? 751090-bakery-d7-4.patch
? bakery--751090-6.patch
Index: bakery.info
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/bakery/bakery.info,v
retrieving revision 1.1
diff -u -p -r1.1 bakery.info
--- bakery.info	22 Jul 2009 22:41:20 -0000	1.1
+++ bakery.info	13 Apr 2010 12:12:46 -0000
@@ -1,3 +1,4 @@
 name = Bakery
 description = Provides single-sign-on support across second-level domains.
-core = 6.x
+core = 7.x
+files[] = bakery.module
\ No newline at end of file
Index: bakery.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/bakery/bakery.module,v
retrieving revision 1.52
diff -u -p -r1.52 bakery.module
--- bakery.module	17 Feb 2010 22:49:44 -0000	1.52
+++ bakery.module	13 Apr 2010 12:12:47 -0000
@@ -2,12 +2,12 @@
 // $Id: bakery.module,v 1.52 2010/02/17 22:49:44 killes Exp $
 
 /**
- * Implementation of hook_menu().
+ * Implements hook_menu().
  */
 function bakery_menu() {
   $items = array();
 
-  $items['admin/settings/bakery'] = array(
+  $items['admin/config/system/bakery'] = array(
     'title' => 'Bakery',
     'access arguments' => array('administer bakery'),
     'page callback' => 'drupal_get_form',
@@ -42,7 +42,7 @@ function bakery_menu() {
 
 
 /**
- * Implementation of hook_menu_alter().
+ * Implements hook_menu_alter().
  */
 function bakery_menu_alter(&$callbacks) {
   if (!variable_get('bakery_is_master', 0)) {
@@ -66,9 +66,9 @@ function bakery_menu_alter(&$callbacks) 
 
 
 /**
- * Implementation of hook_translated_menu_link_alter().
+ * Implements hook_translated_menu_link_alter().
  */
-function bakery_translated_menu_link_alter(&$item) {
+function bakery_translated_menu_link_alter(&$item, $map) {
   if ($item['href'] == 'bakery') {
     $item['localized_options']['query'] = drupal_get_destination();
   }
@@ -76,62 +76,84 @@ function bakery_translated_menu_link_alt
 
 
 /**
- * Implementation of hook_perm().
+ * Implements hook_permission().
  */
-function bakery_perm() {
-  return array('administer bakery');
+function bakery_permission() {
+  return array(
+    'administer bakery' => array(
+      'title' => 'Administer Bakery',
+    ),
+  );
 }
 
 /**
- * Implementation of hook_user().
+ * Implements hook_user_login().
  */
-function bakery_user($op, &$array, &$account, $category = NULL) {
-  if ($op == 'login') {
-    if (variable_get('bakery_is_master', 0)) {
-      _bakery_bake_chocolatechip_cookie($account->name, $account->mail, url("user/$account->uid/edit", array('absolute' => TRUE)));
-      _bakery_taste_oatmeal_cookie();
-    }
-  }
-  else if ($op == 'logout') {
-    // eat SSO cookie
-    _bakery_eat_cookie();
-    // eat session cookie
-    _bakery_eat_cookie(session_name());
+function bakery_user_login(&$edit, $account) {
+  if (variable_get('bakery_is_master', 0)) {
+    _bakery_bake_chocolatechip_cookie($account->name, $account->mail, url("user/$account->uid/edit", array('absolute' => TRUE)));
+    _bakery_taste_oatmeal_cookie();
   }
-  else if ($op == 'update' && variable_get('bakery_is_master', 0)) {
+}
+
+/**
+ * Implements hook_user_logout().
+ */
+function bakery_user_logout($account) {
+  // eat SSO cookie
+  _bakery_eat_cookie();
+  // eat session cookie
+  _bakery_eat_cookie(session_name());
+}
+
+/**
+ * Implements hook_user_update().
+ */
+function bakery_user_presave(&$edit, $account, $category) {
+  if (variable_get('bakery_is_master', 0)) {
     // We store email/name if they changed. We want to wait with doing
     // anything else until the changes are saved locally.
     foreach (variable_get('bakery_supported_fields', array('mail' => 'mail', 'name' => 'name')) as $type => $enabled) {
-      if ($enabled && isset($array[$type]) && $account->$type != $array[$type]) {
-        $_SESSION['bakery'][$type] = $array[$type];
+      if ($enabled && isset($edit[$type]) && $account->$type != $edit[$type]) {
+        $_SESSION['bakery'][$type] = $edit[$type];
       }
     }
-  }
-  // We need to push changes.
-  else if ($op == 'after_update' && variable_get('bakery_is_master', 0) && isset($_SESSION['bakery'])) {
-    $key = variable_get('bakery_key', '');
-    $payload['data'] = serialize($_SESSION['bakery']);
-    $payload['timestamp'] = $_SERVER['REQUEST_TIME'];
-    $payload['uid'] = $account->uid;
-    $payload['category'] = $category;
-    $payload['signature'] = hash_hmac('sha256', $payload['data'] . '/' . $payload['uid'] .'/'. $payload['timestamp'], $key);
-    $payload = drupal_query_string_encode(array('stroopwafel' => bakery_mix(serialize($payload), 1)));
-    unset($_SESSION['bakery']);
-
-    // now update the slaves
-    $slaves = variable_get('bakery_slaves', array());
-    foreach ($slaves as $slave) {
-      $result = drupal_http_request($slave .'bakery/update', array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8'), 'POST', $payload);
-      if ($result->code != 200) {
-        drupal_set_message(t('Error %error for site at %url', array('%error' => $result->code .' '. $result->error, '%url' => $slave)));
-      }
-      else {
-        drupal_set_message($result->data);
-        // TODO: Roll back the change.
+    // We need to push changes.
+    if (isset($_SESSION['bakery'])) {
+      $key = variable_get('bakery_key', '');
+      $payload['data'] = serialize($_SESSION['bakery']);
+      $payload['timestamp'] = $_SERVER['REQUEST_TIME'];
+      $payload['uid'] = $account->uid;
+      $payload['category'] = $category;
+      $payload['signature'] = hash_hmac('sha256', $payload['data'] . '/' . $payload['uid'] .'/'. $payload['timestamp'], $key);
+      $payload = drupal_http_build_query(array('stroopwafel' => bakery_mix(serialize($payload), 1)));
+      unset($_SESSION['bakery']);
+      // now update the slaves
+      $slaves = variable_get('bakery_slaves', array());
+      foreach ($slaves as $slave) {
+        $options = array(
+          'headers' => array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8'),
+          'method' => 'POST',
+          'data' => $payload,
+        );
+        $result = drupal_http_request($slave .'bakery/update', $options);
+        if ($result->code != 200) {
+          drupal_set_message(t('Error %error for site at %url', array('%error' => $result->code .' '. $result->error, '%url' => $slave)));
+        }
+        else {
+          drupal_set_message($result->data);
+          // TODO: Roll back the change.
+        }
       }
     }
   }
-  else if ($op == 'view' && !variable_get('bakery_is_master', 0)) {
+}
+
+/**
+ * Implements hook_user_view().
+ */
+function bakery_user_view($account, $view_mode) {
+  if (!variable_get('bakery_is_master', 0)) {
     if (substr($account->init, 0, strlen(variable_get('bakery_master', 'http://drupal.org/'))) == variable_get('bakery_master', 'http://drupal.org/')) {
       $account->content['summary']['master_profile'] = array(
         '#type' => 'item',
@@ -145,14 +167,14 @@ function bakery_user($op, &$array, &$acc
 }
 
 /**
- * Implementation of hook_init().
+ * Implements hook_init().
  */
 function bakery_init() {
   _bakery_taste_chocolatechip_cookie();
 }
 
 /**
- * Implementation of hook_form_alter().
+ * Implements hook_form_alter().
  *
  * Hide username and password options.
  */
@@ -221,7 +243,7 @@ function bakery_form_alter(&$form, $form
 /**
  * Admin settings, see INSTALL.txt
  */
-function bakery_settings() {
+function bakery_settings($form, &$form_state) {
   $form = array(
     '#submit' => array('bakery_settings_submit'),
   );
@@ -277,8 +299,8 @@ function bakery_settings() {
   $default['name'] = 'name';
   $options = array('name' => t('username'), 'mail' => t('e-mail'), 'status' => t('status'), 'picture' => t('user picture'), 'language' => t('language'), 'signature' => t('signature'), 'timezone' => t('timezone'));
   if (module_exists('profile')) {
-    $result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
-    while ($field = db_fetch_object($result)) {
+    $result = db_query('SELECT name, title FROM {profile_field} ORDER BY category, weight');
+    foreach ($result as $field) {
       $options[$field->name] = check_plain($field->title);
     }
   }
@@ -294,17 +316,20 @@ function bakery_settings() {
 }
 
 function bakery_settings_submit($form, &$form_state) {
-  db_query("DELETE FROM {url_alias} WHERE src = 'bakery' AND dst IN ('user/login', 'user/register')");
+  $query = db_delete('url_alias')
+    ->condition('source', 'bakery')
+    ->condition('alias', array('user/login', 'user/register'), 'IN')
+    ->execute();
   if (!$form_state['values']['bakery_is_master']) {
     // Add URL aliases to bakery
     $aliases = array(
       array(
-        'src' => 'bakery',
-        'dst' => 'user/login',
+        'source' => 'bakery',
+        'alias' => 'user/login',
       ),
       array(
-        'src' => 'bakery',
-        'dst' => 'user/register',
+        'source' => 'bakery',
+        'alias' => 'user/register',
       ),
     );
     foreach ($aliases as $alias) {
@@ -374,22 +399,34 @@ function _bakery_taste_chocolatechip_coo
     _bakery_bake_chocolatechip_cookie($cookie['name'], $cookie['mail'], $cookie['init']);
 
     if (!$user->uid) {
-      $account = user_load(array('name' => $cookie['name'], 'mail' => $cookie['mail']));
+      $account = user_load_multiple(array(), array('name' => $cookie['name'], 'mail' => $cookie['mail']));
+      if (is_array($account)) {
+        $account = reset($account);
+      }
 
       // Fix out of sync users with valid init.
       if (!$account && !variable_get('bakery_is_master', 0) && $cookie['master']) {
-        $count = db_result(db_query("SELECT COUNT(*) FROM {users} WHERE init = '%s'", $cookie['init']));
+        //$count = db_result(db_query("SELECT COUNT(*) FROM {users} WHERE init = '%s'", $cookie['init']));
+        $count = db_select('users', 'u')->fields('u', array('uid'))
+          ->condition('init', $cookie['init'])
+          ->countQuery()->execute()->fetchField();
         if ($count > 1) {
           // Uh oh.
           watchdog('bakery', 'Account uniqueness problem: Multiple users found with init %init.', array('%init' => $cookie['init']), 'error');
           drupal_set_message(t('Account uniqueness problem detected. <a href="@contact">Please contact the site administrator.</a>', array('@contact' => variable_get('bakery_master', 'http://drupal.org/') .'contact')), 'error');
         }
         if ($count == 1) {
-          $account = user_load(array('init' => $cookie['init']));
+          $account = user_load_multiple(array(), array('init' => $cookie['init']));
+          if (is_array($account)) {
+            $account = reset($account);
+          }
           if ($account) {
             watchdog('bakery', 'Fixing out of sync uid %uid. Changed name %name_old to %name_new, mail %mail_old to %mail_new.', array('%uid' => $account->uid, '%name_old' => $account->name, '%name_new' => $cookie['name'], '%mail_old' => $account->mail, '%mail_new' => $cookie['mail']));
             user_save($account, array('name' => $cookie['name'], 'mail' => $cookie['mail']));
-            $account = user_load(array('name' => $cookie['name'], 'mail' => $cookie['mail']));
+            $account = user_load_multiple(array(), array('name' => $cookie['name'], 'mail' => $cookie['mail']));
+            if (is_array($account)) {
+              $account = reset($account);
+            }
           }
         }
       }
@@ -397,13 +434,27 @@ function _bakery_taste_chocolatechip_coo
       // Create the account if it doesn't exist.
       if (!$account && !variable_get('bakery_is_master', 0) && $cookie['master']) {
         $checks = TRUE;
-        if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND mail != '' AND LOWER(mail) = LOWER('%s')", $user->uid, $cookie['mail'])) > 0) {
+        $mail_count = db_select('users', 'u')->fields('u', array('uid'))
+          ->condition('uid', $user->uid, '!=')
+          ->condition('mail', '', '!=')
+          ->where('LOWER(mail) = LOWER(:mail)', array(':mail' => $cookie['mail']))
+          ->countQuery()->execute()->fetchField();
+        if ($mail_count > 0) {
           $checks = FALSE;
         }
-        if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $user->uid, $cookie['name'])) > 0) {
+        $name_count = db_select('users', 'u')->fields('u', array('uid'))
+          ->condition('uid', $user->uid, '!=')
+          ->where('LOWER(name) = LOWER(:name)', array(':name' => $cookie['name']))
+          ->countQuery()->execute()->fetchField();
+        if ($name_count > 0) {
           $checks = FALSE;
         }
-        if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND init = '%s'", $user->uid, $cookie['init'])) > 0) {
+        $init_count = db_select('users', 'u')->fields('u', array('uid'))
+          ->condition('uid', $user->uid, '!=')
+          ->condition('init', $cookie['init'], '=')
+          ->where('LOWER(name) = LOWER(:name)', array(':name' => $cookie['name']))
+          ->countQuery()->execute()->fetchField();
+        if ($init_count > 0) {
           $checks = FALSE;
         }
 
@@ -433,7 +484,9 @@ function _bakery_taste_chocolatechip_coo
 
         // Make sure that there aren't any OTHER accounts with this init already.
         if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE init = '%s'", $cookie['init'])) == 0) {
-          db_query("UPDATE {users} SET init = '%s' WHERE uid = %d", $cookie['init'], $account->uid);
+          db_update('users')->fields(array('init' => $cookie['init']))
+            ->condition('uid', $account->uid)
+            ->execute();
           watchdog('bakery', 'uid %uid out of sync. Changed init field from %oldinit to %newinit', array('%oldinit' => $account->init, '%newinit' => $cookie['init'], '%uid' => $account->uid));
         }
         else {
@@ -463,7 +516,7 @@ function _bakery_taste_chocolatechip_coo
     // UID 1.
     if ($user->uid > 1) {
       watchdog('bakery', 'Logging out the user with the bad cookie.');
-      bakery_user_logout();
+      _bakery_user_logout();
     }
   }
 
@@ -534,7 +587,8 @@ function bakery_bake_oatmeal_cookie() {
     $cookie = array();
     $cookie['name'] = 'login';
     $cookie['mail'] = 'no_mail';
-    $destination = drupal_get_destination();
+    $destination_array = drupal_get_destination();
+    $destination = 'destination='. $destination_array['destination'];
     $destination = substr($destination, strpos($destination, '=') + 1);
     $destination = ($destination == 'bakery') ? '' : urldecode($destination);
     $cookie['destination'] = $base_url .'/'. $destination;
@@ -543,9 +597,10 @@ function bakery_bake_oatmeal_cookie() {
     $cookie['signature'] = hash_hmac('sha256', $cookie['name'] . '/' . $cookie['mail'] . '/' . $cookie['timestamp'], $key);
     setcookie('OATMEAL', bakery_mix(serialize($cookie), 1), $_SERVER['REQUEST_TIME'] + variable_get('bakery_freshness', '3600'), '/', variable_get('bakery_domain', ''));
   }
+  watchdog('bakery', 'finished if loop');
 
-  unset($_REQUEST['destination']);
-  drupal_goto(trim(variable_get('bakery_master', 'http://drupal.org/'), '/') .'/user/login');
+  unset($_GET['destination']);
+  drupal_goto(trim(variable_get('bakery_master', 'http://drupal.org/'), '/') .'/user/login', array('external' => TRUE));
 }
 
 /**
@@ -559,7 +614,10 @@ function bakery_eat_stroopwafel_cookie()
   $init = variable_get('bakery_master', 'http://drupal.org/') .'user/'. $stroopwafel['uid'] .'/edit';
 
   // check if the user exists.
-  $account = user_load(array('init' => $init));
+  $account = user_load_multiple(array(), array('init' => $init));
+  if (is_array($account)) {
+    $account = reset($account);
+  }
   if (!$account) {
     // user not present
     $message = t('Account not found on %slave.', array('%slave' => variable_get('site_name', '')));
@@ -679,7 +737,9 @@ function bakery_user_authenticate_finali
   // Update the user table timestamp noting user has logged in.
   // This is also used to invalidate one-time login links.
   $user->login = time();
-  db_query("UPDATE {users} SET login = %d WHERE uid = %d", $user->login, $user->uid);
+  db_update('users')->fields(array('login' => $user->login))
+    ->condition('uid', $user->uid, '=')
+    ->execute();
 
   // Regenerate the session ID to prevent against session fixation attacks.
   # sess_regenerate();
@@ -690,7 +750,7 @@ function bakery_user_authenticate_finali
  * Custom logout function modified from user_logout.
  *
  */
-function bakery_user_logout() {
+function _bakery_user_logout() {
   global $user;
 
   watchdog('user', 'Session closed for %name.', array('%name' => $user->name));
@@ -729,13 +789,25 @@ function bakery_uncrumble_access() {
 /**
  * Form to let users repair minor problems themselves.
  */
-function bakery_uncrumble(&$form_state) {
+function bakery_uncrumble($form, &$form_state) {
   $site_name = variable_get('site_name', 'Drupal');
   $cookie = _bakery_validate_cookie();
 
   // Analyze.
-  $samemail = db_fetch_object(db_query("SELECT uid, name, mail FROM {users} WHERE uid != 0 AND mail != '' AND LOWER(mail) = LOWER('%s')", $cookie['mail']));
-  $samename = db_fetch_object(db_query("SELECT uid, name, mail FROM {users} WHERE uid != 0 AND LOWER(name) = LOWER('%s')", $cookie['name']));
+  $query = db_select('users', 'u')
+    ->fields('u', array('uid', 'name', 'mail'))
+    ->condition('u.uid', 0, '!=')
+    ->condition('u.mail', '', '!=')
+    ->where("LOWER(u.mail) = LOWER(:mail)", array(':mail' => $cookie['mail']));
+  $result = $query->execute();
+  $samemail = $result->fetchObject();
+    
+  $query = db_select('users', 'u')
+    ->fields('u', array('uid', 'name', 'mail'))
+    ->condition('u.uid', 0, '!=')
+    ->where("LOWER(u.name) = LOWER(:name)", array(':name' => $cookie['name']));
+  $result = $query->execute();
+  $samename = $result->fetchObject();
 
 
   $form['name'] = array(
@@ -764,7 +836,9 @@ function bakery_uncrumble(&$form_state) 
 
   $help = '';
 
-  if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE init = '%s'", $cookie['init'])) > 1) {
+  $count = db_select('users', 'u')->fields('u', array('uid'))->condition('init', $cookie, '=')
+    ->countQuery()->execute()->fetchField();
+  if ($count > 1) {
     drupal_set_message(t('Multiple accounts are associated with your master account. This must be fixed manually. <a href="@contact">Please contact the site administrator.</a>', array('%email' => $cookie['mail'], '@contact' => variable_get('bakery_master', 'http://drupal.org/') .'contact')));
     $form['pass']['#disabled'] = TRUE;
     $form['submit']['#disabled'] = TRUE;
@@ -812,7 +886,9 @@ function bakery_uncrumble_submit($form, 
   $account = $form_state['bakery_uncrumble_account'];
   unset($form_state['bakery_uncrumble_account']);
   $cookie = _bakery_validate_cookie();
-  db_query("UPDATE {users} set init = '%s' WHERE uid = %d", $account->uid, $cookie['init']);
+  db_update('users')->fields(array('init' => $cookie['init']))
+    ->condition('uid', $account->uid, '=')
+    ->execute();
   watchdog('bakery', 'uncrumble changed init field for uid %uid from %oldinit to %newinit', array('%oldinit' => $account->init, '%newinit' => $cookie['init'], '%uid' => $account->uid));
   user_save($account, array('name' => $cookie['name'], 'mail' => $cookie['mail']));
   watchdog('bakery', 'uncrumble updated name %name_old to %name_new, mail %mail_old to %mail_new on uid %uid.', array('%name_old' => $account->name, '%name_new' => $cookie['name'], '%mail_old' => $account->mail, '%mail_new' => $cookie['mail'], '%uid' => $account->uid));
