From 44e47bfb16cd405e1187bc62579211554882e99f Mon Sep 17 00:00:00 2001
From: Angie Byron <webchick@24967.no-reply.drupal.org>
Date: Thu, 9 Dec 2010 08:01:56 +0000
Subject: [PATCH] #967330 by Dave Reid: Fixed The [current-user:?] token should
 provide the actual loaded user

---
 modules/node/node.test       |  4 ++--
 modules/user/user.test       | 10 +++++-----
 modules/user/user.tokens.inc |  7 ++++---
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/modules/node/node.test b/modules/node/node.test
index c0b6096c2d3..bffe03bb12a 100644
--- a/modules/node/node.test
+++ b/modules/node/node.test
@@ -2054,7 +2054,7 @@ class NodeTokenReplaceTestCase extends DrupalWebTestCase {
     $tests['[node:url]'] = url('node/' . $node->nid, $url_options);
     $tests['[node:edit-url]'] = url('node/' . $node->nid . '/edit', $url_options);
     $tests['[node:author:uid]'] = $node->uid;
-    $tests['[node:author:name]'] = check_plain($account->name);
+    $tests['[node:author:name]'] = check_plain(format_username($account));
     $tests['[node:created:since]'] = format_interval(REQUEST_TIME - $node->created, 2, $language->language);
     $tests['[node:changed:since]'] = format_interval(REQUEST_TIME - $node->changed, 2, $language->language);
 
@@ -2071,7 +2071,7 @@ class NodeTokenReplaceTestCase extends DrupalWebTestCase {
     $tests['[node:body]'] = $node->body[$node->language][0]['value'];
     $tests['[node:summary]'] = $node->body[$node->language][0]['summary'];
     $tests['[node:language]'] = $node->language;
-    $tests['[node:author:name]'] = $account->name;
+    $tests['[node:author:name]'] = format_username($account);
 
     foreach ($tests as $input => $expected) {
       $output = token_replace($input, array('node' => $node), array('language' => $language, 'sanitize' => FALSE));
diff --git a/modules/user/user.test b/modules/user/user.test
index 32b074ef64d..e66ab5e2c51 100644
--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -1854,12 +1854,12 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
     $this->drupalLogin($user2);
 
     $account = user_load($user1->uid);
-    global $user;
+    $global_account = user_load($GLOBALS['user']->uid);
 
     // Generate and test sanitized tokens.
     $tests = array();
     $tests['[user:uid]'] = $account->uid;
-    $tests['[user:name]'] = filter_xss($account->name);
+    $tests['[user:name]'] = check_plain(format_username($account));
     $tests['[user:mail]'] = check_plain($account->mail);
     $tests['[user:url]'] = url("user/$account->uid", $url_options);
     $tests['[user:edit-url]'] = url("user/$account->uid/edit", $url_options);
@@ -1867,7 +1867,7 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
     $tests['[user:last-login:short]'] = format_date($account->login, 'short', '', NULL, $language->language);
     $tests['[user:created]'] = format_date($account->created, 'medium', '', NULL, $language->language);
     $tests['[user:created:short]'] = format_date($account->created, 'short', '', NULL, $language->language);
-    $tests['[current-user:name]'] = check_plain($user->name);
+    $tests['[current-user:name]'] = check_plain(format_username($global_account));
 
     // Test to make sure that we generated something for each token.
     $this->assertFalse(in_array(0, array_map('strlen', $tests)), t('No empty tokens generated.'));
@@ -1878,9 +1878,9 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
     }
 
     // Generate and test unsanitized tokens.
-    $tests['[user:name]'] = $account->name;
+    $tests['[user:name]'] = format_username($account);
     $tests['[user:mail]'] = $account->mail;
-    $tests['[current-user:name]'] = $user->name;
+    $tests['[current-user:name]'] = format_username($global_account);
 
     foreach ($tests as $input => $expected) {
       $output = token_replace($input, array('user' => $account), array('language' => $language, 'sanitize' => FALSE));
diff --git a/modules/user/user.tokens.inc b/modules/user/user.tokens.inc
index 5c543984d74..6c6862c6641 100644
--- a/modules/user/user.tokens.inc
+++ b/modules/user/user.tokens.inc
@@ -87,7 +87,7 @@ function user_tokens($type, $tokens, array $data = array(), array $options = arr
 
         case 'name':
           $name = format_username($account);
-          $replacements[$original] = $sanitize ? filter_xss($name) : $name;
+          $replacements[$original] = $sanitize ? check_plain($name) : $name;
           break;
 
         case 'mail':
@@ -122,9 +122,10 @@ function user_tokens($type, $tokens, array $data = array(), array $options = arr
       $replacements += token_generate('date', $registered_tokens, array('date' => $account->created), $options);
     }
   }
+
   if ($type == 'current-user') {
-    global $user;
-    $replacements += token_generate('user', $tokens, array('user' => $user), $options);
+    $account = user_load($GLOBALS['user']->uid);
+    $replacements += token_generate('user', $tokens, array('user' => $account), $options);
   }
 
   return $replacements;