summaryrefslogtreecommitdiff
path: root/classes
diff options
context:
space:
mode:
authorEvan Prodromou <evan@prodromou.name>2008-08-25 14:41:04 -0400
committerEvan Prodromou <evan@prodromou.name>2008-08-25 14:41:04 -0400
commit08a3c5ac7f88f86e28dce0e899ac36433a68add0 (patch)
treec4b844e21ba995d1af8af14e5dbd013273483062 /classes
parent21e4fb864f834ae431edd9841bcca66751616859 (diff)
use better SQL date, fix security problem with OpenID logins
darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz
Diffstat (limited to 'classes')
-rw-r--r--classes/User.php13
1 files changed, 10 insertions, 3 deletions
diff --git a/classes/User.php b/classes/User.php
index 491f68df2..1a650c424 100644
--- a/classes/User.php
+++ b/classes/User.php
@@ -148,6 +148,8 @@ class User extends DB_DataObject
static function register($fields) {
+ # MAGICALLY put fields into current scope
+
extract($fields);
$profile = new Profile();
@@ -169,7 +171,8 @@ class User extends DB_DataObject
if ($location) {
$profile->location = $location;
}
- $profile->created = DB_DataObject_Cast::dateTime(); # current time
+
+ $profile->created = common_sql_now();
$id = $profile->insert();
@@ -182,8 +185,12 @@ class User extends DB_DataObject
$user->id = $id;
$user->nickname = $nickname;
- $user->password = common_munge_password($password, $id);
- $user->created = DB_DataObject_Cast::dateTime(); # current time
+
+ if ($password) { # may not have a password for OpenID users
+ $user->password = common_munge_password($password, $id);
+ }
+
+ $user->created = common_sql_now();
$user->uri = common_user_uri($user);
$result = $user->insert();