From f8f87b3a7f45cd47256c655fcebd8ec92cfee459 Mon Sep 17 00:00:00 2001 From: "bbaetz%acm.org" <> Date: Fri, 25 Apr 2003 06:11:59 +0000 Subject: Bug 201018 - editusers.cgi never calls DeriveGroup prior to changing a bug patch mostly by justdave, bits by me r=bbaetz,justdave,myk a=justdave --- checksetup.pl | 8 +++++++- editusers.cgi | 3 +++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/checksetup.pl b/checksetup.pl index f67042599..7c44eaa68 100755 --- a/checksetup.pl +++ b/checksetup.pl @@ -3863,12 +3863,18 @@ if ($sth->rows == 0) { # Support for quips approval AddField('quips', 'approved', 'tinyint(1) NOT NULL DEFAULT 1'); -# 2002-11-XX Bug 180870 - remove manual shadowdb replication code +# 2002-12-20 Bug 180870 - remove manual shadowdb replication code if (TableExists('shadowlog')) { print "Removing shadowlog table\n"; $dbh->do("DROP TABLE shadowlog"); } +# 2003-04-24 - myk@mozilla.org/bbaetz@acm.org, bug 201018 +# Force all cached groups to be updated at login, due to security +# At the next schema change, this should be moved inside that block so that the +# update doesn't happen on every run +$dbh->do("UPDATE profiles SET refreshed_when='1900-01-01 00:00:00'"); + # # Final checks... diff --git a/editusers.cgi b/editusers.cgi index 4e423c2d5..143e87442 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -785,6 +785,8 @@ if ($action eq 'update') { "VALUES " . "($thisuserid, $::userid, now(), $fieldid, " . SqlQuote(join(", ",@grpdel)) . ", " . SqlQuote(join(", ",@grpadd)) . ")"); + SendSQL("UPDATE profiles SET refreshed_when='1900-01-01 00:00:00' " . + "WHERE userid = $thisuserid"); } @@ -842,6 +844,7 @@ if ($action eq 'update') { print "Updated user's name.
\n"; } + DeriveGroup($thisuserid); PutTrailer($localtrailer); exit; -- cgit v1.2.3-24-g4f1b