1 files changed, 73 insertions, 13 deletions

diff --git a/src/SemanticScuttle/Service/User.php b/src/SemanticScuttle/Service/User.php
index 072ce85..09a2cb1 100644
--- a/src/SemanticScuttle/Service/User.php
+++ b/src/SemanticScuttle/Service/User.php
@@ -175,15 +175,30 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
         return $password;
     }
 
-    function _updateuser($uId, $fieldname, $value) {
+    /**
+     * Updates a single field in the user's database row
+     *
+     * @param integer $uId       ID of the user
+     * @param string  $fieldname Name of table column to change
+     * @param string  $value     New value
+     *
+     * @return boolean True if all was well, false if not
+     */
+    public function _updateuser($uId, $fieldname, $value)
+    {
         $updates = array ($fieldname => $value);
-        $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
+        $sql = 'UPDATE '. $this->getTableName()
+            . ' SET '. $this->db->sql_build_array('UPDATE', $updates)
+            . ' WHERE '. $this->getFieldName('primary') . '=' . intval($uId);
 
         // Execute the statement.
         $this->db->sql_transaction('begin');
-        if (!($dbresult = & $this->db->sql_query($sql))) {
+        if (!($dbresult = $this->db->sql_query($sql))) {
             $this->db->sql_transaction('rollback');
-            message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
+            message_die(
+                GENERAL_ERROR, 'Could not update user', '',
+                __LINE__, __FILE__, $sql, $this->db
+            );
             return false;
         }
         $this->db->sql_transaction('commit');
@@ -406,6 +421,15 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
                 return $this->currentuserId;
             }
         }
+
+        $ssls = SemanticScuttle_Service_Factory::get('User_SslClientCert');
+        if ($ssls->hasValidCert()) {
+            $id = $ssls->getUserIdFromCert();
+            if ($id !== false) {
+                $this->setCurrentUserId($id);
+                return (int)$_SESSION[$this->getSessionKey()];
+            }
+        }
         return false;
     }
 
@@ -660,23 +684,57 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
         return $uId;
     }
 
-    function updateUser($uId, $password, $name, $email, $homepage, $uContent) {
-        if (!is_numeric($uId))
-        return false;
+    /**
+     * Updates the given user
+     *
+     * @param integer $uId      ID of user to change
+     * @param string  $password Password to use
+     * @param string  $name     Realname to use
+     * @param string  $email    Email to use
+     * @param string  $homepage User's homepage
+     * @param string  $uContent User note
+     *
+     * @return boolean True when all is well, false if not
+     */
+    public function updateUser(
+        $uId, $password, $name, $email, $homepage, $uContent
+    ) {
+        if (!is_numeric($uId)) {
+            return false;
+        }
 
         // Set up the SQL UPDATE statement.
         $moddatetime = gmdate('Y-m-d H:i:s', time());
-        if ($password == '')
-        $updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
-        else
-        $updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
-        $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
+        if ($password == '') {
+            $updates = array(
+                'uModified' => $moddatetime,
+                'name'      => $name,
+                'email'     => $email,
+                'homepage'  => $homepage,
+                'uContent'  => $uContent
+            );
+        } else {
+            $updates = array(
+                'uModified' => $moddatetime,
+                'password'  => $this->sanitisePassword($password),
+                'name'      => $name,
+                'email'     => $email,
+                'homepage'  => $homepage,
+                'uContent'  => $uContent
+            );
+        }
+        $sql = 'UPDATE '. $this->getTableName()
+            . ' SET '. $this->db->sql_build_array('UPDATE', $updates)
+            . ' WHERE '. $this->getFieldName('primary') . '=' . intval($uId);
 
         // Execute the statement.
         $this->db->sql_transaction('begin');
         if (!($dbresult = & $this->db->sql_query($sql))) {
             $this->db->sql_transaction('rollback');
-            message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
+            message_die(
+                GENERAL_ERROR, 'Could not update user', '',
+                __LINE__, __FILE__, $sql, $this->db
+            );
             return false;
         }
         $this->db->sql_transaction('commit');
@@ -685,6 +743,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
         return true;
     }
 
+
+
     function getAllUsers ( ) {
         $query = 'SELECT * FROM '. $this->getTableName();