mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-21 08:22:07 +02:00
Code Issues Projects Releases Wiki Activity

MDL-23927 do not use = 'guest' because we have CFG->siteguest AND it matches any other username with accents and different case in MySQL

Browse Source
This commit is contained in:
Petr Skoda 2010-08-25 08:32:59 +00:00
parent c924a469a6
commit 04aec3dacf
4 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
admin/user.php
View File

@ -212,8 +212,8 @@
$table->align = array ("left", "left", "left", "left", "left", "center", "center", "center");
$table->width = "95%";
foreach ($users as $user) {
if ($user->username == 'guest') {
continue; // do not dispaly dummy new user and guest here
if (isguestuser($user)) {
continue; // do not display guest here
}
if ($user->id == $USER->id or is_siteadmin($user)) {

8
admin/user/lib.php
View File

@ -9,8 +9,7 @@ if (!defined('MAX_BULK_USERS')) {
function add_selection_all($ufiltering) {
global $SESSION, $DB;
$guest = get_complete_user_data('username', 'guest');
list($sqlwhere, $params) = $ufiltering->get_sql_filter("id<>:exguest AND deleted <> 1", array('exguest'=>$guest->id));
list($sqlwhere, $params) = $ufiltering->get_sql_filter("id<>:exguest AND deleted <> 1", array('exguest'=>$CFG->siteguest));
if ($rs = $DB->get_recordset_select('user', $sqlwhere, $params, 'fullname', 'id,'.$DB->sql_fullname().' AS fullname')) {
foreach ($rs as $user) {
@ -26,10 +25,9 @@ function get_selection_data($ufiltering) {
global $SESSION, $DB;
// get the SQL filter
$guest = get_complete_user_data('username', 'guest');
list($sqlwhere, $params) = $ufiltering->get_sql_filter("id<>:exguest AND deleted <> 1", array('exguest'=>$guest->id));
list($sqlwhere, $params) = $ufiltering->get_sql_filter("id<>:exguest AND deleted <> 1", array('exguest'=>$CFG->siteguest));
$total = $DB->count_records_select('user', "id<>:exguest AND deleted <> 1", array('exguest'=>$guest->id));
$total = $DB->count_records_select('user', "id<>:exguest AND deleted <> 1", array('exguest'=>$CFG->siteguest));
$acount = $DB->count_records_select('user', $sqlwhere, $params);
$scount = count($SESSION->bulk_users);

4
user/profile.php
View File

@ -56,7 +56,7 @@ $currentuser = ($user->id == $USER->id);
$context = $usercontext = get_context_instance(CONTEXT_USER, $userid, MUST_EXIST);
if (!$currentuser &&
!empty($CFG->forceloginforprofiles) &&
!empty($CFG->forceloginforprofiles) &&
!has_capability('moodle/user:viewdetails', $context) &&
!has_coursecontact_role($userid)) {
// Course managers can be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
@ -378,7 +378,7 @@ echo $OUTPUT->blocks_for_region('content');
// Print messaging link if allowed
if (isloggedin() && has_capability('moodle/site:sendmessage', $context)
&& !empty($CFG->messaging) && !isguestuser() && ($user->username != 'guest') && ($USER->id != $user->id)) {
&& !empty($CFG->messaging) && !isguestuser() && !isguestuser($user) && ($USER->id != $user->id)) {
echo '<div class="messagebox">';
echo '<a href="'.$CFG->wwwroot.'/message/index.php?id='.$user->id.'">'.get_string('messageselectadd').'</a>';
echo '</div>';

5
user/selector/lib.php
View File

@ -412,7 +412,7 @@ abstract class user_selector_base {
* this uses ? style placeholders.
*/
protected function search_sql($search, $u) {
global $DB;
global $DB, $CFG;
$params = array();
$tests = array();
@ -445,7 +445,8 @@ abstract class user_selector_base {
}
// Add some additional sensible conditions
$tests[] = $u . "username <> 'guest'";
$tests[] = $u . "id <> :guestid";
$params['guestid'] = $CFG->siteguest;
$tests[] = $u . 'deleted = 0';
$tests[] = $u . 'confirmed = 1';