This commit was manufactured by cvs2svn to create tag 'BEFORE_LDAP'.
diff --git a/classes/friends/friend.class.php b/classes/friends/friend.class.php
index 793c45c..d2ae597 100755
--- a/classes/friends/friend.class.php
+++ b/classes/friends/friend.class.php
@@ -49,6 +49,24 @@
return $this->email;
}
private function getRoles() {
+
+ if ( $this->roles === "" ){
+ $App= new App();
+ # Get user roles
+ # Committer
+ $sql = "SELECT /* friend.class.php authenticate */ COUNT(1) AS RecordCount FROM PeopleProjects AS PRJ
+ INNER JOIN People AS P ON P.PersonID = PRJ.PersonID
+ WHERE P.EMail = '$this->email' AND PRJ.Relation = 'CM'
+ AND (LEFT(PRJ.InactiveDate,10) = '0000-00-00' OR PRJ.InactiveDate IS NULL OR PRJ.InactiveDate > NOW())";
+
+ $result = $App->foundation_sql($sql);
+ if($result && mysql_num_rows($result) > 0) {
+ $myrow = mysql_fetch_assoc($result);
+ if($myrow['RecordCount'] > 0) {
+ $this->roles .= "::CM::";
+ }
+ }
+ }
return $this->roles;
}
@@ -249,9 +267,11 @@
//check if magic quotes is 'off'. If it's on then the sanitizer will extra escape
//the adress which results in valid accounts being rejected.
if(!get_magic_quotes_gpc()) {
- $email = $App->sqlSanitize($email, null);
- }
- // Don't know why this is here: $password = $App->sqlSanitize($password, null);
+ $email = $App->sqlSanitize($email, null);
+ }
+ else {
+ $password = stripslashes($password); # 359128 - password didn't work with \
+ }
$sql = "SELECT userid, login_name,
LEFT(realname, @loc:=LENGTH(realname) - LOCATE(' ', REVERSE(realname))) AS first_name,
@@ -296,21 +316,7 @@
$this->setFirstName($myrow['first_name']);
$this->setLastName($myrow['last_name']);
-
- # Get user roles
- # Committer
- $sql = "SELECT /* friend.class.php authenticate */ COUNT(1) AS RecordCount FROM PeopleProjects AS PRJ
- INNER JOIN People AS P ON P.PersonID = PRJ.PersonID
- WHERE P.EMail = '$email' AND PRJ.Relation = 'CM'
- AND (LEFT(PRJ.InactiveDate,10) = '0000-00-00' OR PRJ.InactiveDate IS NULL OR PRJ.InactiveDate > NOW())";
- $result = $App->foundation_sql($sql);
- if($result && mysql_num_rows($result) > 0) {
- $myrow = mysql_fetch_assoc($result);
- if($myrow['RecordCount'] > 0) {
- $this->roles .= "::CM::";
- }
- }
}
}
}