From b7e1208d8c64cdb3a86733052f349eb6228ee1b0 Mon Sep 17 00:00:00 2001
From: "travis%sedsystems.ca" <>
Date: Tue, 1 Feb 2005 05:04:11 +0000
Subject: Bug 280124 : Move InsertNewUser to Bugzilla::User Patch by Max
 Kanat-Alexander <mkanat@kerio.com>   r=vladd  a=justdave

---
 Bugzilla/Auth/Verify/LDAP.pm |  3 ++-
 Bugzilla/User.pm             | 50 ++++++++++++++++++++++++++++++++++++++++++++
 createaccount.cgi            |  4 +++-
 globals.pl                   | 24 ---------------------
 4 files changed, 55 insertions(+), 26 deletions(-)

diff --git a/Bugzilla/Auth/Verify/LDAP.pm b/Bugzilla/Auth/Verify/LDAP.pm
index d5b115ca0..cda67fb80 100644
--- a/Bugzilla/Auth/Verify/LDAP.pm
+++ b/Bugzilla/Auth/Verify/LDAP.pm
@@ -33,6 +33,7 @@ use strict;
 
 use Bugzilla::Config;
 use Bugzilla::Constants;
+use Bugzilla::User qw(insert_new_user);
 
 use Net::LDAP;
 
@@ -149,7 +150,7 @@ sub authenticate {
         if($userRealName eq "") {
             $userRealName = $user_entry->get_value("cn");
         }
-        &::InsertNewUser($username, $userRealName);
+        insert_new_user($username, $userRealName);
 
         ($userid, $disabledtext) = $dbh->selectrow_array($sth,
                                                          undef,
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 373a65655..e3990f070 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -37,6 +37,10 @@ use Bugzilla::Config;
 use Bugzilla::Error;
 use Bugzilla::Util;
 use Bugzilla::Constants;
+use Bugzilla::Auth;
+
+use Exporter qw(import);
+@Bugzilla::User::EXPORT_OK = qw(insert_new_user);
 
 ################################################################################
 # Functions
@@ -929,6 +933,31 @@ sub get_userlist {
     return $self->{'userlist'};
 }
 
+sub insert_new_user ($$) {
+    my ($username, $realname) = (@_);
+    my $dbh = Bugzilla->dbh;
+
+    # Generate a new random password for the user.
+    my $password = &::GenerateRandomPassword();
+    my $cryptpassword = bz_crypt($password);
+
+    # XXX - These should be moved into ValidateNewUser or CheckEmailSyntax
+    #       At the least, they shouldn't be here. They're safe for now, though.
+    trick_taint($username);
+    trick_taint($realname);
+
+    # Insert the new user record into the database.
+    $dbh->do("INSERT INTO profiles 
+                          (login_name, realname, cryptpassword, emailflags) 
+                   VALUES (?, ?, ?, ?)",
+             undef, 
+             ($username, $realname, $cryptpassword, DEFAULT_EMAIL_SETTINGS));
+
+    # Return the password to the calling code so it can be included
+    # in an email sent to the user.
+    return $password;
+}
+
 1;
 
 __END__
@@ -943,6 +972,9 @@ Bugzilla::User - Object for a Bugzilla user
 
   my $user = new Bugzilla::User($id);
 
+  # Class Functions
+  $random_password = insert_new_user($username, $realname);
+
 =head1 DESCRIPTION
 
 This package handles Bugzilla users. Data obtained from here is read-only;
@@ -1135,6 +1167,24 @@ value.
 
 =back
 
+=head1 CLASS FUNCTIONS
+
+=over4
+
+These are functions that are not called on a User object, but instead are
+called "statically," just like a normal procedural function.
+
+=item C<insert_new_user>
+
+Creates a new user in the database with a random password.
+
+Params: $username (scalar, string) - The login name for the new user.
+        $realname (scalar, string) - The full name for the new user.
+
+Returns: The password that we randomly generated for this user, in plain text.
+
+=back
+
 =head1 SEE ALSO
 
 L<Bugzilla|Bugzilla>
diff --git a/createaccount.cgi b/createaccount.cgi
index 2447c1117..6867ea3c4 100755
--- a/createaccount.cgi
+++ b/createaccount.cgi
@@ -30,6 +30,8 @@ use lib qw(.);
 
 require "CGI.pl";
 
+use Bugzilla::User qw(insert_new_user);
+
 # Shut up misguided -w warnings about "used only once":
 use vars qw(
   $template
@@ -74,7 +76,7 @@ if (defined($login)) {
     }
     
     # Create account
-    my $password = InsertNewUser($login, $realname);
+    my $password = insert_new_user($login, $realname);
     MailPassword($login, $password);
     
     $template->process("account/created.html.tmpl", $vars)
diff --git a/globals.pl b/globals.pl
index 0badac43e..c97467b36 100644
--- a/globals.pl
+++ b/globals.pl
@@ -410,30 +410,6 @@ sub ValidateNewUser {
     return 1;
 }
 
-sub InsertNewUser {
-    my ($username, $realname) = (@_);
-
-    # Generate a new random password for the user.
-    my $password = GenerateRandomPassword();
-    my $cryptpassword = bz_crypt($password);
-
-
-    my $defaultflagstring = SqlQuote(Bugzilla::Constants::DEFAULT_EMAIL_SETTINGS); 
-
-    # Insert the new user record into the database.            
-    $username = SqlQuote($username);
-    $realname = SqlQuote($realname);
-    $cryptpassword = SqlQuote($cryptpassword);
-    PushGlobalSQLState();
-    SendSQL("INSERT INTO profiles (login_name, realname, cryptpassword, emailflags) 
-             VALUES ($username, $realname, $cryptpassword, $defaultflagstring)");
-    PopGlobalSQLState();
-
-    # Return the password to the calling code so it can be included 
-    # in an email sent to the user.
-    return $password;
-}
-
 sub GenerateRandomPassword {
     my $size = (shift or 10); # default to 10 chars if nothing specified
     return join("", map{ ('0'..'9','a'..'z','A'..'Z')[rand 62] } (1..$size));
-- 
cgit v1.2.3-24-g4f1b