summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xuserprefs.cgi20
1 files changed, 8 insertions, 12 deletions
diff --git a/userprefs.cgi b/userprefs.cgi
index e527b1489..1b6347456 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -32,8 +32,7 @@ sub DoAccount {
my $dbh = Bugzilla->dbh;
my $user = Bugzilla->user;
- ($vars->{'realname'}) = $dbh->selectrow_array(
- "SELECT realname FROM profiles WHERE userid = ?", undef, $user->id);
+ $vars->{'realname'} = $user->name;
if (Bugzilla->params->{'allowemailchange'}
&& $user->authorizer->can_change_email)
@@ -64,6 +63,9 @@ sub DoAccount {
sub SaveAccount {
my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh;
+
+ $dbh->bz_start_transaction;
+
my $user = Bugzilla->user;
my $oldpassword = $cgi->param('old_password');
@@ -86,12 +88,7 @@ sub SaveAccount {
validate_password($pwd1, $pwd2);
if ($oldpassword ne $pwd1) {
- my $cryptedpassword = bz_crypt($pwd1);
- $dbh->do(q{UPDATE profiles
- SET cryptpassword = ?
- WHERE userid = ?},
- undef, ($cryptedpassword, $user->id));
-
+ $user->set_password($pwd1);
# Invalidate all logins except for the current one
Bugzilla->logout(LOGOUT_KEEP_CURRENT);
}
@@ -121,10 +118,9 @@ sub SaveAccount {
}
}
- my $realname = trim($cgi->param('realname'));
- trick_taint($realname); # Only used in a placeholder
- $dbh->do("UPDATE profiles SET realname = ? WHERE userid = ?",
- undef, ($realname, $user->id));
+ $user->set_name($cgi->param('realname'));
+ $user->update({ keep_session => 1, keep_tokens => 1 });
+ $dbh->bz_commit_transaction;
}