Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

I refactored quite a bit of the user.module: 

$ diffstat user.patch
database/database.mysql |    4
database/database.pgsql |    2
database/updates.inc    |   10 -
modules/block.module    |   20 +-
modules/locale.module   |    9
modules/profile.module  |  108 +++++++----
modules/system.module   |    8
modules/user.module     |  456 +++++++++++++++++++-----------------------------
8 files changed, 289 insertions(+), 328 deletions(-)

More functionality, less code.  Here is a list of the changes:

- Some user API changes:
   + When $type is 'form', you have to return an associative array of groups.  In turn, each group is an array with a 'title', 'data' and 'weight'.
   + A new $type has been added, namely 'categories'.  User settings can be organized in categories.  Categories can be sorted, as can the groups within a category.  (Ordering 'categories' is somewhat broken due to a bug in the menu system.)

- The 'my account > edit' page will use subtabs for each 'category'.  Read: you can break down the account settings into multiple subpages.

- Profile module improvements:
   + Added support for private fields to the profile module!
   + Improved workflow of profile administration pages.
   + Improved the form descriptions.

- Code improvements:
   + Unified user_edit() and user_admin_edit().
   + Unified and cleaned up the validation code.  Fixed some validation glitches too.
4.5.x
Dries Buytaert 2004-06-27 19:10:52 +00:00
parent 83851509f6
commit 1b1c47025a
13 changed files with 582 additions and 668 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
database/database.mysql
View File

@ -151,7 +151,7 @@ CREATE TABLE boxes (
info varchar(128) NOT NULL default '',
type tinyint(2) NOT NULL default '0',
PRIMARY KEY (bid),
UNIQUE KEY subject (title),
UNIQUE KEY title (title),
UNIQUE KEY info (info)
) TYPE=MyISAM;
@ -363,7 +363,7 @@ CREATE TABLE profile_fields (
type varchar(128) default NULL,
weight tinyint(1) DEFAULT '0' NOT NULL,
required tinyint(1) DEFAULT '0' NOT NULL,
overview tinyint(1) DEFAULT '0' NOT NULL,
visibility tinyint(1) DEFAULT '0' NOT NULL,
options text,
KEY category (category),
UNIQUE KEY name (name),

2
database/database.pgsql
View File

@ -379,7 +379,7 @@ CREATE TABLE profile_fields (
type varchar(128) default NULL,
weight smallint DEFAULT '0' NOT NULL,
required smallint DEFAULT '0' NOT NULL,
overview smallint DEFAULT '0' NOT NULL,
visibility smallint DEFAULT '0' NOT NULL,
options text,
UNIQUE (name),
PRIMARY KEY (fid)

10
database/updates.inc
View File

@ -60,7 +60,8 @@ $sql_updates = array(
"2004-05-10" => "update_86",
"2004-05-18" => "update_87",
"2004-06-11" => "update_88",
"2004-06-18" => "update_89"
"2004-06-18" => "update_89",
"2004-06-27" => "update_90"
);
function update_32() {
@ -1120,6 +1121,13 @@ function update_89() {
return $ret;
}
function update_90() {
$ret[] = update_sql("ALTER TABLE {profile_fields} CHANGE overview visibility INT(1) UNSIGNED DEFAULT '0' NOT NULL");
$ret[] = update_sql("UPDATE {profile_fields} SET visibility = 2 WHERE visibility = 1");
$ret[] = update_sql("UPDATE {profile_fields} SET visibility = 1 WHERE visibility = 0");
return $ret;
}
function update_sql($sql) {
$edit = $_POST["edit"];
$result = db_query($sql);

6
modules/block.module
View File

@ -357,9 +357,10 @@ function block_admin() {
* Allow users to decide which custom blocks to display when they visit
* the site.
*/
function block_user($type, $edit, &$user) {
function block_user($type, $edit, &$user, $category = NULL) {
switch ($type) {
case 'form':
if ($category == 'account') {
$result = db_query('SELECT * FROM {blocks} WHERE custom = %d ORDER BY module, delta', 1);
while ($block = db_fetch_object($result)) {
@ -370,7 +371,8 @@ function block_user($type, $edit, &$user) {
}
if (isset($form)) {
return array(t('Block configuration') => $form);
return array(array('title' => t('Block configuration'), 'data' => $form, 'weight' => 2));
}
}
break;

6
modules/block/block.module
View File

@ -357,9 +357,10 @@ function block_admin() {
* Allow users to decide which custom blocks to display when they visit
* the site.
*/
function block_user($type, $edit, &$user) {
function block_user($type, $edit, &$user, $category = NULL) {
switch ($type) {
case 'form':
if ($category == 'account') {
$result = db_query('SELECT * FROM {blocks} WHERE custom = %d ORDER BY module, delta', 1);
while ($block = db_fetch_object($result)) {
@ -370,7 +371,8 @@ function block_user($type, $edit, &$user) {
}
if (isset($form)) {
return array(t('Block configuration') => $form);
return array(array('title' => t('Block configuration'), 'data' => $form, 'weight' => 2));
}
}
break;

9
modules/locale.module
View File

@ -92,10 +92,13 @@ function locale_menu() {
/**
* Implementation of hook_user(). Allows each user to select an interface language.
*/
function locale_user($type, &$edit, &$user) {
function locale_user($type, &$edit, &$user, $category = NULL) {
global $languages;
if ($type == 'form' && count($languages) > 1) {
return array(t('Locale settings') => form_radios(t('Language'), 'language', $user->language, $languages, t('Selecting a different language will change the language of the site.')));
if ($type == 'form' && count($languages) > 1 && $category == 'account') {
return array(array(
'title' => t('Locale settings'),
'data' => form_radios(t('Language'), 'language', $user->language, $languages, t('Selecting a different language will change the language of the site.')),
'weight' => 2));
}
}

9
modules/locale/locale.module
View File

@ -92,10 +92,13 @@ function locale_menu() {
/**
* Implementation of hook_user(). Allows each user to select an interface language.
*/
function locale_user($type, &$edit, &$user) {
function locale_user($type, &$edit, &$user, $category = NULL) {
global $languages;
if ($type == 'form' && count($languages) > 1) {
return array(t('Locale settings') => form_radios(t('Language'), 'language', $user->language, $languages, t('Selecting a different language will change the language of the site.')));
if ($type == 'form' && count($languages) > 1 && $category == 'account') {
return array(array(
'title' => t('Locale settings'),
'data' => form_radios(t('Language'), 'language', $user->language, $languages, t('Selecting a different language will change the language of the site.')),
'weight' => 2));
}
}

102
modules/profile.module
View File

@ -3,6 +3,13 @@
// TODO: add a 'date' field so we can migrate the birthday information.
/**
* Flags to define the visibility of a profile field.
*/
define('PROFILE_PRIVATE', 1);
define('PROFILE_PUBLIC', 2);
define('PROFILE_PUBLIC_LISTINGS', 3);
/**
* Implementation of hook_help().
*/
@ -17,6 +24,8 @@ function profile_help($section) {
* Implementation of hook_menu().
*/
function profile_menu() {
global $user;
$items = array();
$items[] = array('path' => 'profile', 'title' => t('browse'),
'callback' => 'profile_browse',
@ -38,6 +47,7 @@ function profile_menu() {
'callback' => 'profile_admin_delete',
'access' => user_access('administer users'),
'type' => MENU_CALLBACK);
return $items;
}
@ -54,7 +64,7 @@ function profile_browse() {
if ($field->fid) {
// Compile a list of fields to show
$fields = array();
$result = db_query('SELECT name, title, type FROM {profile_fields} WHERE fid != %d AND overview = 1', $field->fid);
$result = db_query('SELECT name, title, type FROM {profile_fields} WHERE fid != %d AND visibility = %d', $field->fid, PROFILE_PUBLIC_LISTINGS);
while ($record = db_fetch_object($result)) {
$fields[] = $record;
}
@ -105,16 +115,14 @@ function profile_load_profile(&$user) {
}
}
function profile_save_profile(&$edit, &$user) {
db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid);
$result = db_query('SELECT fid, name FROM {profile_fields}');
function profile_save_profile(&$edit, &$user, $category) {
$result = db_query("SELECT fid, name FROM {profile_fields} WHERE LOWER(category) = '%s'", strtolower($category));
while ($field = db_fetch_object($result)) {
if ($edit[$field->name]) {
db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid);
db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]);
unset($edit[$field->name], $user->{$field->name});
}
}
}
function profile_view_field($user, $field) {
if ($value = $user->{$field->name}) {
@ -127,7 +135,8 @@ function profile_view_field($user, $field) {
case 'checkbox':
return l($field->title, "profile/$field->name");
case 'url':
return '<a href="'. check_url(strip_tags($value)) .'">'. strip_tags($value) .'</a>'; case 'list':
return '<a href="'. check_url(strip_tags($value)) .'">'. strip_tags($value) .'</a>';
case 'list':
$values = split("[\n\r]", $value);
$fields = array();
foreach ($values as $value) {
@ -144,7 +153,7 @@ function profile_view_profile($user) {
profile_load_profile($user);
$result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
$result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_PRIVATE);
while ($field = db_fetch_object($result)) {
if ($value = profile_view_field($user, $field)) {
if ($field->type == 'checkbox') {
@ -159,24 +168,42 @@ function profile_view_profile($user) {
return $fields;
}
function profile_edit_profile($edit, $user) {
function _profile_form_explanation($field) {
$output = $field->explanation;
$result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
if ($field->type == 'list') {
$output .= ' '. t('Put each item on a separate line. No HTML allowed.');
}
if ($field->required) {
$output .= ' '. t('This is a required field.');
}
if ($field->visibility == PROFILE_PRIVATE) {
$output .= ' '. t('The content of this field is kept private and will not be shown publicly.');
}
return $output;
}
function profile_form_profile($edit, $user, $category) {
$result = db_query("SELECT * FROM {profile_fields} WHERE LOWER(category) = '%s' ORDER BY weight", strtolower($category));
while ($field = db_fetch_object($result)) {
switch ($field->type) {
case 'textfield':
case 'url':
$fields[$field->category] .= form_textfield($field->title, $field->name, $edit[$field->name], 70, 255, $field->explanation, NULL, $field->required);
$output .= form_textfield($field->title, $field->name, $edit[$field->name], 70, 255, _profile_form_explanation($field), NULL, $field->required);
break;
case 'textarea':
$fields[$field->category] .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, $field->explanation, NULL, $field->required);
$output .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, _profile_form_explanation($field), NULL, $field->required);
break;
case 'list':
$fields[$field->category] .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, $field->explanation .' '. t('Put each item on a separate line. No HTML allowed.'), NULL, $field->required);
$output .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, _profile_form_explanation($field), NULL, $field->required);
break;
case 'checkbox':
$fields[$field->category] .= form_checkbox($field->title, $field->name, 1, $edit[$field->name], $field->explanation, NULL, $field->required);
$output .= form_checkbox($field->title, $field->name, 1, $edit[$field->name], _profile_form_explanation($field), NULL, $field->required);
break;
case 'selection':
$options = array('--');
@ -187,16 +214,18 @@ function profile_edit_profile($edit, $user) {
}
}
$fields[$field->category] .= form_select($field->title, $field->name, $edit[$field->name], $options, $field->explanation, 0, 0, $field->required);
$output .= form_select($field->title, $field->name, $edit[$field->name], $options, _profile_form_explanation($field), 0, 0, $field->required);
break;
}
}
return $fields;
if ($output) {
return array(array('title' => $category, 'data' => $output));
}
}
function profile_validate_profile($edit) {
$result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
function profile_validate_profile($edit, $category) {
$result = db_query("SELECT * FROM {profile_fields} WHERE LOWER(category) = '%s' ORDER BY weight", strtolower($category));
while ($field = db_fetch_object($result)) {
if ($edit[$field->name]) {
@ -204,7 +233,7 @@ function profile_validate_profile($edit) {
form_set_error($field->name, t('The value provided for "%field" is not a valid URL.', array('%field' => $field->title)));
}
}
else if ($field->required) {
else if ($field->required && !user_access('administer users')) {
form_set_error($field->name, t('The field "%field" is required.', array('%field' => $field->title)));
}
}
@ -212,22 +241,32 @@ function profile_validate_profile($edit) {
return $edit;
}
function profile_categories() {
$result = db_query("SELECT DISTINCT(category) FROM {profile_fields}");
while ($category = db_fetch_object($result)) {
$data[] = array('name' => htmlentities(strtolower($category->category)), 'title' => strtolower($category->category), 'weight' => 3);
}
return $data;
}
/**
* Implementation of hook_user().
*/
function profile_user($type, &$edit, &$user) {
function profile_user($type, &$edit, &$user, $category = NULL) {
switch ($type) {
case 'load':
return profile_load_profile($user);
case 'update':
case 'insert':
return profile_save_profile($edit, $user);
return profile_save_profile($edit, $user, $category);
case 'view':
return profile_view_profile($user);
case 'form':
return profile_edit_profile($edit, $user);
return profile_form_profile($edit, $user, $category);
case 'validate':
return profile_validate_profile($edit);
return profile_validate_profile($edit, $category);
case 'categories':
return profile_categories();
}
}
@ -277,7 +316,7 @@ function profile_admin_add($type) {
}
if (!form_has_errors()) {
db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, overview, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['overview'], $data['options'], $data['page']);
db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, visibility, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['visibility'], $data['options'], $data['page']);
drupal_set_message(t('the field has been created.'));
drupal_goto('admin/user/configure/profile');
@ -302,7 +341,7 @@ function profile_admin_edit($fid) {
profile_validate_form($data);
if (!form_has_errors()) {
db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, overview = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['overview'], $data['options'], $data['page'], $fid);
db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, visibility = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['visibility'], $data['options'], $data['page'], $fid);
drupal_set_message(t('the field has been updated.'));
drupal_goto('admin/user/configure/profile');
@ -335,19 +374,16 @@ Unless you know what you are doing, it is highly recommended that you prefix the
$group .= form_textarea(t('Selection options'), 'options', $edit['options'], 70, 8, t('A list of all options. Put each option on a separate line. Example options are "red", "blue", "green", etc.'));
}
$group .= form_weight(t('Weight'), 'weight', $edit['weight'], 5, t('The weights define the order in which the form fields are shown. Lighter fields "float up" towards the top of the category.'));
$group .= form_checkbox(t('Required field.'), 'required', 1, $edit['required']);
$output = form_group(t('Field settings'), $group);
$group = '';
$group .= form_radios(t('Visibility'), 'visibility', $edit['visibility'], array(PROFILE_PRIVATE => t('Private field, content only available to privileged users.'), PROFILE_PUBLIC => t('Public field, content shown on profile page but not used on member list pages.'), PROFILE_PUBLIC_LISTINGS => t('Public field, content shown on profile page and on member list pages.')));
if ($type == 'selection' || $type == 'list') {
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field. The word <code>%value</code> will be substituted with the corresponding value. An example page title is "People whose favorite color is %value".'));
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field. The word <code>%value</code> will be substituted with the corresponding value. An example page title is "People whose favorite color is %value". Only applicable if the field is configured to be shown on member list pages.'));
}
else {
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field.'));
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field. Only applicable if the field is configured to be shown on member listings.'));
}
$group .= form_checkbox(t('Should this field be shown on the member listing pages.'), 'overview', 1, $edit['overview']);
$group .= form_checkbox(t('Required field.'), 'required', 1, $edit['required']);
$output .= form_group(t('Browsability'), $group);
$output = form_group(t('Field settings'), $group);
$output .= form_submit(t('Save field'));
return form($output);

102
modules/profile/profile.module
View File

@ -3,6 +3,13 @@
// TODO: add a 'date' field so we can migrate the birthday information.
/**
* Flags to define the visibility of a profile field.
*/
define('PROFILE_PRIVATE', 1);
define('PROFILE_PUBLIC', 2);
define('PROFILE_PUBLIC_LISTINGS', 3);
/**
* Implementation of hook_help().
*/
@ -17,6 +24,8 @@ function profile_help($section) {
* Implementation of hook_menu().
*/
function profile_menu() {
global $user;
$items = array();
$items[] = array('path' => 'profile', 'title' => t('browse'),
'callback' => 'profile_browse',
@ -38,6 +47,7 @@ function profile_menu() {
'callback' => 'profile_admin_delete',
'access' => user_access('administer users'),
'type' => MENU_CALLBACK);
return $items;
}
@ -54,7 +64,7 @@ function profile_browse() {
if ($field->fid) {
// Compile a list of fields to show
$fields = array();
$result = db_query('SELECT name, title, type FROM {profile_fields} WHERE fid != %d AND overview = 1', $field->fid);
$result = db_query('SELECT name, title, type FROM {profile_fields} WHERE fid != %d AND visibility = %d', $field->fid, PROFILE_PUBLIC_LISTINGS);
while ($record = db_fetch_object($result)) {
$fields[] = $record;
}
@ -105,16 +115,14 @@ function profile_load_profile(&$user) {
}
}
function profile_save_profile(&$edit, &$user) {
db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid);
$result = db_query('SELECT fid, name FROM {profile_fields}');
function profile_save_profile(&$edit, &$user, $category) {
$result = db_query("SELECT fid, name FROM {profile_fields} WHERE LOWER(category) = '%s'", strtolower($category));
while ($field = db_fetch_object($result)) {
if ($edit[$field->name]) {
db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid);
db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]);
unset($edit[$field->name], $user->{$field->name});
}
}
}
function profile_view_field($user, $field) {
if ($value = $user->{$field->name}) {
@ -127,7 +135,8 @@ function profile_view_field($user, $field) {
case 'checkbox':
return l($field->title, "profile/$field->name");
case 'url':
return '<a href="'. check_url(strip_tags($value)) .'">'. strip_tags($value) .'</a>'; case 'list':
return '<a href="'. check_url(strip_tags($value)) .'">'. strip_tags($value) .'</a>';
case 'list':
$values = split("[\n\r]", $value);
$fields = array();
foreach ($values as $value) {
@ -144,7 +153,7 @@ function profile_view_profile($user) {
profile_load_profile($user);
$result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
$result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_PRIVATE);
while ($field = db_fetch_object($result)) {
if ($value = profile_view_field($user, $field)) {
if ($field->type == 'checkbox') {
@ -159,24 +168,42 @@ function profile_view_profile($user) {
return $fields;
}
function profile_edit_profile($edit, $user) {
function _profile_form_explanation($field) {
$output = $field->explanation;
$result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
if ($field->type == 'list') {
$output .= ' '. t('Put each item on a separate line. No HTML allowed.');
}
if ($field->required) {
$output .= ' '. t('This is a required field.');
}
if ($field->visibility == PROFILE_PRIVATE) {
$output .= ' '. t('The content of this field is kept private and will not be shown publicly.');
}
return $output;
}
function profile_form_profile($edit, $user, $category) {
$result = db_query("SELECT * FROM {profile_fields} WHERE LOWER(category) = '%s' ORDER BY weight", strtolower($category));
while ($field = db_fetch_object($result)) {
switch ($field->type) {
case 'textfield':
case 'url':
$fields[$field->category] .= form_textfield($field->title, $field->name, $edit[$field->name], 70, 255, $field->explanation, NULL, $field->required);
$output .= form_textfield($field->title, $field->name, $edit[$field->name], 70, 255, _profile_form_explanation($field), NULL, $field->required);
break;
case 'textarea':
$fields[$field->category] .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, $field->explanation, NULL, $field->required);
$output .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, _profile_form_explanation($field), NULL, $field->required);
break;
case 'list':
$fields[$field->category] .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, $field->explanation .' '. t('Put each item on a separate line. No HTML allowed.'), NULL, $field->required);
$output .= form_textarea($field->title, $field->name, $edit[$field->name], 60, 5, _profile_form_explanation($field), NULL, $field->required);
break;
case 'checkbox':
$fields[$field->category] .= form_checkbox($field->title, $field->name, 1, $edit[$field->name], $field->explanation, NULL, $field->required);
$output .= form_checkbox($field->title, $field->name, 1, $edit[$field->name], _profile_form_explanation($field), NULL, $field->required);
break;
case 'selection':
$options = array('--');
@ -187,16 +214,18 @@ function profile_edit_profile($edit, $user) {
}
}
$fields[$field->category] .= form_select($field->title, $field->name, $edit[$field->name], $options, $field->explanation, 0, 0, $field->required);
$output .= form_select($field->title, $field->name, $edit[$field->name], $options, _profile_form_explanation($field), 0, 0, $field->required);
break;
}
}
return $fields;
if ($output) {
return array(array('title' => $category, 'data' => $output));
}
}
function profile_validate_profile($edit) {
$result = db_query('SELECT * FROM {profile_fields} ORDER BY category, weight');
function profile_validate_profile($edit, $category) {
$result = db_query("SELECT * FROM {profile_fields} WHERE LOWER(category) = '%s' ORDER BY weight", strtolower($category));
while ($field = db_fetch_object($result)) {
if ($edit[$field->name]) {
@ -204,7 +233,7 @@ function profile_validate_profile($edit) {
form_set_error($field->name, t('The value provided for "%field" is not a valid URL.', array('%field' => $field->title)));
}
}
else if ($field->required) {
else if ($field->required && !user_access('administer users')) {
form_set_error($field->name, t('The field "%field" is required.', array('%field' => $field->title)));
}
}
@ -212,22 +241,32 @@ function profile_validate_profile($edit) {
return $edit;
}
function profile_categories() {
$result = db_query("SELECT DISTINCT(category) FROM {profile_fields}");
while ($category = db_fetch_object($result)) {
$data[] = array('name' => htmlentities(strtolower($category->category)), 'title' => strtolower($category->category), 'weight' => 3);
}
return $data;
}
/**
* Implementation of hook_user().
*/
function profile_user($type, &$edit, &$user) {
function profile_user($type, &$edit, &$user, $category = NULL) {
switch ($type) {
case 'load':
return profile_load_profile($user);
case 'update':
case 'insert':
return profile_save_profile($edit, $user);
return profile_save_profile($edit, $user, $category);
case 'view':
return profile_view_profile($user);
case 'form':
return profile_edit_profile($edit, $user);
return profile_form_profile($edit, $user, $category);
case 'validate':
return profile_validate_profile($edit);
return profile_validate_profile($edit, $category);
case 'categories':
return profile_categories();
}
}
@ -277,7 +316,7 @@ function profile_admin_add($type) {
}
if (!form_has_errors()) {
db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, overview, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['overview'], $data['options'], $data['page']);
db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, visibility, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['visibility'], $data['options'], $data['page']);
drupal_set_message(t('the field has been created.'));
drupal_goto('admin/user/configure/profile');
@ -302,7 +341,7 @@ function profile_admin_edit($fid) {
profile_validate_form($data);
if (!form_has_errors()) {
db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, overview = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['overview'], $data['options'], $data['page'], $fid);
db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, visibility = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['visibility'], $data['options'], $data['page'], $fid);
drupal_set_message(t('the field has been updated.'));
drupal_goto('admin/user/configure/profile');
@ -335,19 +374,16 @@ Unless you know what you are doing, it is highly recommended that you prefix the
$group .= form_textarea(t('Selection options'), 'options', $edit['options'], 70, 8, t('A list of all options. Put each option on a separate line. Example options are "red", "blue", "green", etc.'));
}
$group .= form_weight(t('Weight'), 'weight', $edit['weight'], 5, t('The weights define the order in which the form fields are shown. Lighter fields "float up" towards the top of the category.'));
$group .= form_checkbox(t('Required field.'), 'required', 1, $edit['required']);
$output = form_group(t('Field settings'), $group);
$group = '';
$group .= form_radios(t('Visibility'), 'visibility', $edit['visibility'], array(PROFILE_PRIVATE => t('Private field, content only available to privileged users.'), PROFILE_PUBLIC => t('Public field, content shown on profile page but not used on member list pages.'), PROFILE_PUBLIC_LISTINGS => t('Public field, content shown on profile page and on member list pages.')));
if ($type == 'selection' || $type == 'list') {
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field. The word <code>%value</code> will be substituted with the corresponding value. An example page title is "People whose favorite color is %value".'));
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field. The word <code>%value</code> will be substituted with the corresponding value. An example page title is "People whose favorite color is %value". Only applicable if the field is configured to be shown on member list pages.'));
}
else {
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field.'));
$group .= form_textfield(t('Page title'), 'page', $edit['page'], 70, 128, t('The title of the page showing all users with the specified field. Only applicable if the field is configured to be shown on member listings.'));
}
$group .= form_checkbox(t('Should this field be shown on the member listing pages.'), 'overview', 1, $edit['overview']);
$group .= form_checkbox(t('Required field.'), 'required', 1, $edit['required']);
$output .= form_group(t('Browsability'), $group);
$output = form_group(t('Field settings'), $group);
$output .= form_submit(t('Save field'));
return form($output);

8
modules/system.module
View File

@ -94,14 +94,14 @@ function system_menu() {
*
* Allows users to individually set their theme and time zone.
*/
function system_user($type, $edit, &$user) {
if ($type == 'form') {
function system_user($type, $edit, &$user, $category = NULL) {
if ($type == 'form' && $category == 'account') {
$options = '<option value="">'. t('Default theme') ."</option>\n";
if (count($themes = list_themes()) > 1) {
foreach ($themes as $key => $value) {
$options .= "<option value=\"$key\"". (($edit['theme'] == $key) ? ' selected="selected"' : '') .">$key - $value->description</option>\n";
}
$data[t('Theme settings')] = form_item(t('Theme'), "<select name=\"edit[theme]\">$options</select>", t('Selecting a different theme will change the look and feel of the site.'));
$data[] = array('title' => t('Theme settings'), 'data' => form_item(t('Theme'), "<select name=\"edit[theme]\">$options</select>", t('Selecting a different theme will change the look and feel of the site.')), 'weight' => 2);
}
if (!variable_get('sitewide_timezone', 0)) {
@ -111,7 +111,7 @@ function system_user($type, $edit, &$user) {
$zone = $offset * 3600;
$zones[$zone] = format_date($timestamp, 'custom', variable_get('date_format_long', 'l, F j, Y - H:i') . ' O', $zone);
}
$data[t('Locale settings')] = form_select(t('Time zone'), 'timezone', $edit['timezone'], $zones, t('Select what time you currently have and your time zone settings will be set appropriately.'));
$data[] = array('title' => t('Locale settings'), 'data' => form_select(t('Time zone'), 'timezone', $edit['timezone'], $zones, t('Select what time you currently have and your time zone settings will be set appropriately.')), 'weight' => 2);
}
return $data;
}

8
modules/system/system.module
View File

@ -94,14 +94,14 @@ function system_menu() {
*
* Allows users to individually set their theme and time zone.
*/
function system_user($type, $edit, &$user) {
if ($type == 'form') {
function system_user($type, $edit, &$user, $category = NULL) {
if ($type == 'form' && $category == 'account') {
$options = '<option value="">'. t('Default theme') ."</option>\n";
if (count($themes = list_themes()) > 1) {
foreach ($themes as $key => $value) {
$options .= "<option value=\"$key\"". (($edit['theme'] == $key) ? ' selected="selected"' : '') .">$key - $value->description</option>\n";
}
$data[t('Theme settings')] = form_item(t('Theme'), "<select name=\"edit[theme]\">$options</select>", t('Selecting a different theme will change the look and feel of the site.'));
$data[] = array('title' => t('Theme settings'), 'data' => form_item(t('Theme'), "<select name=\"edit[theme]\">$options</select>", t('Selecting a different theme will change the look and feel of the site.')), 'weight' => 2);
}
if (!variable_get('sitewide_timezone', 0)) {
@ -111,7 +111,7 @@ function system_user($type, $edit, &$user) {
$zone = $offset * 3600;
$zones[$zone] = format_date($timestamp, 'custom', variable_get('date_format_long', 'l, F j, Y - H:i') . ' O', $zone);
}
$data[t('Locale settings')] = form_select(t('Time zone'), 'timezone', $edit['timezone'], $zones, t('Select what time you currently have and your time zone settings will be set appropriately.'));
$data[] = array('title' => t('Locale settings'), 'data' => form_select(t('Time zone'), 'timezone', $edit['timezone'], $zones, t('Select what time you currently have and your time zone settings will be set appropriately.')), 'weight' => 2);
}
return $data;
}

420
modules/user.module
View File

@ -7,10 +7,10 @@
* We cannot use module_invoke() for this, becuse the arguments need to
* be passed by reference.
*/
function user_module_invoke($type, &$array, &$user) {
function user_module_invoke($type, &$array, &$user, $category = NULL) {
foreach (module_list() as $module) {
$function = $module .'_user';
if (function_exists($function)) $function($type, $array, $user);
if (function_exists($function)) $function($type, $array, $user, $category);
}
}
@ -62,11 +62,11 @@ function user_load($array = array()) {
return $user;
}
function user_save($account, $array = array()) {
function user_save($account, $array = array(), $category = 'account') {
// Dynamically compose a SQL query:
$user_fields = user_fields();
if ($account->uid) {
user_module_invoke('update', $array, $account);
user_module_invoke('update', $array, $account, $category);
$data = unserialize(db_result(db_query('SELECT data FROM {users} WHERE uid = %d', $account->uid)));
foreach ($array as $key => $value) {
@ -92,10 +92,10 @@ function user_save($account, $array = array()) {
db_query("UPDATE {users} SET $query changed = %d WHERE uid = %d", array_merge($v, array(time(), $account->uid)));
// reload user roles if provided
if (is_array($array['rid'])) {
if (is_array($array['roles'])) {
db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
foreach ($array['rid'] as $rid) {
foreach ($array['roles'] as $rid) {
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $account->uid, $rid);
}
}
@ -134,13 +134,13 @@ function user_save($account, $array = array()) {
// Reload user roles (delete just to be safe).
db_query('DELETE FROM {users_roles} WHERE uid = %d', $array['uid']);
foreach ($array['rid'] as $rid) {
foreach ($array['roles'] as $rid) {
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $array['uid'], $rid);
}
$user = user_load(array('name' => $array['name']));
module_invoke_all('user', 'insert', $array, $user);
module_invoke_all('user', 'insert', $array, $user, $category);
}
foreach ($array as $key => $value) {
@ -418,10 +418,22 @@ function user_search($keys) {
/**
* Implementation of hook_user().
*/
function user_user($type, &$edit, &$user) {
function user_user($type, &$edit, &$user, $category = NULL) {
if ($type == 'view') {
return array(t('History') => form_item(t('Member for'), format_interval(time() - $user->created)));
}
if ($type == 'form' && $category == 'account') {
return user_edit_form(arg(1), $edit);
}
if ($type == 'validate' && $category == 'account') {
return user_edit_validate(arg(1), $edit);
}
if ($type == 'categories') {
return array(array('name' => 'account', 'title' => t('account settings'), 'weight' => 1));
}
}
/**
@ -595,12 +607,19 @@ function user_menu() {
if (arg(0) == 'user' && is_numeric(arg(1))) {
$items[] = array('path' => 'user/'. arg(1), 'title' => t('user'),
'callback' => 'user_page', 'access' => TRUE);
// Add the edit menu:
if ($access) $function = 'user_admin_edit';
else $function = 'user_page';
$items[] = array('path' => 'user/'. arg(1) .'/edit', 'title' => t('edit'),
'callback' => $function, 'access' => $access || $user->uid == arg(1),
'callback' => 'user_edit', 'access' => $access || $user->uid == arg(1),
'type' => MENU_LOCAL_TASK);
if (arg(2) == 'edit') {
if (($categories = _user_categories()) && (count($categories) > 1)) {
foreach ($categories as $key => $category) {
$items[] = array('path' => 'user/'. arg(1) .'/edit/'. $category['name'], 'title' => $category['title'],
'callback' => $function, 'access' => $access || $user->uid == arg(1),
'type' => MENU_LOCAL_SUBTASK, 'weight' => $category['weight']);
}
}
}
}
if ($user->uid) {
@ -763,7 +782,7 @@ function user_login($edit = array(), $msg = '') {
if (module_hook($module, 'auth')) {
if (module_invoke($module, 'auth', $name, $pass, $server)) {
if (variable_get('user_register', 1) == 1 && !user_load(array('name' => "$name@$server"))) { // Register this new user.
$user = user_save('', array('name' => "$name@$server", 'pass' => user_password(), 'init' => "$name@$server", 'status' => 1, "authname_$module" => "$name@$server", 'rid' => array(_user_authenticated_id())));
$user = user_save('', array('name' => "$name@$server", 'pass' => user_password(), 'init' => "$name@$server", 'status' => 1, "authname_$module" => "$name@$server", 'roles' => array(_user_authenticated_id())));
watchdog('user', "new user: $name@$server ($module ID)", l(t('edit user'), "user/$user->uid/edit"));
break;
}
@ -919,34 +938,7 @@ function user_register($edit = array()) {
}
if ($edit) {
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (user_deny('user', $edit['name'])) {
form_set_error('name', t('The name "%s" has been denied access.', array('%s' => $edit['name'])));
}
else if (user_deny('mail', $edit['mail'])) {
form_set_error('mail', t('The e-mail address "%s" has been denied access.', array('%s' => $edit['mail'])));
}
else if (db_num_rows(db_query("SELECT name FROM {users} WHERE LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if (db_num_rows(db_query("SELECT mail FROM {users} WHERE LOWER(mail) = LOWER('%s') OR LOWER(init) = LOWER('%s')", $edit['mail'], $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
else {
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
$result = module_invoke($module, 'user', 'validate', $edit, $user);
if (is_array($result)) {
$data = array_merge($data, $result);
}
}
}
}
_user_profile($edit, NULL, 'validate', 'account');
if (!form_has_errors()) {
$from = variable_get('site_mail', ini_get('sendmail_from'));
@ -954,7 +946,7 @@ function user_register($edit = array()) {
// TODO: Is this necessary? Won't session_write() replicate this?
unset($edit['session']);
$account = user_save('', array_merge(array('name' => $edit['name'], 'pass' => $pass, 'init' => $edit['mail'], 'mail' => $edit['mail'], 'rid' => array(_user_authenticated_id()), 'status' => (variable_get('user_register', 1) == 1 ? 1 : 0)), $data));
$account = user_save('', array_merge(array('name' => $edit['name'], 'pass' => $pass, 'init' => $edit['mail'], 'mail' => $edit['mail'], 'roles' => array(_user_authenticated_id()), 'status' => (variable_get('user_register', 1) == 1 ? 1 : 0)), $data));
watchdog('user', 'new user: "'. $edit['name'] .'" &lt;'. $edit['mail'] .'&gt;', l(t('edit user'), "admin/user/edit/$account->uid"));
$variables = array('%username' => $edit['name'], '%site' => variable_get('site_name', 'drupal'), '%password' => $pass, '%uri' => $base_url, '%uri_brief' => substr($base_url, strlen('http://')), '%mailto' => $edit['mail'], '%date' => format_date(time()), '%login_uri' => url('user/login', NULL, NULL, TRUE), '%edit_uri' => url('user/edit', NULL, NULL, TRUE));
@ -1000,7 +992,6 @@ function user_register($edit = array()) {
}
$output .= form_textfield(t('Username'), 'name', $edit['name'], 30, 64, t('Your full name or your preferred username; only letters, numbers and spaces are allowed.'));
$output .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 64, t('A password and instructions will be sent to this e-mail address, so make sure it is accurate.'));
$output .= _user_profile($edit, $edit);
$output .= form_submit(t('Create new account'));
$items[] = l(t('Request new password'), 'user/password');
$items[] = l(t('Log in'), 'user/login');
@ -1010,31 +1001,61 @@ function user_register($edit = array()) {
return form($output);
}
function user_edit($edit = array()) {
global $user;
function user_edit_form($uid, $edit) {
// Account information:
$group = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'));
$group .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'));
$group .= form_item(t('Password'), '<input type="password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter your new password twice if you want to change your current password, or leave it blank if you are happy with your current password.'));
if ($user->uid) {
if (!(is_null($edit['name']) && is_null($edit['mail']))) {
if (user_access('administer users')) {
$group .= form_radios(t('Status'), 'status', $edit['status'], array(t('Blocked'), t('Active')));
$group .= form_checkboxes(t('Roles'), 'roles', array_keys($edit['roles']), user_roles(1), t('Select at least one role. The user receives the combined permissions of all of the selected roles.'));
}
$data[] = array('title' => t('Account information'), 'data' => $group, 'weight' => 0);
// Picture/avatar:
if (variable_get('user_pictures', 0)) {
$group = '';
if (file_exists($edit['picture'])) {
$group .= '<img src="'. file_create_url($edit['picture']) .'" alt="" title="" />';
}
$group .= form_file(t('Upload picture'), 'picture', 48, t('Your virtual face or picture. Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) .' '. variable_get('user_picture_guidelines', ''));
$data[] = array('title' => t('Picture'), 'data' => $group, 'weight' => 1);
}
return $data;
}
function user_edit_validate($uid, &$edit) {
// Validate the username:
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != $user->uid AND LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if ($edit['mail'] && db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != $user->uid AND LOWER(mail) = LOWER('%s')", $edit['mail'])) > 0) {
else if (user_deny('user', $edit['name'])) {
form_set_error('name', t('The name "%s" has been denied access.', array('%s' => $edit['name'])));
}
// Validate the e-mail address:
if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
form_set_name('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
else {
// If required, validate the picture.
else if (user_deny('mail', $edit['mail'])) {
form_set_error('mail', t('The e-mail address "%s" has been denied access.', array('%s' => $edit['mail'])));
}
// If required, validate the uploaded picture.
if ($file = file_check_upload('picture')) {
user_validate_picture($file, $edit, $user);
}
// If required, check that proposed passwords match. If so,
// add new password to $edit.
// If required, check that proposed passwords match. If so, add the new password to $edit.
if ($edit['pass1']) {
if ($edit['pass1'] == $edit['pass2']) {
$edit['pass'] = $edit['pass1'];
@ -1045,85 +1066,53 @@ function user_edit($edit = array()) {
}
unset($edit['pass1'], $edit['pass2']);
// Validate input fields to make sure users don't submit
// invalid form data.
if (!user_access('administer users')) {
if (array_intersect(array_keys($edit), array('rid', 'init', 'session'))) {
watchdog('warning', 'detected malicious attempt to alter a protected database field');
return $edit;
}
$edit['rid'] = array_keys($user->roles);
$edit['init'] = $user->init;
$edit['session'] = $user->session;
}
function user_edit($category = 'account') {
global $user;
// Have the modules that extend the user information validate
// their data.
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
$result = module_invoke($module, 'user', 'validate', $edit, $user);
}
if (is_array($result)) {
$data = array_merge($data, $result);
}
}
$account = $user->uid != arg(1) ? user_load(array('uid' => arg(1))) : $user;
$edit = $_POST['op'] ? $_POST['edit'] : object2array($account);
if ($_POST['op'] == t('Save account')) {
_user_validate($edit, $account, $category);
if (!form_has_errors()) {
// Save user information.
$user = user_save($user, array_merge($edit, $data));
drupal_set_message(t('your user information changes have been saved.'));
}
}
}
if (!$edit) {
$edit = object2array($user);
}
$group = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'));
$group .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'));
$group .= form_item(t('Password'), '<input type="password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter your new password twice if you want to change your current password, or leave it blank if you are happy with your current password.'));
$output = form_group(t('Account information'), $group);
if (variable_get('user_pictures', 0)) {
$group = '';
if (file_exists($user->picture)) {
$group .= '<img src="'. file_create_url($edit['picture']) .'" alt="" title="" />';
}
$group .= form_file(t('Upload picture'), 'picture', 48, t('Your virtual face or picture. Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) .' '. variable_get('user_picture_guidelines', ''));
$output .= form_group(t('Picture'), $group);
}
$output .= _user_profile($edit, $user);
$output .= form_submit(t('Save user information'));
$output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));
// The "enctype" attribute is required to upload files such as pictures.
// Validate input to ensure that non-privileged users can't alter protected data.
if (!user_access('administer users') && array_intersect(array_keys($edit), array('uid', 'roles', 'init', 'session'))) {
watchdog('warning', 'detected malicious attempt to alter a protected database field');
}
else {
$output = user_login();
user_save($account, $edit, $category);
drupal_set_message(t('the changes have been saved.'));
drupal_goto("user/$account->uid");
}
return $output;
}
function _user_profile($edit, $account, $mode = 'form') {
$groups = array();
foreach (module_list() as $module) {
if ($data = module_invoke($module, 'user', $mode, $edit, $account)) {
foreach ($data as $title => $form) {
$groups[$title] .= $form;
}
else if ($_POST['op'] == t('Delete account')) {
if ($account->status == 0) {
db_query('DELETE FROM {users} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {authmap} WHERE uid = %d', $account->uid);
drupal_set_message(t('the account has been deleted.'));
module_invoke_all('user', 'delete', $edit, $account);
print theme('page', user_admin_account());
drupal_goto('admin/user');
}
else {
drupal_set_message(t('failed to delete account: the account has to be blocked first.'), 'error');
}
}
$output = '';
foreach ($groups as $title => $form) {
$output .= form_group($title, $form);
$output = _user_forms($edit, $account, $category);
$output .= form_submit(t('Save account'));
if (user_access('administer users')) {
$output .= form_submit(t('Delete account'));
}
$output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));
return $output;
print theme('page', $output, $account->name);
}
function user_view($uid = 0) {
@ -1197,16 +1186,9 @@ function user_page() {
break;
case t('Log in'):
case 'login':
$output = user_login($edit);
$outpute= user_login($edit);
print theme('page', $output, t('Log in'));
break;
case t('Save user information'):
case 'edit':
$output = user_edit($edit);
$GLOBALS['theme'] = init_theme();
print theme('page', $output);
break;
case t('Logout'):
case 'logout':
print user_logout();
break;
@ -1283,24 +1265,13 @@ function user_configure_settings() {
function user_admin_create($edit = array()) {
if ($edit['name'] || $edit['mail']) {
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (db_num_rows(db_query("SELECT name FROM {users} WHERE LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if (db_num_rows(db_query("SELECT mail FROM {users} WHERE LOWER(mail) = LOWER('%s')", $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
if ($edit) {
_user_profile($edit, NULL, 'validate', 'account');
if (!form_has_errors()) {
watchdog('user', 'new user: "'. $edit['name'] .'" &lt;'. $edit['mail'] .'&gt;');
user_save('', array('name' => $edit['name'], 'pass' => $edit['pass'], 'init' => $edit['mail'], 'mail' => $edit['mail'], 'rid' => array(_user_authenticated_id()), 'status' => 1));
user_save('', array('name' => $edit['name'], 'pass' => $edit['pass'], 'init' => $edit['mail'], 'mail' => $edit['mail'], 'roles' => array(_user_authenticated_id()), 'status' => 1));
drupal_set_message(t('created a new user account. No e-mail has been sent.'));
@ -1310,7 +1281,6 @@ function user_admin_create($edit = array()) {
$output = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Provide the username of the new account.'));
$output .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Provide the e-mail address associated with the new account.'));
$output .= _user_profile($edit, $edit);
$output .= form_textfield(t('Password'), 'pass', $edit['pass'], 30, 55, t('Provide a password for the new account.'));
$output .= form_submit(t('Create account'));
@ -1498,116 +1468,6 @@ function user_admin_role($edit = array()) {
return $output;
}
function user_admin_edit() {
$op = $_POST['op'];
$edit = $_POST['edit'];
$id = arg(1);
if ($account = user_load(array('uid' => $id))) {
if ($op == t('Save account')) {
// TODO: This display/edit/validate should be moved to a new profile
// module implementing hook_user().
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (count($edit['rid']) < 1) {
form_set_error('rid', t('The user must have at least one role.'));
}
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $account->uid, $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if ($edit['mail'] && db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $account->uid, $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
// Validate fields added by other modules.
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
$result = module_invoke($module, 'user', 'validate', $edit, $account);
}
if (is_array($result)) {
$data = array_merge($data, $result);
}
}
// If required, validate the picture.
if ($file = file_check_upload('picture')) {
user_validate_picture($file, $edit, $account);
}
// If required, check that proposed passwords match. If so,
// add new password to $edit.
if ($edit['pass1']) {
if ($edit['pass1'] == $edit['pass2']) {
$edit['pass'] = $edit['pass1'];
}
else {
form_set_error('pass2', t('The specified passwords do not match.'));
}
}
unset($edit['pass1'], $edit['pass2']);
if (!form_has_errors()) {
$account = user_save($account, array_merge($edit, $data));
drupal_set_message(t('the user information changes have been saved.'));
}
}
else if ($op == t('Delete account')) {
if ($edit['status'] == 0) {
db_query('DELETE FROM {users} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {authmap} WHERE uid = %d', $account->uid);
drupal_set_message(t('the account has been deleted.'));
module_invoke_all('user', 'delete', $edit, $account);
print theme('page', user_admin_account());
return;
}
else {
drupal_set_message(t('failed to delete account: the account has to be blocked first.'), 'error');
}
}
if (!$edit) {
$edit = object2array($account);
}
// Display user form:
$group = form_item(t('User ID'), $account->uid);
$group .= form_textfield(t('Username'), 'name', $account->name, 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'));
$group .= form_textfield(t('E-mail address'), 'mail', $account->mail, 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'));
$group .= form_item(t('Password'), '<input type="password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter a new password twice if you want to change the current password for this user or leave it blank if you are happy with the current password.'));
$group .= form_radios(t('Status'), 'status', $account->status, array(t('Blocked'), t('Active')));
$group .= form_checkboxes(t('Roles'), 'rid', array_keys($account->roles), user_roles(1), t('Select at least one role. The user receives the combined permissions of all of the selected roles.'));
$output = form_group(t('Account information'), $group);
if (variable_get('user_pictures', 0)) {
$group = '';
if (file_exists($account->picture)) {
$group .= '<img src="'. file_create_url($account->picture) .'" alt="" title="" />';
}
$group .= form_file(t('Upload picture or picture'), 'picture', 48, t('Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))));
$output .= form_group(t('Picture'), $group);
}
$output .= _user_profile($edit, $account, 'form');
$output .= form_submit(t('Save account'));
$output .= form_submit(t('Delete account'));
$output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));
print theme('page', $output, $account->name);
}
else {
print theme('page', t('No such user'));
}
}
function user_admin_account() {
$header = array(
array('data' => t('ID'), 'field' => 'u.uid'),
@ -1780,4 +1640,56 @@ function user_help_page() {
print theme('page', user_help('admin/help#user'));
}
/**
* Retrieve a list of all user setting/information categories and sort them by weight.
*/
function _user_categories() {
$categories = array();
foreach (module_list() as $module) {
if ($data = module_invoke($module, 'user', 'categories')) {
foreach ($data as $category) {
$categories[$category['weight']] = $category;
}
}
}
return $categories;
}
function _user_sort($a, $b) {
return $a['weight'] < $b['weight'] ? -1 : ($a['weight'] > $b['weight'] ? 1 : ($a['title'] < $b['title'] ? -1 : 1));
}
/**
* Retrieve a list of all form elements for the specified category.
*/
function _user_forms(&$edit, $account, $category) {
$groups = array();
foreach (module_list() as $module) {
if ($data = module_invoke($module, 'user', 'form', $edit, $account, $category)) {
$groups = array_merge($data, $groups);
}
}
usort($groups, '_user_sort');
$output = '';
foreach ($groups as $group) {
$output .= form_group($group['title'], $group['data']);
}
return $output;
}
/**
* Validate the user data for the specified category.
*/
function _user_validate(&$edit, $account, $category) {
foreach (module_list() as $module) {
module_invoke($module, 'user', 'validate', $edit, $account, $category);
}
}
?>

420
modules/user/user.module
View File

@ -7,10 +7,10 @@
* We cannot use module_invoke() for this, becuse the arguments need to
* be passed by reference.
*/
function user_module_invoke($type, &$array, &$user) {
function user_module_invoke($type, &$array, &$user, $category = NULL) {
foreach (module_list() as $module) {
$function = $module .'_user';
if (function_exists($function)) $function($type, $array, $user);
if (function_exists($function)) $function($type, $array, $user, $category);
}
}
@ -62,11 +62,11 @@ function user_load($array = array()) {
return $user;
}
function user_save($account, $array = array()) {
function user_save($account, $array = array(), $category = 'account') {
// Dynamically compose a SQL query:
$user_fields = user_fields();
if ($account->uid) {
user_module_invoke('update', $array, $account);
user_module_invoke('update', $array, $account, $category);
$data = unserialize(db_result(db_query('SELECT data FROM {users} WHERE uid = %d', $account->uid)));
foreach ($array as $key => $value) {
@ -92,10 +92,10 @@ function user_save($account, $array = array()) {
db_query("UPDATE {users} SET $query changed = %d WHERE uid = %d", array_merge($v, array(time(), $account->uid)));
// reload user roles if provided
if (is_array($array['rid'])) {
if (is_array($array['roles'])) {
db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
foreach ($array['rid'] as $rid) {
foreach ($array['roles'] as $rid) {
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $account->uid, $rid);
}
}
@ -134,13 +134,13 @@ function user_save($account, $array = array()) {
// Reload user roles (delete just to be safe).
db_query('DELETE FROM {users_roles} WHERE uid = %d', $array['uid']);
foreach ($array['rid'] as $rid) {
foreach ($array['roles'] as $rid) {
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $array['uid'], $rid);
}
$user = user_load(array('name' => $array['name']));
module_invoke_all('user', 'insert', $array, $user);
module_invoke_all('user', 'insert', $array, $user, $category);
}
foreach ($array as $key => $value) {
@ -418,10 +418,22 @@ function user_search($keys) {
/**
* Implementation of hook_user().
*/
function user_user($type, &$edit, &$user) {
function user_user($type, &$edit, &$user, $category = NULL) {
if ($type == 'view') {
return array(t('History') => form_item(t('Member for'), format_interval(time() - $user->created)));
}
if ($type == 'form' && $category == 'account') {
return user_edit_form(arg(1), $edit);
}
if ($type == 'validate' && $category == 'account') {
return user_edit_validate(arg(1), $edit);
}
if ($type == 'categories') {
return array(array('name' => 'account', 'title' => t('account settings'), 'weight' => 1));
}
}
/**
@ -595,12 +607,19 @@ function user_menu() {
if (arg(0) == 'user' && is_numeric(arg(1))) {
$items[] = array('path' => 'user/'. arg(1), 'title' => t('user'),
'callback' => 'user_page', 'access' => TRUE);
// Add the edit menu:
if ($access) $function = 'user_admin_edit';
else $function = 'user_page';
$items[] = array('path' => 'user/'. arg(1) .'/edit', 'title' => t('edit'),
'callback' => $function, 'access' => $access || $user->uid == arg(1),
'callback' => 'user_edit', 'access' => $access || $user->uid == arg(1),
'type' => MENU_LOCAL_TASK);
if (arg(2) == 'edit') {
if (($categories = _user_categories()) && (count($categories) > 1)) {
foreach ($categories as $key => $category) {
$items[] = array('path' => 'user/'. arg(1) .'/edit/'. $category['name'], 'title' => $category['title'],
'callback' => $function, 'access' => $access || $user->uid == arg(1),
'type' => MENU_LOCAL_SUBTASK, 'weight' => $category['weight']);
}
}
}
}
if ($user->uid) {
@ -763,7 +782,7 @@ function user_login($edit = array(), $msg = '') {
if (module_hook($module, 'auth')) {
if (module_invoke($module, 'auth', $name, $pass, $server)) {
if (variable_get('user_register', 1) == 1 && !user_load(array('name' => "$name@$server"))) { // Register this new user.
$user = user_save('', array('name' => "$name@$server", 'pass' => user_password(), 'init' => "$name@$server", 'status' => 1, "authname_$module" => "$name@$server", 'rid' => array(_user_authenticated_id())));
$user = user_save('', array('name' => "$name@$server", 'pass' => user_password(), 'init' => "$name@$server", 'status' => 1, "authname_$module" => "$name@$server", 'roles' => array(_user_authenticated_id())));
watchdog('user', "new user: $name@$server ($module ID)", l(t('edit user'), "user/$user->uid/edit"));
break;
}
@ -919,34 +938,7 @@ function user_register($edit = array()) {
}
if ($edit) {
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (user_deny('user', $edit['name'])) {
form_set_error('name', t('The name "%s" has been denied access.', array('%s' => $edit['name'])));
}
else if (user_deny('mail', $edit['mail'])) {
form_set_error('mail', t('The e-mail address "%s" has been denied access.', array('%s' => $edit['mail'])));
}
else if (db_num_rows(db_query("SELECT name FROM {users} WHERE LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if (db_num_rows(db_query("SELECT mail FROM {users} WHERE LOWER(mail) = LOWER('%s') OR LOWER(init) = LOWER('%s')", $edit['mail'], $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
else {
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
$result = module_invoke($module, 'user', 'validate', $edit, $user);
if (is_array($result)) {
$data = array_merge($data, $result);
}
}
}
}
_user_profile($edit, NULL, 'validate', 'account');
if (!form_has_errors()) {
$from = variable_get('site_mail', ini_get('sendmail_from'));
@ -954,7 +946,7 @@ function user_register($edit = array()) {
// TODO: Is this necessary? Won't session_write() replicate this?
unset($edit['session']);
$account = user_save('', array_merge(array('name' => $edit['name'], 'pass' => $pass, 'init' => $edit['mail'], 'mail' => $edit['mail'], 'rid' => array(_user_authenticated_id()), 'status' => (variable_get('user_register', 1) == 1 ? 1 : 0)), $data));
$account = user_save('', array_merge(array('name' => $edit['name'], 'pass' => $pass, 'init' => $edit['mail'], 'mail' => $edit['mail'], 'roles' => array(_user_authenticated_id()), 'status' => (variable_get('user_register', 1) == 1 ? 1 : 0)), $data));
watchdog('user', 'new user: "'. $edit['name'] .'" &lt;'. $edit['mail'] .'&gt;', l(t('edit user'), "admin/user/edit/$account->uid"));
$variables = array('%username' => $edit['name'], '%site' => variable_get('site_name', 'drupal'), '%password' => $pass, '%uri' => $base_url, '%uri_brief' => substr($base_url, strlen('http://')), '%mailto' => $edit['mail'], '%date' => format_date(time()), '%login_uri' => url('user/login', NULL, NULL, TRUE), '%edit_uri' => url('user/edit', NULL, NULL, TRUE));
@ -1000,7 +992,6 @@ function user_register($edit = array()) {
}
$output .= form_textfield(t('Username'), 'name', $edit['name'], 30, 64, t('Your full name or your preferred username; only letters, numbers and spaces are allowed.'));
$output .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 64, t('A password and instructions will be sent to this e-mail address, so make sure it is accurate.'));
$output .= _user_profile($edit, $edit);
$output .= form_submit(t('Create new account'));
$items[] = l(t('Request new password'), 'user/password');
$items[] = l(t('Log in'), 'user/login');
@ -1010,31 +1001,61 @@ function user_register($edit = array()) {
return form($output);
}
function user_edit($edit = array()) {
global $user;
function user_edit_form($uid, $edit) {
// Account information:
$group = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'));
$group .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'));
$group .= form_item(t('Password'), '<input type="password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter your new password twice if you want to change your current password, or leave it blank if you are happy with your current password.'));
if ($user->uid) {
if (!(is_null($edit['name']) && is_null($edit['mail']))) {
if (user_access('administer users')) {
$group .= form_radios(t('Status'), 'status', $edit['status'], array(t('Blocked'), t('Active')));
$group .= form_checkboxes(t('Roles'), 'roles', array_keys($edit['roles']), user_roles(1), t('Select at least one role. The user receives the combined permissions of all of the selected roles.'));
}
$data[] = array('title' => t('Account information'), 'data' => $group, 'weight' => 0);
// Picture/avatar:
if (variable_get('user_pictures', 0)) {
$group = '';
if (file_exists($edit['picture'])) {
$group .= '<img src="'. file_create_url($edit['picture']) .'" alt="" title="" />';
}
$group .= form_file(t('Upload picture'), 'picture', 48, t('Your virtual face or picture. Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) .' '. variable_get('user_picture_guidelines', ''));
$data[] = array('title' => t('Picture'), 'data' => $group, 'weight' => 1);
}
return $data;
}
function user_edit_validate($uid, &$edit) {
// Validate the username:
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != $user->uid AND LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if ($edit['mail'] && db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != $user->uid AND LOWER(mail) = LOWER('%s')", $edit['mail'])) > 0) {
else if (user_deny('user', $edit['name'])) {
form_set_error('name', t('The name "%s" has been denied access.', array('%s' => $edit['name'])));
}
// Validate the e-mail address:
if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
form_set_name('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
else {
// If required, validate the picture.
else if (user_deny('mail', $edit['mail'])) {
form_set_error('mail', t('The e-mail address "%s" has been denied access.', array('%s' => $edit['mail'])));
}
// If required, validate the uploaded picture.
if ($file = file_check_upload('picture')) {
user_validate_picture($file, $edit, $user);
}
// If required, check that proposed passwords match. If so,
// add new password to $edit.
// If required, check that proposed passwords match. If so, add the new password to $edit.
if ($edit['pass1']) {
if ($edit['pass1'] == $edit['pass2']) {
$edit['pass'] = $edit['pass1'];
@ -1045,85 +1066,53 @@ function user_edit($edit = array()) {
}
unset($edit['pass1'], $edit['pass2']);
// Validate input fields to make sure users don't submit
// invalid form data.
if (!user_access('administer users')) {
if (array_intersect(array_keys($edit), array('rid', 'init', 'session'))) {
watchdog('warning', 'detected malicious attempt to alter a protected database field');
return $edit;
}
$edit['rid'] = array_keys($user->roles);
$edit['init'] = $user->init;
$edit['session'] = $user->session;
}
function user_edit($category = 'account') {
global $user;
// Have the modules that extend the user information validate
// their data.
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
$result = module_invoke($module, 'user', 'validate', $edit, $user);
}
if (is_array($result)) {
$data = array_merge($data, $result);
}
}
$account = $user->uid != arg(1) ? user_load(array('uid' => arg(1))) : $user;
$edit = $_POST['op'] ? $_POST['edit'] : object2array($account);
if ($_POST['op'] == t('Save account')) {
_user_validate($edit, $account, $category);
if (!form_has_errors()) {
// Save user information.
$user = user_save($user, array_merge($edit, $data));
drupal_set_message(t('your user information changes have been saved.'));
}
}
}
if (!$edit) {
$edit = object2array($user);
}
$group = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'));
$group .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'));
$group .= form_item(t('Password'), '<input type="password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter your new password twice if you want to change your current password, or leave it blank if you are happy with your current password.'));
$output = form_group(t('Account information'), $group);
if (variable_get('user_pictures', 0)) {
$group = '';
if (file_exists($user->picture)) {
$group .= '<img src="'. file_create_url($edit['picture']) .'" alt="" title="" />';
}
$group .= form_file(t('Upload picture'), 'picture', 48, t('Your virtual face or picture. Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) .' '. variable_get('user_picture_guidelines', ''));
$output .= form_group(t('Picture'), $group);
}
$output .= _user_profile($edit, $user);
$output .= form_submit(t('Save user information'));
$output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));
// The "enctype" attribute is required to upload files such as pictures.
// Validate input to ensure that non-privileged users can't alter protected data.
if (!user_access('administer users') && array_intersect(array_keys($edit), array('uid', 'roles', 'init', 'session'))) {
watchdog('warning', 'detected malicious attempt to alter a protected database field');
}
else {
$output = user_login();
user_save($account, $edit, $category);
drupal_set_message(t('the changes have been saved.'));
drupal_goto("user/$account->uid");
}
return $output;
}
function _user_profile($edit, $account, $mode = 'form') {
$groups = array();
foreach (module_list() as $module) {
if ($data = module_invoke($module, 'user', $mode, $edit, $account)) {
foreach ($data as $title => $form) {
$groups[$title] .= $form;
}
else if ($_POST['op'] == t('Delete account')) {
if ($account->status == 0) {
db_query('DELETE FROM {users} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {authmap} WHERE uid = %d', $account->uid);
drupal_set_message(t('the account has been deleted.'));
module_invoke_all('user', 'delete', $edit, $account);
print theme('page', user_admin_account());
drupal_goto('admin/user');
}
else {
drupal_set_message(t('failed to delete account: the account has to be blocked first.'), 'error');
}
}
$output = '';
foreach ($groups as $title => $form) {
$output .= form_group($title, $form);
$output = _user_forms($edit, $account, $category);
$output .= form_submit(t('Save account'));
if (user_access('administer users')) {
$output .= form_submit(t('Delete account'));
}
$output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));
return $output;
print theme('page', $output, $account->name);
}
function user_view($uid = 0) {
@ -1197,16 +1186,9 @@ function user_page() {
break;
case t('Log in'):
case 'login':
$output = user_login($edit);
$outpute= user_login($edit);
print theme('page', $output, t('Log in'));
break;
case t('Save user information'):
case 'edit':
$output = user_edit($edit);
$GLOBALS['theme'] = init_theme();
print theme('page', $output);
break;
case t('Logout'):
case 'logout':
print user_logout();
break;
@ -1283,24 +1265,13 @@ function user_configure_settings() {
function user_admin_create($edit = array()) {
if ($edit['name'] || $edit['mail']) {
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (db_num_rows(db_query("SELECT name FROM {users} WHERE LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if (db_num_rows(db_query("SELECT mail FROM {users} WHERE LOWER(mail) = LOWER('%s')", $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
if ($edit) {
_user_profile($edit, NULL, 'validate', 'account');
if (!form_has_errors()) {
watchdog('user', 'new user: "'. $edit['name'] .'" &lt;'. $edit['mail'] .'&gt;');
user_save('', array('name' => $edit['name'], 'pass' => $edit['pass'], 'init' => $edit['mail'], 'mail' => $edit['mail'], 'rid' => array(_user_authenticated_id()), 'status' => 1));
user_save('', array('name' => $edit['name'], 'pass' => $edit['pass'], 'init' => $edit['mail'], 'mail' => $edit['mail'], 'roles' => array(_user_authenticated_id()), 'status' => 1));
drupal_set_message(t('created a new user account. No e-mail has been sent.'));
@ -1310,7 +1281,6 @@ function user_admin_create($edit = array()) {
$output = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Provide the username of the new account.'));
$output .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Provide the e-mail address associated with the new account.'));
$output .= _user_profile($edit, $edit);
$output .= form_textfield(t('Password'), 'pass', $edit['pass'], 30, 55, t('Provide a password for the new account.'));
$output .= form_submit(t('Create account'));
@ -1498,116 +1468,6 @@ function user_admin_role($edit = array()) {
return $output;
}
function user_admin_edit() {
$op = $_POST['op'];
$edit = $_POST['edit'];
$id = arg(1);
if ($account = user_load(array('uid' => $id))) {
if ($op == t('Save account')) {
// TODO: This display/edit/validate should be moved to a new profile
// module implementing hook_user().
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
else if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
else if (count($edit['rid']) < 1) {
form_set_error('rid', t('The user must have at least one role.'));
}
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $account->uid, $edit['name'])) > 0) {
form_set_error('name', t('The name "%s" is already taken.', array('%s' => $edit['name'])));
}
else if ($edit['mail'] && db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $account->uid, $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address "%s" is already taken.', array('%s' => $edit['mail'])));
}
// Validate fields added by other modules.
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
$result = module_invoke($module, 'user', 'validate', $edit, $account);
}
if (is_array($result)) {
$data = array_merge($data, $result);
}
}
// If required, validate the picture.
if ($file = file_check_upload('picture')) {
user_validate_picture($file, $edit, $account);
}
// If required, check that proposed passwords match. If so,
// add new password to $edit.
if ($edit['pass1']) {
if ($edit['pass1'] == $edit['pass2']) {
$edit['pass'] = $edit['pass1'];
}
else {
form_set_error('pass2', t('The specified passwords do not match.'));
}
}
unset($edit['pass1'], $edit['pass2']);
if (!form_has_errors()) {
$account = user_save($account, array_merge($edit, $data));
drupal_set_message(t('the user information changes have been saved.'));
}
}
else if ($op == t('Delete account')) {
if ($edit['status'] == 0) {
db_query('DELETE FROM {users} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
db_query('DELETE FROM {authmap} WHERE uid = %d', $account->uid);
drupal_set_message(t('the account has been deleted.'));
module_invoke_all('user', 'delete', $edit, $account);
print theme('page', user_admin_account());
return;
}
else {
drupal_set_message(t('failed to delete account: the account has to be blocked first.'), 'error');
}
}
if (!$edit) {
$edit = object2array($account);
}
// Display user form:
$group = form_item(t('User ID'), $account->uid);
$group .= form_textfield(t('Username'), 'name', $account->name, 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'));
$group .= form_textfield(t('E-mail address'), 'mail', $account->mail, 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'));
$group .= form_item(t('Password'), '<input type="password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter a new password twice if you want to change the current password for this user or leave it blank if you are happy with the current password.'));
$group .= form_radios(t('Status'), 'status', $account->status, array(t('Blocked'), t('Active')));
$group .= form_checkboxes(t('Roles'), 'rid', array_keys($account->roles), user_roles(1), t('Select at least one role. The user receives the combined permissions of all of the selected roles.'));
$output = form_group(t('Account information'), $group);
if (variable_get('user_pictures', 0)) {
$group = '';
if (file_exists($account->picture)) {
$group .= '<img src="'. file_create_url($account->picture) .'" alt="" title="" />';
}
$group .= form_file(t('Upload picture or picture'), 'picture', 48, t('Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))));
$output .= form_group(t('Picture'), $group);
}
$output .= _user_profile($edit, $account, 'form');
$output .= form_submit(t('Save account'));
$output .= form_submit(t('Delete account'));
$output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));
print theme('page', $output, $account->name);
}
else {
print theme('page', t('No such user'));
}
}
function user_admin_account() {
$header = array(
array('data' => t('ID'), 'field' => 'u.uid'),
@ -1780,4 +1640,56 @@ function user_help_page() {
print theme('page', user_help('admin/help#user'));
}
/**
* Retrieve a list of all user setting/information categories and sort them by weight.
*/
function _user_categories() {
$categories = array();
foreach (module_list() as $module) {
if ($data = module_invoke($module, 'user', 'categories')) {
foreach ($data as $category) {
$categories[$category['weight']] = $category;
}
}
}
return $categories;
}
function _user_sort($a, $b) {
return $a['weight'] < $b['weight'] ? -1 : ($a['weight'] > $b['weight'] ? 1 : ($a['title'] < $b['title'] ? -1 : 1));
}
/**
* Retrieve a list of all form elements for the specified category.
*/
function _user_forms(&$edit, $account, $category) {
$groups = array();
foreach (module_list() as $module) {
if ($data = module_invoke($module, 'user', 'form', $edit, $account, $category)) {
$groups = array_merge($data, $groups);
}
}
usort($groups, '_user_sort');
$output = '';
foreach ($groups as $group) {
$output .= form_group($group['title'], $group['data']);
}
return $output;
}
/**
* Validate the user data for the specified category.
*/
function _user_validate(&$edit, $account, $category) {
foreach (module_list() as $module) {
module_invoke($module, 'user', 'validate', $edit, $account, $category);
}
}
?>