From 45a6d31c4f9fec79066e2dc3f8ca198f31817b44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20S=CC=8Ckoda?= Date: Tue, 18 Sep 2012 09:10:42 +0200 Subject: [PATCH 1/3] MDL-32572 always lookpup passwords only in records from current auth plugin This bug should not be creating any problems thanks to our design of login process, but it should be fixed anyway. --- auth/db/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth/db/auth.php b/auth/db/auth.php index 57095139adc..fb0b95ac117 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -65,7 +65,7 @@ class auth_plugin_db extends auth_plugin_base { $authdb->Close(); // user exists externally // check username/password internally - if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) { + if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id, 'auth'=>$this->authtype))) { return validate_internal_user_password($user, $password); } } else { From 3f22e75663be77f39afd591016ce7b0a75ddfd3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20S=CC=8Ckoda?= Date: Tue, 18 Sep 2012 10:44:05 +0200 Subject: [PATCH 2/3] MDL-32572 skip problematic users in auth_db sync --- auth/db/auth.php | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/auth/db/auth.php b/auth/db/auth.php index fb0b95ac117..6e291470dec 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -346,7 +346,7 @@ class auth_plugin_db extends auth_plugin_base { if ($verbose) { mtrace(get_string('auth_dbuserstoadd','auth_db',count($add_users))); } - $transaction = $DB->start_delegated_transaction(); + // Do not use transactions around this foreach, we want to skip problematic users, not revert everything. foreach($add_users as $user) { $username = $user; $user = $this->get_userinfo_asobj($user); @@ -372,9 +372,16 @@ class auth_plugin_db extends auth_plugin_base { } else { $user->timecreated = time(); $user->timemodified = $user->timecreated; - $id = $DB->insert_record ('user', $user); // it is truly a new user - if ($verbose) { - mtrace("\t".get_string('auth_dbinsertuser', 'auth_db', array('name'=>$user->username, 'id'=>$id))); + try { + $id = $DB->insert_record('user', $user); // it is truly a new user + if ($verbose) { + mtrace("\t".get_string('auth_dbinsertuser', 'auth_db', array('name'=>$user->username, 'id'=>$id))); + } + } catch (moodle_exception $e) { + if ($verbose) { + mtrace("\t".get_string('auth_dbinsertusererror', 'auth_db', $user->username)); + } + continue; } // if relevant, tag for password generation if ($this->is_internal()) { @@ -383,7 +390,6 @@ class auth_plugin_db extends auth_plugin_base { } } } - $transaction->allow_commit(); unset($add_users); // free mem } return 0; From 88fbc9a7ef5d6d99cdab6913868ccfda80ded6d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20S=CC=8Ckoda?= Date: Tue, 18 Sep 2012 13:17:35 +0200 Subject: [PATCH 3/3] MDL-32572 fix notice when changing internal auth_db passwords --- auth/db/auth.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/auth/db/auth.php b/auth/db/auth.php index 6e291470dec..5882bcf6c63 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -191,8 +191,16 @@ class auth_plugin_db extends auth_plugin_base { * @return bool True on success */ function user_update_password($user, $newpassword) { + global $DB; + if ($this->is_internal()) { - return update_internal_user_password($user, $newpassword); + $puser = $DB->get_record('user', array('id'=>$user->id), '*', MUST_EXIST); + if (update_internal_user_password($puser, $newpassword)) { + $user->password = $puser->password; + return true; + } else { + return false; + } } else { // we should have never been called! return false;