Merge branch 'wip-MDL-43058-master' of git://github.com/abgreeve/moodle

moodle · Dec 3, 2013 · 7b583ee · 7b583ee
2 parents 75b296a + 8b1d424
commit 7b583ee
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/report/security/locallib.php b/report/security/locallib.php
@@ -508,7 +508,8 @@ function report_security_check_riskxss($detailed=false) {
     $result->info = get_string('check_riskxss_warning', 'report_security', $count);
 
     if ($detailed) {
-        $users = $DB->get_records_sql("SELECT DISTINCT u.id, u.firstname, u.lastname, u.picture, u.imagealt $sqlfrom", $params);
+        $userfields = user_picture::fields('u');
+        $users = $DB->get_records_sql("SELECT DISTINCT $userfields $sqlfrom", $params);
         foreach ($users as $uid=>$user) {
             $users[$uid] = fullname($user);
         }
@@ -710,7 +711,8 @@ function report_security_check_riskadmin($detailed=false) {
     $result->status  = null;
     $result->link    = null;
 
-    $sql = "SELECT u.id, u.firstname, u.lastname, u.picture, u.imagealt, u.email
+    $userfields = user_picture::fields('u');
+    $sql = "SELECT $userfields
               FROM {user} u
              WHERE u.id IN ($CFG->siteadmins)";
 
@@ -834,7 +836,8 @@ function report_security_check_riskbackup($detailed=false) {
         $users = array();
 
         list($sort, $sortparams) = users_order_by_sql('u');
-        $rs = $DB->get_recordset_sql("SELECT DISTINCT u.id, u.firstname, u.lastname, u.picture, u.imagealt, u.email, ra.contextid, ra.roleid
+        $userfields = user_picture::fields('u');
+        $rs = $DB->get_recordset_sql("SELECT DISTINCT $userfields, ra.contextid, ra.roleid
             $sqluserinfo ORDER BY $sort", array_merge($params, $sortparams));
 
         foreach ($rs as $user) {