fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-08 03:01:43 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #1886 clean up incorrect use of getMemberInfo* methods

Browse source
This commit is contained in:
Kijin Sung 2022-03-14 01:40:43 +09:00
parent 53a8eaa81c
commit 7b46deb973
3 changed files with 31 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/communication/communication.controller.php
View file

@ -100,7 +100,7 @@ class communicationController extends communication
} }
$receiver_member_info = $oMemberModel->getMemberInfoByMemberSrl($receiver_srl); $receiver_member_info = $oMemberModel->getMemberInfoByMemberSrl($receiver_srl);
if($receiver_member_info->member_srl != $receiver_srl) if(!$receiver_member_info->member_srl)
{ {
throw new Rhymix\Framework\Exception('msg_not_exists_member'); throw new Rhymix\Framework\Exception('msg_not_exists_member');
} }

5
modules/communication/communication.view.php
View file

@ -249,7 +249,7 @@ class communicationView extends communication
} }
$receiver_info = $oMemberModel->getMemberInfoByMemberSrl($receiver_srl); $receiver_info = $oMemberModel->getMemberInfoByMemberSrl($receiver_srl);
if(!$receiver_info) if(!$receiver_info || !$receiver_info->member_srl)
{ {
throw new Rhymix\Framework\Exceptions\InvalidRequest; throw new Rhymix\Framework\Exceptions\InvalidRequest;
} }
@ -374,8 +374,7 @@ class communicationView extends communication
$oMemberModel = getModel('member'); $oMemberModel = getModel('member');
$oCommunicationModel = getModel('communication'); $oCommunicationModel = getModel('communication');
$communication_info = $oMemberModel->getMemberInfoByMemberSrl($target_srl); $communication_info = $oMemberModel->getMemberInfoByMemberSrl($target_srl);
if(!$communication_info || !$communication_info->member_srl)
if($communication_info->member_srl != $target_srl)
{ {
throw new Rhymix\Framework\Exceptions\InvalidRequest; throw new Rhymix\Framework\Exceptions\InvalidRequest;
} }

54
modules/member/member.controller.php
View file

@ -885,8 +885,7 @@ class memberController extends member
// Get information of logged-in user // Get information of logged-in user
$logged_info = Context::get('logged_info'); $logged_info = Context::get('logged_info');
$member_srl = $logged_info->member_srl; $member_srl = $logged_info->member_srl;
$columnList = array('member_srl', 'password'); $member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl, 0, $columnList);
// Verify the current password // Verify the current password
if(!MemberModel::isValidPassword($member_info->password, $password)) if(!MemberModel::isValidPassword($member_info->password, $password))
@ -1104,10 +1103,7 @@ class memberController extends member
// Get information of logged-in user // Get information of logged-in user
$logged_info = Context::get('logged_info'); $logged_info = Context::get('logged_info');
$member_srl = $logged_info->member_srl; $member_srl = $logged_info->member_srl;
// Get information of member_srl $member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
$columnList = array('member_srl', 'password');
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl, 0, $columnList);
// Verify the cuttent password // Verify the cuttent password
if(!MemberModel::isValidPassword($member_info->password, $current_password, $member_srl)) throw new Rhymix\Framework\Exception('invalid_password'); if(!MemberModel::isValidPassword($member_info->password, $current_password, $member_srl)) throw new Rhymix\Framework\Exception('invalid_password');
@ -1148,9 +1144,7 @@ class memberController extends member
// Get information of logged-in user // Get information of logged-in user
$logged_info = Context::get('logged_info'); $logged_info = Context::get('logged_info');
$member_srl = $logged_info->member_srl; $member_srl = $logged_info->member_srl;
// Get information of member_srl $member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
$columnList = array('member_srl', 'password');
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl, 0, $columnList);
// Verify the cuttent password // Verify the cuttent password
if(!MemberModel::isValidPassword($member_info->password, $password)) throw new Rhymix\Framework\Exception('invalid_password'); if(!MemberModel::isValidPassword($member_info->password, $password)) throw new Rhymix\Framework\Exception('invalid_password');
@ -1572,8 +1566,11 @@ class memberController extends member
if(!$member_srl) throw new Rhymix\Framework\Exception('msg_email_not_exists'); if(!$member_srl) throw new Rhymix\Framework\Exception('msg_email_not_exists');
// Get information of the member // Get information of the member
$columnList = array('denied', 'member_srl', 'user_id', 'user_name', 'email_address', 'nick_name'); $member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl, 0, $columnList); if(!$member_info || !$member_info->member_srl)
{
throw new Rhymix\Framework\Exception('msg_not_exists_member');
}
// Check if possible to find member's ID and password // Check if possible to find member's ID and password
if($member_info->denied == 'Y') if($member_info->denied == 'Y')
@ -1771,8 +1768,7 @@ class memberController extends member
throw new Rhymix\Framework\Exception('msg_not_exists_member'); throw new Rhymix\Framework\Exception('msg_not_exists_member');
} }
$columnList = array('member_srl', 'user_id', 'user_name', 'nick_name', 'email_address'); $member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl, 0, $columnList);
if(!$member_info || !$member_info->member_srl) if(!$member_info || !$member_info->member_srl)
{ {
throw new Rhymix\Framework\Exception('msg_not_exists_member'); throw new Rhymix\Framework\Exception('msg_not_exists_member');
@ -2167,7 +2163,7 @@ class memberController extends member
if((!$config->identifiers || in_array('email_address', $config->identifiers)) && strpos($user_id, '@') !== false) if((!$config->identifiers || in_array('email_address', $config->identifiers)) && strpos($user_id, '@') !== false)
{ {
$member_info = MemberModel::getMemberInfoByEmailAddress($user_id); $member_info = MemberModel::getMemberInfoByEmailAddress($user_id);
if(!$user_id || strtolower($member_info->email_address) !== strtolower($user_id)) if(!$member_info || strtolower($member_info->email_address) !== strtolower($user_id))
{ {
return $this->recordLoginError(-1, 'invalid_email_address'); return $this->recordLoginError(-1, 'invalid_email_address');
} }
@ -2200,7 +2196,7 @@ class memberController extends member
$user_id = preg_replace('/[^0-9]/', '', $user_id); $user_id = preg_replace('/[^0-9]/', '', $user_id);
$member_info = MemberModel::getMemberInfoByPhoneNumber($user_id, $phone_country); $member_info = MemberModel::getMemberInfoByPhoneNumber($user_id, $phone_country);
if(!$user_id || strtolower($member_info->phone_number) !== $user_id) if(!$member_info || strtolower($member_info->phone_number) !== $user_id)
{ {
return $this->recordLoginError(-1, 'invalid_user_id'); return $this->recordLoginError(-1, 'invalid_user_id');
} }
@ -2208,7 +2204,7 @@ class memberController extends member
elseif(!$config->identifiers || in_array('user_id', $config->identifiers)) elseif(!$config->identifiers || in_array('user_id', $config->identifiers))
{ {
$member_info = MemberModel::getMemberInfoByUserID($user_id); $member_info = MemberModel::getMemberInfoByUserID($user_id);
if(!$user_id || strtolower($member_info->user_id) !== strtolower($user_id)) if(!$member_info || strtolower($member_info->user_id) !== strtolower($user_id))
{ {
return $this->recordLoginError(-1, 'invalid_user_id'); return $this->recordLoginError(-1, 'invalid_user_id');
} }
@ -3107,15 +3103,25 @@ class memberController extends member
$trigger_obj = new stdClass(); $trigger_obj = new stdClass();
$trigger_obj->member_srl = $member_srl; $trigger_obj->member_srl = $member_srl;
$output = ModuleHandler::triggerCall('member.deleteMember', 'before', $trigger_obj); $output = ModuleHandler::triggerCall('member.deleteMember', 'before', $trigger_obj);
if(!$output->toBool()) return $output; if (!$output->toBool())
// Bringing the user's information {
$columnList = array('member_srl', 'is_admin'); return $output;
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl, 0, $columnList); }
if(!$member_info) return new BaseObject(-1, 'msg_not_exists_member');
// If managers can not be deleted
if($member_info->is_admin == 'Y') return new BaseObject(-1, 'msg_cannot_delete_admin');
$oDB = &DB::getInstance(); // Bringing the user's information
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
if (!$member_info || !$member_info->member_srl)
{
return new BaseObject(-1, 'msg_not_exists_member');
}
// If managers can not be deleted
if ($member_info->is_admin == 'Y')
{
return new BaseObject(-1, 'msg_cannot_delete_admin');
}
$oDB = DB::getInstance();
$oDB->begin(); $oDB->begin();
$args = new stdClass(); $args = new stdClass();