diff options
| author | Evan Prodromou <evan@prodromou.name> | 2008-08-25 14:41:04 -0400 |
|---|---|---|
| committer | Evan Prodromou <evan@prodromou.name> | 2008-08-25 14:41:04 -0400 |
| commit | 08a3c5ac7f88f86e28dce0e899ac36433a68add0 (patch) | |
| tree | c4b844e21ba995d1af8af14e5dbd013273483062 /classes | |
| parent | 21e4fb864f834ae431edd9841bcca66751616859 (diff) | |
use better SQL date, fix security problem with OpenID logins
darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/User.php | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/classes/User.php b/classes/User.php index 491f68df2..1a650c424 100644 --- a/classes/User.php +++ b/classes/User.php @@ -148,6 +148,8 @@ class User extends DB_DataObject static function register($fields) { + # MAGICALLY put fields into current scope + extract($fields); $profile = new Profile(); @@ -169,7 +171,8 @@ class User extends DB_DataObject if ($location) { $profile->location = $location; } - $profile->created = DB_DataObject_Cast::dateTime(); # current time + + $profile->created = common_sql_now(); $id = $profile->insert(); @@ -182,8 +185,12 @@ class User extends DB_DataObject $user->id = $id; $user->nickname = $nickname; - $user->password = common_munge_password($password, $id); - $user->created = DB_DataObject_Cast::dateTime(); # current time + + if ($password) { # may not have a password for OpenID users + $user->password = common_munge_password($password, $id); + } + + $user->created = common_sql_now(); $user->uri = common_user_uri($user); $result = $user->insert(); |