1
0
mirror of https://github.com/e107inc/e107.git synced 2025-03-14 01:19:44 +01:00

Issue #3657 Add update limits on user_class changes throughout.

This commit is contained in:
Cameron 2019-02-22 11:10:05 -08:00
parent 2c17c4ff9c
commit 9e6c2a79f0
4 changed files with 12 additions and 10 deletions

View File

@ -278,7 +278,7 @@ class userlogin
{ // 'New user' probationary period expired - we can take them out of the class
$this->userData['user_class'] = $this->e107->user_class->ucRemove(e_UC_NEWUSER, $this->userData['user_class']);
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login new user complete",$this->userData['user_class'],FALSE,FALSE);
$sql->update('user',"`user_class` = '".$this->userData['user_class']."'", 'WHERE `user_id`='.$this->userData['user_id']);
$sql->update('user',"`user_class` = '".$this->userData['user_class']."'", 'WHERE `user_id`='.$this->userData['user_id']. " LIMIT 1");
unset($class_list[e_UC_NEWUSER]);
$edata_li = array('user_id' => $user_id, 'user_name' => $username, 'class_list' => implode(',',$class_list), 'user_email'=> $user_email);
$e_event->trigger('userNotNew', $edata_li);

View File

@ -1072,7 +1072,10 @@ class e_user_model extends e_admin_model
// $this->setCore('user_class',$insert );
// $this->saveDebug(false);
$uid = $this->getData('user_id');
if(!$uid = $this->getData('user_id'))
{
return false;
}
return e107::getDb()->update('user',"user_class='".$insert."' WHERE user_id = ".$uid." LIMIT 1");

View File

@ -1814,13 +1814,13 @@ class user_class_admin extends user_class
{
if (self::delete_class($classID) === TRUE)
{
if ($this->sql_r->db_Select('user', 'user_id, user_class', "user_class REGEXP '(^|,){$classID}(,|$)'"))
if ($this->sql_r->select('user', 'user_id, user_class', "user_class REGEXP '(^|,){$classID}(,|$)'"))
{
$sql2 = e107::getDb('sql2');
while ($row = $this->sql_r->db_Fetch())
while ($row = $this->sql_r->fetch())
{
$newClass = self::ucRemove($classID, $row['user_class']);
$sql2->db_Update('user', "user_class = '{$newClass}' WHERE user_id = {$row['user_id']}");
$sql2->update('user', "user_class = '{$newClass}' WHERE user_id = {$row['user_id']} LIMIT 1");
}
}
return TRUE;
@ -1852,7 +1852,7 @@ class user_class_admin extends user_class
{
$new_userclass = $cid;
}
$uc_sql->db_Update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid));
$uc_sql->update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid)." LIMIT 1");
}
}
@ -1867,13 +1867,12 @@ class user_class_admin extends user_class
*/
public function class_remove($cid, $uinfoArray)
{
$e107 = e107::getInstance();
$uc_sql = new db;
$uc_sql = e107::getDb();
foreach($uinfoArray as $uid => $curclass)
{
$newarray = array_diff(explode(',', $curclass), array('', $cid));
$new_userclass = implode(',', $newarray);
$uc_sql->update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid));
$uc_sql->update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid)." LIMIT 1");
}
}

View File

@ -996,7 +996,7 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1)
if ($init_class = $userMethods->userClassUpdate($row, 'userpartial'))
{
$allData['data']['user_class'] = $init_class;
$user_class_update = $sql->update("user", "user_class = '{$allData['data']['user_class']}' WHERE user_name='{$allData['data']['user_name']}'");
$user_class_update = $sql->update("user", "user_class = '{$allData['data']['user_class']}' WHERE user_name='{$allData['data']['user_name']}' LIMIT 1");
if($user_class_update === FALSE)
{