From b7e1208d8c64cdb3a86733052f349eb6228ee1b0 Mon Sep 17 00:00:00 2001 From: "travis%sedsystems.ca" <> Date: Tue, 1 Feb 2005 05:04:11 +0000 Subject: Bug 280124 : Move InsertNewUser to Bugzilla::User Patch by Max Kanat-Alexander r=vladd a=justdave --- Bugzilla/Auth/Verify/LDAP.pm | 3 ++- Bugzilla/User.pm | 50 ++++++++++++++++++++++++++++++++++++++++++++ createaccount.cgi | 4 +++- globals.pl | 24 --------------------- 4 files changed, 55 insertions(+), 26 deletions(-) diff --git a/Bugzilla/Auth/Verify/LDAP.pm b/Bugzilla/Auth/Verify/LDAP.pm index d5b115ca0..cda67fb80 100644 --- a/Bugzilla/Auth/Verify/LDAP.pm +++ b/Bugzilla/Auth/Verify/LDAP.pm @@ -33,6 +33,7 @@ use strict; use Bugzilla::Config; use Bugzilla::Constants; +use Bugzilla::User qw(insert_new_user); use Net::LDAP; @@ -149,7 +150,7 @@ sub authenticate { if($userRealName eq "") { $userRealName = $user_entry->get_value("cn"); } - &::InsertNewUser($username, $userRealName); + insert_new_user($username, $userRealName); ($userid, $disabledtext) = $dbh->selectrow_array($sth, undef, diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 373a65655..e3990f070 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -37,6 +37,10 @@ use Bugzilla::Config; use Bugzilla::Error; use Bugzilla::Util; use Bugzilla::Constants; +use Bugzilla::Auth; + +use Exporter qw(import); +@Bugzilla::User::EXPORT_OK = qw(insert_new_user); ################################################################################ # Functions @@ -929,6 +933,31 @@ sub get_userlist { return $self->{'userlist'}; } +sub insert_new_user ($$) { + my ($username, $realname) = (@_); + my $dbh = Bugzilla->dbh; + + # Generate a new random password for the user. + my $password = &::GenerateRandomPassword(); + my $cryptpassword = bz_crypt($password); + + # XXX - These should be moved into ValidateNewUser or CheckEmailSyntax + # At the least, they shouldn't be here. They're safe for now, though. + trick_taint($username); + trick_taint($realname); + + # Insert the new user record into the database. + $dbh->do("INSERT INTO profiles + (login_name, realname, cryptpassword, emailflags) + VALUES (?, ?, ?, ?)", + undef, + ($username, $realname, $cryptpassword, DEFAULT_EMAIL_SETTINGS)); + + # Return the password to the calling code so it can be included + # in an email sent to the user. + return $password; +} + 1; __END__ @@ -943,6 +972,9 @@ Bugzilla::User - Object for a Bugzilla user my $user = new Bugzilla::User($id); + # Class Functions + $random_password = insert_new_user($username, $realname); + =head1 DESCRIPTION This package handles Bugzilla users. Data obtained from here is read-only; @@ -1135,6 +1167,24 @@ value. =back +=head1 CLASS FUNCTIONS + +=over4 + +These are functions that are not called on a User object, but instead are +called "statically," just like a normal procedural function. + +=item C + +Creates a new user in the database with a random password. + +Params: $username (scalar, string) - The login name for the new user. + $realname (scalar, string) - The full name for the new user. + +Returns: The password that we randomly generated for this user, in plain text. + +=back + =head1 SEE ALSO L diff --git a/createaccount.cgi b/createaccount.cgi index 2447c1117..6867ea3c4 100755 --- a/createaccount.cgi +++ b/createaccount.cgi @@ -30,6 +30,8 @@ use lib qw(.); require "CGI.pl"; +use Bugzilla::User qw(insert_new_user); + # Shut up misguided -w warnings about "used only once": use vars qw( $template @@ -74,7 +76,7 @@ if (defined($login)) { } # Create account - my $password = InsertNewUser($login, $realname); + my $password = insert_new_user($login, $realname); MailPassword($login, $password); $template->process("account/created.html.tmpl", $vars) diff --git a/globals.pl b/globals.pl index 0badac43e..c97467b36 100644 --- a/globals.pl +++ b/globals.pl @@ -410,30 +410,6 @@ sub ValidateNewUser { return 1; } -sub InsertNewUser { - my ($username, $realname) = (@_); - - # Generate a new random password for the user. - my $password = GenerateRandomPassword(); - my $cryptpassword = bz_crypt($password); - - - my $defaultflagstring = SqlQuote(Bugzilla::Constants::DEFAULT_EMAIL_SETTINGS); - - # Insert the new user record into the database. - $username = SqlQuote($username); - $realname = SqlQuote($realname); - $cryptpassword = SqlQuote($cryptpassword); - PushGlobalSQLState(); - SendSQL("INSERT INTO profiles (login_name, realname, cryptpassword, emailflags) - VALUES ($username, $realname, $cryptpassword, $defaultflagstring)"); - PopGlobalSQLState(); - - # Return the password to the calling code so it can be included - # in an email sent to the user. - return $password; -} - sub GenerateRandomPassword { my $size = (shift or 10); # default to 10 chars if nothing specified return join("", map{ ('0'..'9','a'..'z','A'..'Z')[rand 62] } (1..$size)); -- cgit v1.2.3-24-g4f1b