From cb043e8c489f033f7435e7fd5d18325155465c77 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Thu, 17 Jun 2010 13:44:45 +0000
Subject: - Patch #735800 by effulgentsia, fago, Frando: node form triggers
 form level submit functions on button level submits, without validation. Oh
 yeah.

---
 modules/user/user.pages.inc | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

(limited to 'modules/user')

diff --git a/modules/user/user.pages.inc b/modules/user/user.pages.inc
index 32c20a4d7..24b9a2b72 100644
--- a/modules/user/user.pages.inc
+++ b/modules/user/user.pages.inc
@@ -243,6 +243,18 @@ function template_preprocess_user_profile_category(&$variables) {
 function user_profile_form($form, &$form_state, $account, $category = 'account') {
   global $user;
 
+  // During initial form build, add the entity to the form state for use during
+  // form building and processing. During a rebuild, use what is in the form
+  // state.
+  if (!isset($form_state['user'])) {
+    $form_state['user'] = $account;
+  }
+  else {
+    $account = $form_state['user'];
+  }
+
+  // @todo Legacy support. Modules are encouraged to access the entity using
+  //   $form_state. Remove in Drupal 8.
   $form['#user'] = $account;
   $form['#user_category'] = $category;
 
@@ -278,22 +290,23 @@ function user_profile_form($form, &$form_state, $account, $category = 'account')
  * Validation function for the user account and profile editing form.
  */
 function user_profile_form_validate($form, &$form_state) {
-  $edit = (object) $form_state['values'];
-  field_attach_form_validate('user', $edit, $form, $form_state);
+  entity_form_field_validate('user', $form, $form_state);
 }
 
 /**
  * Submit function for the user account and profile editing form.
  */
 function user_profile_form_submit($form, &$form_state) {
-  $account = $form['#user'];
+  $account = $form_state['user'];
   $category = $form['#user_category'];
   // Remove unneeded values.
   form_state_values_clean($form_state);
 
-  $edit = (object) $form_state['values'];
-  field_attach_submit('user', $edit, $form, $form_state);
-  $edit = (array) $edit;
+  entity_form_submit_build_entity('user', $account, $form, $form_state);
+
+  // Populate $edit with the properties of $account, which have been edited on
+  // this form by taking over all values, which appear in the form values too.
+  $edit = array_intersect_key((array) $account, $form_state['values']);
 
   user_save($account, $edit, $category);
   $form_state['values']['uid'] = $account->uid;
-- 
cgit v1.2.3