Révision dbb0c974
Ajouté par Assos Assos il y a plus de 9 ans
drupal7/sites/all/modules/commerce/modules/checkout/commerce_checkout.install | ||
---|---|---|
101 | 101 |
variable_set('enable_commerce_checkout_order_created_date_update', FALSE); |
102 | 102 |
return t('A new core checkout completion rule has been added that updates order creation timestamps to the time of checkout completion. It has been disabled by default to not interfere with existing order workflows, but you may enable it in your checkout settings if desired.'); |
103 | 103 |
} |
104 |
|
|
105 |
/** |
|
106 |
* If the variable commerce_checkout_run_update_7103 is set, change all user |
|
107 |
* names that contain @ and look like an e-mail address to prevent the |
|
108 |
* disclosure of e-mail addresses to non-trusted users. Refer to the release |
|
109 |
* notes for Commerce 1.10 for instructions on how to set this variable. |
|
110 |
* Otherwise you are responsible to clean the usernames on your own. |
|
111 |
*/ |
|
112 |
function commerce_checkout_update_7103(&$sandbox) { |
|
113 |
// Every site may not want to disrupt all their account usernames with this |
|
114 |
// update, so we require sites to set a variable explicitly to run the update. |
|
115 |
// Sites that do not must do their own handling of the security issue. |
|
116 |
if (!variable_get('commerce_checkout_run_update_7103', FALSE)) { |
|
117 |
return t('Skipped update 7103 because the variable commerce_checkout_run_update_7103 is not set. You must make sure usernames are not valid e-mail adresses on your own.'); |
|
118 |
} |
|
119 |
|
|
120 |
if (!isset($sandbox['progress'])) { |
|
121 |
$sandbox['progress'] = 0; |
|
122 |
$sandbox['max'] = db_query("SELECT COUNT(*) FROM {users} WHERE name LIKE '%@%'")->fetchField(); |
|
123 |
} |
|
124 |
|
|
125 |
// Update 100 user names at a time. |
|
126 |
$names = db_query("SELECT uid, name FROM {users} WHERE name LIKE '%@%' LIMIT 100")->fetchAllKeyed(); |
|
127 |
$order = new stdClass(); |
|
128 |
foreach ($names as $uid => $name) { |
|
129 |
$order->mail = $name; |
|
130 |
$new_name = commerce_order_get_properties($order, array(), 'mail_username'); |
|
131 |
db_update('users') |
|
132 |
->fields(array( |
|
133 |
'name' => $new_name, |
|
134 |
)) |
|
135 |
->condition('uid', $uid) |
|
136 |
->execute(); |
|
137 |
$sandbox['progress']++; |
|
138 |
} |
|
139 |
|
|
140 |
$sandbox['#finished'] = empty($names) ? 1 : ($sandbox['progress'] / $sandbox['max']); |
|
141 |
|
|
142 |
return t('Usernames resembling e-mail addresses have been cleaned.'); |
|
143 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules