Project

General

Profile

Revision b0dc3a2e

Added by Julien Enselme over 7 years ago

Update to Drupal 7.52

View differences:

drupal7/modules/user/user.module
418 418
 *
419 419
 * @return
420 420
 *   A fully-loaded $user object upon successful save or FALSE if the save failed.
421
 *
422
 * @todo D8: Drop $edit and fix user_save() to be consistent with others.
423 421
 */
424 422
function user_save($account, $edit = array(), $category = 'account') {
425 423
  $transaction = db_transaction();
426 424
  try {
427
    if (!empty($edit['pass'])) {
425
    if (isset($edit['pass']) && strlen(trim($edit['pass'])) > 0) {
428 426
      // Allow alternate password hashing schemes.
429 427
      require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
430 428
      $edit['pass'] = user_hash_password(trim($edit['pass']));
......
791 789
 *   (optional) The account to check, if not given use currently logged in user.
792 790
 *
793 791
 * @return
794
 *   Boolean TRUE if the current user has the requested permission.
792
 *   Boolean TRUE if the user has the requested permission.
795 793
 *
796 794
 * All permission checks in Drupal should go through this function. This
797 795
 * way, we guarantee consistent behavior, and ensure that the superuser
......
1232 1230
    // that prevent them from being empty if they are changed.
1233 1231
    if ((strlen(trim($form_state['values'][$key])) > 0) && ($form_state['values'][$key] != $account->$key)) {
1234 1232
      require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
1235
      $current_pass_failed = empty($form_state['values']['current_pass']) || !user_check_password($form_state['values']['current_pass'], $account);
1233
      $current_pass_failed = strlen(trim($form_state['values']['current_pass'])) == 0 || !user_check_password($form_state['values']['current_pass'], $account);
1236 1234
      if ($current_pass_failed) {
1237 1235
        form_set_error('current_pass', t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => $name)));
1238 1236
        form_set_error($key);
......
1755 1753

  
1756 1754
  $items['admin/people/create'] = array(
1757 1755
    'title' => 'Add user',
1756
    'page callback' => 'user_admin',
1758 1757
    'page arguments' => array('create'),
1759 1758
    'access arguments' => array('administer users'),
1760 1759
    'type' => MENU_LOCAL_ACTION,
1760
    'file' => 'user.admin.inc',
1761 1761
  );
1762 1762

  
1763 1763
  // Administration pages.
......
2165 2165
 */
2166 2166
function user_login_authenticate_validate($form, &$form_state) {
2167 2167
  $password = trim($form_state['values']['pass']);
2168
  if (!empty($form_state['values']['name']) && !empty($password)) {
2168
  if (!empty($form_state['values']['name']) && strlen(trim($password)) > 0) {
2169 2169
    // Do not allow any login from the current user's IP if the limit has been
2170 2170
    // reached. Default is 50 failed attempts allowed in one hour. This is
2171 2171
    // independent of the per-user limit to catch attempts from one IP to log
......
2256 2256
 */
2257 2257
function user_authenticate($name, $password) {
2258 2258
  $uid = FALSE;
2259
  if (!empty($name) && !empty($password)) {
2259
  if (!empty($name) && strlen(trim($password)) > 0) {
2260 2260
    $account = user_load_by_name($name);
2261 2261
    if ($account) {
2262 2262
      // Allow alternate password hashing schemes.

Also available in: Unified diff