diff options
Diffstat (limited to 'modules/user.module')
| -rw-r--r-- | modules/user.module | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/modules/user.module b/modules/user.module index 6d90de404..0f933190e 100644 --- a/modules/user.module +++ b/modules/user.module @@ -44,24 +44,24 @@ function user_external_load($authname) { */ function user_load($array = array()) { // Dynamically compose a SQL query: - $query = ''; - + $query = array(); $params = array(); + foreach ($array as $key => $value) { - if ($key == 'pass') { - $query .= "u.pass = '%s' AND "; - $params[] = md5($value); - } - else if ($key == 'uid') { - $query .= "u.uid = %d AND "; + if ($key == 'uid' || $key == 'status') { + $query[] = "$key = %d"; $params[] = $value; } + else if ($key == 'pass') { + $query[] = "pass = '%s'"; + $params[] = md5($value); + } else { - $query .= "LOWER(u.$key) = LOWER('%s') AND "; + $query[]= "LOWER($key) = LOWER('%s')"; $params[] = $value; } } - $result = db_query_range("SELECT u.* FROM {users} u WHERE $query u.status < 3", $params, 0, 1); + $result = db_query('SELECT * FROM {users} u WHERE ' . implode(' AND ', $query), $params); if (db_num_rows($result)) { $user = db_fetch_object($result); |