ // trigger user_created event on the full database user row
$newuser = $DB->get_record('user', array('id' => $newuserid));
events_trigger('user_created', $newuser);
-/// create USER context for this user
+ // create USER context for this user
get_context_instance(CONTEXT_USER, $newuserid);
+ // update user password if necessary
+ if (isset($userpassword)) {
+ update_internal_user_password($newuser, $userpassword);
+ }
+
return $newuserid;
}
/**
* Update a user with a user object (will compare against the ID)
- * @param object $user - the user to update
+ *
+ * @param object $user the user to update
*/
function user_update_user($user) {
global $DB;
- /// set the timecreate field to the current time
+ // set the timecreate field to the current time
if (!is_object($user)) {
$user = (object)$user;
}
-
- //MDL-30878
- //unset password here, for updating later
+
+ // unset password here, for updating later
if (isset($user->password)) {
$passwd = $user->password;
unset($user->password);
@@ -80,19 +89,17 @@ function user_update_user($user) {
$user->timemodified = time();
$DB->update_record('user', $user);
- /// trigger user_updated event on the full database user row
+ // trigger user_updated event on the full database user row
$updateduser = $DB->get_record('user', array('id' => $user->id));
+ events_trigger('user_updated', $updateduser);
- //MDL-30878
- //if password was set, then update its hash
- if (isset($passwd))
+ // if password was set, then update its hash
+ if (isset($passwd)) {
update_internal_user_password($updateduser, $passwd);
-
- events_trigger('user_updated', $updateduser);
+ }
}
-
/**
* Marks user deleted in internal user database and notifies the auth plugin.
* Also unenrols user from all roles and does other cleanup.

0 comments on commit 367ed46

Please sign in to comment.