From 9e6c2a79f0e3ddbf6f5a5703864e96d8ea4868f8 Mon Sep 17 00:00:00 2001 From: Cameron Date: Fri, 22 Feb 2019 11:10:05 -0800 Subject: [PATCH] Issue #3657 Add update limits on user_class changes throughout. --- e107_handlers/login.php | 2 +- e107_handlers/user_model.php | 5 ++++- e107_handlers/userclass_class.php | 13 ++++++------- signup.php | 2 +- 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/e107_handlers/login.php b/e107_handlers/login.php index 1dc8a5261..b40b89a80 100644 --- a/e107_handlers/login.php +++ b/e107_handlers/login.php @@ -278,7 +278,7 @@ class userlogin { // 'New user' probationary period expired - we can take them out of the class $this->userData['user_class'] = $this->e107->user_class->ucRemove(e_UC_NEWUSER, $this->userData['user_class']); // $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login new user complete",$this->userData['user_class'],FALSE,FALSE); - $sql->update('user',"`user_class` = '".$this->userData['user_class']."'", 'WHERE `user_id`='.$this->userData['user_id']); + $sql->update('user',"`user_class` = '".$this->userData['user_class']."'", 'WHERE `user_id`='.$this->userData['user_id']. " LIMIT 1"); unset($class_list[e_UC_NEWUSER]); $edata_li = array('user_id' => $user_id, 'user_name' => $username, 'class_list' => implode(',',$class_list), 'user_email'=> $user_email); $e_event->trigger('userNotNew', $edata_li); diff --git a/e107_handlers/user_model.php b/e107_handlers/user_model.php index 03e89fde9..74a10f940 100644 --- a/e107_handlers/user_model.php +++ b/e107_handlers/user_model.php @@ -1072,7 +1072,10 @@ class e_user_model extends e_admin_model // $this->setCore('user_class',$insert ); // $this->saveDebug(false); - $uid = $this->getData('user_id'); + if(!$uid = $this->getData('user_id')) + { + return false; + } return e107::getDb()->update('user',"user_class='".$insert."' WHERE user_id = ".$uid." LIMIT 1"); diff --git a/e107_handlers/userclass_class.php b/e107_handlers/userclass_class.php index 5bf44ee6e..2df3c9811 100644 --- a/e107_handlers/userclass_class.php +++ b/e107_handlers/userclass_class.php @@ -1814,13 +1814,13 @@ class user_class_admin extends user_class { if (self::delete_class($classID) === TRUE) { - if ($this->sql_r->db_Select('user', 'user_id, user_class', "user_class REGEXP '(^|,){$classID}(,|$)'")) + if ($this->sql_r->select('user', 'user_id, user_class', "user_class REGEXP '(^|,){$classID}(,|$)'")) { $sql2 = e107::getDb('sql2'); - while ($row = $this->sql_r->db_Fetch()) + while ($row = $this->sql_r->fetch()) { $newClass = self::ucRemove($classID, $row['user_class']); - $sql2->db_Update('user', "user_class = '{$newClass}' WHERE user_id = {$row['user_id']}"); + $sql2->update('user', "user_class = '{$newClass}' WHERE user_id = {$row['user_id']} LIMIT 1"); } } return TRUE; @@ -1852,7 +1852,7 @@ class user_class_admin extends user_class { $new_userclass = $cid; } - $uc_sql->db_Update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid)); + $uc_sql->update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid)." LIMIT 1"); } } @@ -1867,13 +1867,12 @@ class user_class_admin extends user_class */ public function class_remove($cid, $uinfoArray) { - $e107 = e107::getInstance(); - $uc_sql = new db; + $uc_sql = e107::getDb(); foreach($uinfoArray as $uid => $curclass) { $newarray = array_diff(explode(',', $curclass), array('', $cid)); $new_userclass = implode(',', $newarray); - $uc_sql->update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid)); + $uc_sql->update('user', "user_class='".e107::getParser()->toDB($new_userclass, true)."' WHERE user_id=".intval($uid)." LIMIT 1"); } } diff --git a/signup.php b/signup.php index 325ac4bd2..85e1af254 100644 --- a/signup.php +++ b/signup.php @@ -996,7 +996,7 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1) if ($init_class = $userMethods->userClassUpdate($row, 'userpartial')) { $allData['data']['user_class'] = $init_class; - $user_class_update = $sql->update("user", "user_class = '{$allData['data']['user_class']}' WHERE user_name='{$allData['data']['user_name']}'"); + $user_class_update = $sql->update("user", "user_class = '{$allData['data']['user_class']}' WHERE user_name='{$allData['data']['user_name']}' LIMIT 1"); if($user_class_update === FALSE) {