use better SQL date, fix security problem with OpenID logins

darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz
This commit is contained in:
Evan Prodromou 2008-08-25 14:41:04 -04:00
parent 21e4fb864f
commit 08a3c5ac7f

View File

@ -148,6 +148,8 @@ class User extends DB_DataObject
static function register($fields) { static function register($fields) {
# MAGICALLY put fields into current scope
extract($fields); extract($fields);
$profile = new Profile(); $profile = new Profile();
@ -169,7 +171,8 @@ class User extends DB_DataObject
if ($location) { if ($location) {
$profile->location = $location; $profile->location = $location;
} }
$profile->created = DB_DataObject_Cast::dateTime(); # current time
$profile->created = common_sql_now();
$id = $profile->insert(); $id = $profile->insert();
@ -182,8 +185,12 @@ class User extends DB_DataObject
$user->id = $id; $user->id = $id;
$user->nickname = $nickname; $user->nickname = $nickname;
$user->password = common_munge_password($password, $id);
$user->created = DB_DataObject_Cast::dateTime(); # current time if ($password) { # may not have a password for OpenID users
$user->password = common_munge_password($password, $id);
}
$user->created = common_sql_now();
$user->uri = common_user_uri($user); $user->uri = common_user_uri($user);
$result = $user->insert(); $result = $user->insert();