MDL-31072: Fixed bug causing memory overflow for many-user systems:

when function find_users was supposed to be used for user validation but no userids were passed to it, it retrieved all users in the system.
This caused memory overflow on systems with too many users (like moodle.org).
Now we make sure that find_users is not called for validation if there is nobody to validate.

Also improved query inside find_users to make it work faster

diff --git a/admin/roles/lib.php b/admin/roles/lib.php
index 68a3c8b..d2dbaba 100644 (file)
--- a/admin/roles/lib.php
+++ b/admin/roles/lib.php
@@ -1044,10 +1044,9 @@ class potential_assignees_below_course extends role_assign_user_selector_base {
         $sql   = " FROM {user} u
                   WHERE u.id IN ($enrolsql) $wherecondition
                         AND u.id NOT IN (
-                           SELECT u.id
-                             FROM {role_assignments} r, {user} u
+                           SELECT r.userid
+                             FROM {role_assignments} r
                             WHERE r.contextid = :contextid
-                                  AND u.id = r.userid
                                   AND r.roleid = :roleid)";
         $order = ' ORDER BY lastname ASC, firstname ASC';
 
@@ -1096,10 +1095,9 @@ class potential_assignees_course_and_above extends role_assign_user_selector_bas
         $sql = " FROM {user}
                 WHERE $wherecondition
                       AND id NOT IN (
-                         SELECT u.id
-                           FROM {role_assignments} r, {user} u
+                         SELECT r.userid
+                           FROM {role_assignments} r
                           WHERE r.contextid = :contextid
-                                AND u.id = r.userid
                                 AND r.roleid = :roleid)";
         $order = ' ORDER BY lastname ASC, firstname ASC';
 

diff --git a/user/selector/lib.php b/user/selector/lib.php
index 9dd55f6..b2aa1c4 100644 (file)
--- a/user/selector/lib.php
+++ b/user/selector/lib.php
@@ -369,13 +369,13 @@ abstract class user_selector_base {
         // See if we got anything.
         if ($this->multiselect) {
             $userids = optional_param_array($this->name, array(), PARAM_INTEGER);
-        } else {
-            $userid = optional_param($this->name, 0, PARAM_INTEGER);
-            if (empty($userid)) {
-                return array();
-            }
+        } else if ($userid = optional_param($this->name, 0, PARAM_INTEGER)) {
             $userids = array($userid);
         }
+        // If there are no users there is nobody to load
+        if (empty($userids)) {
+            return array();
+        }
 
         // If we did, use the find_users method to validate the ids.
         $this->validatinguserids = $userids;