MDL-14679 towards /admin/auth conversion

carolinekennedy · May 31, 2008 · 185721a · 185721a
1 parent 6ceb0cd
commit 185721a
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 19 deletions.
diff --git a/auth/cas/auth.php b/auth/cas/auth.php
@@ -796,7 +796,7 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
                 $maxxcount = 100;
                 foreach ($users as $user) {
                     echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id));
-                    if (!$this->update_user_record(addslashes($user->username), $updatekeys)) {
+                    if (!$this->update_user_record($user->username, $updatekeys)) {
                         echo " - ".get_string('skipped');
                     }
                     echo "\n";
@@ -880,14 +880,15 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
      * If you don't pass $updatekeys, there is a performance hit and
      * values removed from LDAP won't be removed from moodle.
      *
-     * @param string $username username (with system magic quotes)
+     * @param string $username username
      */
     function update_user_record($username, $updatekeys = false) {
-        global $CFG;
+        global $CFG, $DB;
+
         //just in case check text case
         $username = trim(moodle_strtolower($username));
         // get the current user record
-        $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id);
+        $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id));
         if (empty($user)) { // trouble
             error_log("Cannot update non-existent user: ".stripslashes($username));
             print_error('auth_dbusernotexist','auth',$username);
@@ -908,14 +909,14 @@ function update_user_record($username, $updatekeys = false) {
                 }
                 if (!empty($this->config->{'field_updatelocal_' . $key})) {
                     if ($user->{$key} != $value) { // only update if it's changed
-                        set_field('user', $key, addslashes($value), 'id', $userid);
+                        $DB->set_field('user', $key, $value, array('id'=>$userid));
                     }
                 }
             }
         } else {
             return false;
         }
-        return get_record_select('user', "id = $userid AND deleted = 0");
+        return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0));
     }
     /**
      * Bulk insert in SQL's temp table

diff --git a/auth/db/auth.php b/auth/db/auth.php
@@ -306,7 +306,7 @@ function sync_users($do_updates=false) {
 
                     foreach ($update_users as $user) {
                         echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id));
-                        if (!$this->update_user_record(addslashes($user->username), $updatekeys)) {
+                        if (!$this->update_user_record($user->username, $updatekeys)) {
                             echo " - ".get_string('skipped');
                         }
                         echo "\n";
@@ -451,16 +451,16 @@ function get_userinfo_asobj($username) {
      * If you don't pass $updatekeys, there is a performance hit and
      * values removed from DB won't be removed from moodle.
      *
-     * @param string $username username (with system magic quotes)
+     * @param string $username username
      */
     function update_user_record($username, $updatekeys=false) {
-        global $CFG;
+        global $CFG, $DB;
 
         //just in case check text case
         $username = trim(moodle_strtolower($username));
 
         // get the current user record
-        $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id);
+        $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id));
         if (empty($user)) { // trouble
             error_log("Cannot update non-existent user: $username");
             print_error('auth_dbusernotexist','auth',$username);
@@ -486,12 +486,12 @@ function update_user_record($username, $updatekeys=false) {
 
                 if (!empty($this->config->{'field_updatelocal_' . $key})) {
                     if ($user->{$key} != $value) { // only update if it's changed
-                        set_field('user', $key, addslashes($value), 'id', $userid);
+                        $DB->set_field('user', $key, $value, array('id'=>$userid));
                     }
                 }
             }
         }
-        return get_record_select('user', "id = $userid AND deleted = 0");
+        return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0));
     }
 
     /**

diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php
@@ -755,7 +755,7 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
 
                 foreach ($users as $user) {
                     echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id));
-                    if (!$this->update_user_record(addslashes($user->username), $updatekeys)) {
+                    if (!$this->update_user_record($user->username, $updatekeys)) {
                         echo " - ".get_string('skipped');
                     }
                     echo "\n";
@@ -850,7 +850,7 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
      * If you don't pass $updatekeys, there is a performance hit and
      * values removed from LDAP won't be removed from moodle.
      *
-     * @param string $username username (with system magic quotes)
+     * @param string $username username
      */
     function update_user_record($username, $updatekeys = false) {
         global $CFG;
@@ -859,9 +859,9 @@ function update_user_record($username, $updatekeys = false) {
         $username = trim(moodle_strtolower($username));
 
         // get the current user record
-        $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id);
+        $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id));
         if (empty($user)) { // trouble
-            error_log("Cannot update non-existent user: ".stripslashes($username));
+            error_log("Cannot update non-existent user: ".$username);
             print_error('auth_dbusernotexist','auth','',$username);
             die;
         }
@@ -885,14 +885,14 @@ function update_user_record($username, $updatekeys = false) {
 
                 if (!empty($this->config->{'field_updatelocal_' . $key})) {
                     if ($user->{$key} != $value) { // only update if it's changed
-                        set_field('user', $key, addslashes($value), 'id', $userid);
+                        $DB->set_field('user', $key, $value, array('id'=>$userid));
                     }
                 }
             }
         } else {
             return false;
         }
-        return get_record_select('user', "id = $userid AND deleted = 0");
+        return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0));
     }
 
     /**

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
@@ -2884,7 +2884,6 @@ function update_user_record($username, $authplugin) {
                 continue;
             }
             if ($confval === 'onlogin') {
-                $value = addslashes(stripslashes($value));   // Just in case
                 // MDL-4207 Don't overwrite modified user profile values with
                 // empty LDAP values when 'unlocked if empty' is set. The purpose
                 // of the setting 'unlocked if empty' is to allow the user to fill