Conjunto de cambios 52861f4 en sipes para cord/modules/user
- Fecha y hora:
- 26/05/2016 19:22:36 (hace 8 años)
- Branches:
- stable, version-3.0
- Children:
- 6627152
- Parents:
- dedbde1
- Ubicación:
- cord/modules/user
- Ficheros:
-
- 3 editados
Leyenda
- No modificado
- Añadido
- Eliminado
-
cord/modules/user/user.info
rd7a822e r52861f4 5 5 core = 6.x 6 6 7 ; Information added by packaging script on 2013-11-208 version = "6. 29"7 ; Information added by Drupal.org packaging script on 2016-02-24 8 version = "6.38" 9 9 project = "drupal" 10 datestamp = "1 384980946"10 datestamp = "1456343372" 11 11 -
cord/modules/user/user.module
rd7a822e r52861f4 671 671 } 672 672 673 if ($type == 'submit' && $category == 'account') { 674 return _user_edit_submit((isset($account->uid) ? $account->uid : FALSE), $edit); 673 if ($type == 'submit') { 674 if ($category == 'account') { 675 return _user_edit_submit((isset($account->uid) ? $account->uid : FALSE), $edit); 676 } 677 elseif (isset($edit['roles'])) { 678 // Filter out roles with empty values to avoid granting extra roles when 679 // processing custom form submissions. 680 $edit['roles'] = array_filter($edit['roles']); 681 } 675 682 } 676 683 … … 682 689 function user_login_block() { 683 690 $form = array( 684 '#action' => url($_GET['q'], array('query' => drupal_get_destination() )),691 '#action' => url($_GET['q'], array('query' => drupal_get_destination(), 'external' => FALSE)), 685 692 '#id' => 'user-login-form', 686 693 '#validate' => user_login_default_validators(), … … 1485 1492 function user_pass_reset_url($account) { 1486 1493 $timestamp = time(); 1487 return url("user/reset/$account->uid/$timestamp/". user_pass_rehash($account->pass, $timestamp, $account->login), array('absolute' => TRUE)); 1488 } 1489 1490 function user_pass_rehash($password, $timestamp, $login) { 1491 return md5($timestamp . $password . $login); 1494 return url("user/reset/$account->uid/$timestamp/". user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), array('absolute' => TRUE)); 1495 } 1496 1497 function user_pass_rehash($password, $timestamp, $login, $uid) { 1498 // Backwards compatibility: Try to determine a $uid if one was not passed. 1499 // (Since $uid is a required parameter to this function, a PHP warning will 1500 // be generated if it's not provided, which is an indication that the calling 1501 // code should be updated. But the code below will try to generate a correct 1502 // hash in the meantime.) 1503 if (!isset($uid)) { 1504 $uids = array(); 1505 $result = db_query_range("SELECT uid FROM {users} WHERE pass = '%s' AND login = '%s' AND uid > 0", $password, $login, 0, 2); 1506 while ($row = db_fetch_array($result)) { 1507 $uids[] = $row['uid']; 1508 } 1509 // If exactly one user account matches the provided password and login 1510 // timestamp, proceed with that $uid. 1511 if (count($uids) == 1) { 1512 $uid = reset($uids); 1513 } 1514 // Otherwise there is no safe hash to return, so return a random string 1515 // that will never be treated as a valid token. 1516 else { 1517 return drupal_random_key(); 1518 } 1519 } 1520 return drupal_hmac_base64($timestamp . $login . $uid, drupal_get_private_key() . $password); 1492 1521 } 1493 1522 -
cord/modules/user/user.pages.inc
rb354002 r52861f4 107 107 drupal_goto('user/password'); 108 108 } 109 else if ($account->uid && $timestamp > $account->login && $timestamp < $current && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login )) {109 else if ($account->uid && $timestamp > $account->login && $timestamp < $current && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid)) { 110 110 // First stage is a confirmation form, then login 111 111 if ($action == 'login') {
Nota: Vea TracChangeset
para ayuda en el uso del visor de conjuntos de cambios.