From 08a3c5ac7f88f86e28dce0e899ac36433a68add0 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 25 Aug 2008 14:41:04 -0400 Subject: [PATCH] use better SQL date, fix security problem with OpenID logins darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz --- classes/User.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/classes/User.php b/classes/User.php index 491f68df24..1a650c4242 100644 --- a/classes/User.php +++ b/classes/User.php @@ -148,6 +148,8 @@ class User extends DB_DataObject static function register($fields) { + # MAGICALLY put fields into current scope + extract($fields); $profile = new Profile(); @@ -169,7 +171,8 @@ class User extends DB_DataObject if ($location) { $profile->location = $location; } - $profile->created = DB_DataObject_Cast::dateTime(); # current time + + $profile->created = common_sql_now(); $id = $profile->insert(); @@ -182,8 +185,12 @@ class User extends DB_DataObject $user->id = $id; $user->nickname = $nickname; - $user->password = common_munge_password($password, $id); - $user->created = DB_DataObject_Cast::dateTime(); # current time + + if ($password) { # may not have a password for OpenID users + $user->password = common_munge_password($password, $id); + } + + $user->created = common_sql_now(); $user->uri = common_user_uri($user); $result = $user->insert(); -- 2.39.5