1 files changed, 8 insertions, 12 deletions

diff --git a/userprefs.cgi b/userprefs.cgi
index e527b1489..1b6347456 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -32,8 +32,7 @@ sub DoAccount {
     my $dbh = Bugzilla->dbh;
     my $user = Bugzilla->user;
 
-    ($vars->{'realname'}) = $dbh->selectrow_array(
-        "SELECT realname FROM profiles WHERE userid = ?", undef, $user->id);
+    $vars->{'realname'} = $user->name;
 
     if (Bugzilla->params->{'allowemailchange'}
         && $user->authorizer->can_change_email)
@@ -64,6 +63,9 @@ sub DoAccount {
 sub SaveAccount {
     my $cgi = Bugzilla->cgi;
     my $dbh = Bugzilla->dbh;
+    
+    $dbh->bz_start_transaction;
+
     my $user = Bugzilla->user;
 
     my $oldpassword = $cgi->param('old_password');
@@ -86,12 +88,7 @@ sub SaveAccount {
             validate_password($pwd1, $pwd2);
 
             if ($oldpassword ne $pwd1) {
-                my $cryptedpassword = bz_crypt($pwd1);
-                $dbh->do(q{UPDATE profiles
-                              SET cryptpassword = ?
-                            WHERE userid = ?},
-                         undef, ($cryptedpassword, $user->id));
-
+                $user->set_password($pwd1);
                 # Invalidate all logins except for the current one
                 Bugzilla->logout(LOGOUT_KEEP_CURRENT);
             }
@@ -121,10 +118,9 @@ sub SaveAccount {
         }
     }
 
-    my $realname = trim($cgi->param('realname'));
-    trick_taint($realname); # Only used in a placeholder
-    $dbh->do("UPDATE profiles SET realname = ? WHERE userid = ?",
-             undef, ($realname, $user->id));
+    $user->set_name($cgi->param('realname'));
+    $user->update({ keep_session => 1, keep_tokens => 1 });
+    $dbh->bz_commit_transaction;
 }