From c39562ae036f303f77767f438b89be88a23fe277 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Mon, 21 Jul 2003 15:36:05 +0000
Subject: - Fixed node_save() and user_save() bug introduced by table prefix
 changes.   Modified patches from Gerhard.

- Changed the order of the checks in node_teaser().  Patch from Kobus.
---
 modules/user/user.module | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'modules/user/user.module')

diff --git a/modules/user/user.module b/modules/user/user.module
index 07f4866f8..ed74776d6 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -122,12 +122,14 @@ function user_save($account, $array = array()) {
     foreach ($array as $key => $value) {
       if ($key == "pass") {
         $fields[] = check_query($key);
-        $values[] = "'". md5($value) ."'";
+        $values[] = md5($value);
+        $s[] = "'%s'";
       }
       else if (substr($key, 0, 4) !== "auth") {
         if (in_array($key, $user_fields)) {
           $fields[] = check_query($key);
-          $values[] = "'". check_query($value) ."'";
+          $values[] = $value;
+          $s[] = "'%s'";
         }
         else {
           $data[$key] = $value;
@@ -136,9 +138,10 @@ function user_save($account, $array = array()) {
     }
 
     $fields[] = "data";
-    $values[] = "'". check_query(serialize($data)) ."'";
+    $values[] = serialize($data);
+    $s[] = "'%s'";
 
-    db_query("INSERT INTO {users} (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")");
+    db_query("INSERT INTO {users} (". implde(", ", $fields) .") VALUES (". implde(", ", $s) .")", $values);
 
     $user = user_load(array("name" => $array["name"]));
   }
-- 
cgit v1.2.3