From c5b1c39b80a592a4d05fd969566fe8766c1448ae Mon Sep 17 00:00:00 2001
From: "conan (aka Fernando L. Canizo)" <conan@lugmen.org.ar>
Date: Tue, 26 Apr 2011 11:47:11 -0300
Subject: [PATCH] Bug 3674: reimplementation
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

05eb43f5fc00889420e03845b5059d80bf1663ad reverted a previous
implementation of 3674.

3674 was encoding the password field when it was meant to be disabled
(password='!'), and then, in Auth.pm we were trying to compare an
encoded '!' with '!', which will never succeed.

This gets sure we encode only provided passwords and also includes an
auto generated login.

Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Ian Walls <ian.walls@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
---
 C4/Members.pm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/C4/Members.pm b/C4/Members.pm
index aab3caa6bc..9049534fb3 100644
--- a/C4/Members.pm
+++ b/C4/Members.pm
@@ -802,8 +802,10 @@ Returns as undef upon any db error without further processing
 sub AddMember {
     my (%data) = @_;
     my $dbh = C4::Context->dbh;
-    $data{'userid'} = '' unless $data{'password'};
-    $data{'password'} = md5_base64( $data{'password'} ) if $data{'password'};
+	# generate a proper login if none provided
+	$data{'userid'} = Generate_Userid($data{'borrowernumber'}, $data{'firstname'}, $data{'surname'}) if $data{'userid'} eq '';
+	# create a disabled account if no password provided
+	$data{'password'} = ($data{'password'})? md5_base64($data{'password'}) : '!';
 	$data{'borrowernumber'}=InsertInTable("borrowers",\%data);	
     # mysql_insertid is probably bad.  not necessarily accurate and mysql-specific at best.
     logaction("MEMBERS", "CREATE", $data{'borrowernumber'}, "") if C4::Context->preference("BorrowersLog");
-- 
2.39.2