/[drupal]/drupal/modules/user/user.module
ViewVC logotype

Diff of /drupal/modules/user/user.module

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

revision 1.897 by dries, Wed Mar 19 07:35:15 2008 UTC revision 1.898 by dries, Mon Mar 31 20:50:05 2008 UTC
# Line 1  Line 1 
1  <?php  <?php
2  // $Id: user.module,v 1.896 2008/02/20 13:46:43 dries Exp $  // $Id: user.module,v 1.897 2008/03/19 07:35:15 dries Exp $
3    
4  /**  /**
5   * @file   * @file
# Line 157  function user_load($array = array()) { Line 157  function user_load($array = array()) {
157      }      }
158      else if ($key == 'pass') {      else if ($key == 'pass') {
159        $query[] = "pass = '%s'";        $query[] = "pass = '%s'";
160        $params[] = md5($value);        $params[] = $value;
161      }      }
162      else {      else {
163        $query[]= "LOWER($key) = LOWER('%s')";        $query[]= "LOWER($key) = LOWER('%s')";
# Line 214  function user_save($account, $array = ar Line 214  function user_save($account, $array = ar
214    $user_fields = $table['fields'];    $user_fields = $table['fields'];
215    
216    if (!empty($array['pass'])) {    if (!empty($array['pass'])) {
217      $array['pass'] = md5($array['pass']);      // Allow alternate password hashing schemes.
218        require_once variable_get('password_inc', './includes/password.inc');
219        $array['pass'] = user_hash_password(trim($array['pass']));
220        // Abort if the hashing failed and returned FALSE.
221        if (!$array['pass']) {
222          return FALSE;
223        }
224    }    }
225    else {    else {
226      // Avoid overwriting an existing password with a blank password.      // Avoid overwriting an existing password with a blank password.
# Line 1283  function user_login_final_validate($form Line 1289  function user_login_final_validate($form
1289  function user_authenticate($form_values = array()) {  function user_authenticate($form_values = array()) {
1290    global $user;    global $user;
1291    
1292      $password = trim($form_values['pass']);
1293    // Name and pass keys are required.    // Name and pass keys are required.
1294    if (!empty($form_values['name']) && !empty($form_values['pass']) &&    if (!empty($form_values['name']) && !empty($password)) {
1295        $account = user_load(array('name' => $form_values['name'], 'pass' => trim($form_values['pass']), 'status' => 1))) {      $account = db_fetch_object(db_query("SELECT * FROM {users} WHERE name = '%s' AND status = 1", $form_values['name']));
1296      $user = $account;      if ($account) {
1297      user_authenticate_finalize($form_values);        // Allow alternate password hashing schemes.
1298      return $user;        require_once variable_get('password_inc', './includes/password.inc');
1299          if (user_check_password($password, $account)) {
1300            if (user_needs_new_hash($account)) {
1301               $new_hash = user_hash_password($password);
1302               if ($new_hash) {
1303                 db_query("UPDATE {users} SET pass = '%s' WHERE uid = %d", $new_hash, $account->uid);
1304               }
1305            }
1306            $account = user_load(array('uid' => $account->uid, 'status' => 1));
1307            $user = $account;
1308            user_authenticate_finalize($form_values);
1309            return $user;
1310          }
1311        }
1312    }    }
1313  }  }
1314    
Legend:
Removed from v.1.897  
changed lines
  Added in v.1.898
  ViewVC Help
Powered by ViewVC 1.1.3