Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- Made it so that usernames can contain spaces. Like that, people can 

use their full name as their username.
3-00
Dries Buytaert 2001-06-19 06:55:19 +00:00
parent 8367d662fc
commit 29e0e0fc66
4 changed files with 47 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
account.php
View File

@ -26,8 +26,8 @@ function account_create($error = "") {
global $theme;
if ($error) {
$output .= "<P><FONT COLOR=\"red\">". t("Failed to create account") .": ". check_output($error) .".</FONT></P>\n";
watchdog("account", "failed to create account: $error.");
$output .= "<P><FONT COLOR=\"red\">". t("Failed to create account") .": ". check_output($error) ."</FONT></P>\n";
watchdog("account", "failed to create account: $error");
}
else {
$output .= "<P>". t("Registering allows you to comment, to moderate comments and pending submissions, to customize the look and feel of the site and generally helps you interact with the site more efficiently.") ."</P><P>". t("To create an account, simply fill out this form an click the 'Create account' button below. An e-mail will then be sent to you with instructions on how to validate your account.") ."</P>\n";
@ -228,7 +228,7 @@ function account_email_submit($userid, $email) {
$result = db_query("SELECT id FROM users WHERE userid = '$userid' AND real_email = '$email'");
if ($account = db_fetch_object($result)) {
$passwd = account_password();
$passwd = user_password();
$hash = substr(md5("$userid. ". time() .""), 0, 12);
$status = 1;
@ -257,16 +257,16 @@ function account_email_submit($userid, $email) {
function account_create_submit($userid, $email) {
global $theme, $HTTP_HOST, $REQUEST_URI;
$new[userid] = trim($userid);
$new[real_email] = trim($email);
$new[userid] = $userid;
$new[real_email] = $email;
if ($error = account_validate($new)) {
if ($error = user_validate($new)) {
$theme->header();
$theme->box(t("Create user account"), account_create($error));
$theme->footer();
}
else {
$new[passwd] = account_password();
$new[passwd] = user_password();
$new[hash] = substr(md5("$new[userid]. ". time()), 0, 12);
$user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "status" => 1, "hash" => $new[hash]));

12
includes/common.inc
View File

@ -1,4 +1,4 @@
<?php
<?
$na = "<I>na</I>";
@ -66,14 +66,6 @@ function check_code($text) {
return $text;
}
function check_mail($mail) {
return eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail) ? 1 : 0;
}
function check_name($name) {
return ereg("[^a-zA-Z0-9_-]", $name) ? 0 : 1;
}
function check_preview($text) {
return check_output(check_input($text));
}
@ -144,7 +136,7 @@ function format_date($timestamp, $type = "medium", $format = "") {
function format_username($username) {
global $user;
if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=$username\">$username</A>" : "<A HREF=\"account.php?op=view&name=$username\">$username</A>");
if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>");
else return variable_get(anonymous, "Anonymous");
}

39
includes/user.inc
View File

@ -63,28 +63,41 @@ function user_ban($mask, $type) {
return db_fetch_object($result);
}
function account_password($min_length=6) {
function user_password($min_length=6) {
mt_srand((double)microtime() * 1000000);
$words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
while (strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
return $password;
}
function account_validate($user) {
// Verify username and e-mail address:
if (empty($user[real_email]) || (!check_mail($user[real_email]))) $error = t("the e-mail address '$user[real_email]' is not valid");
if (empty($user[userid]) || (!check_name($user[userid]))) $error = t("the username '$user[userid]' is not valid");
if (strlen($user[userid]) > 15) $error = t("the username '$user[userid]' is too long: it must be less than 15 characters");
function user_validate_name($name) {
if (!$name) return t("you must enter a username.");
if (eregi("^ ", $name)) return t("the username can not begin with a space.");
if (eregi(" \$", $name)) return t("the username can not end with a space.");
if (eregi(" ", $name)) return t("the username can not contain multiple spaces in a row.");
if (eregi("[^a-zA-Z0-9 ]", $name)) return t("the username contains an illegal character.");
if (strlen($name) > 15) return t("the username '$name' is too long: it must be less than 15 characters.");
}
function user_validate_mail($mail) {
if (!$mail) return t("your must enter an e-mail address.");
if (!eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail)) return t("the e-mail address '$email' is not valid.");
}
function user_validate($user) {
// Verify username:
if ($error = user_validate_name($user[userid])) return $error;
// Verify e-mail address:
if ($error = user_validate_mail($user[real_email])) return $error;
// Check to see whether the username or e-mail address are banned:
if ($ban = user_ban($user[userid], "username")) $error = t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>";
if ($ban = user_ban($user[real_email], "e-mail address")) $error = t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>";
if ($ban = user_ban($user[userid], "username")) return t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>.";
if ($ban = user_ban($user[real_email], "e-mail address")) return t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>.";
// Verify whether username and e-mail address are unique:
if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the username '$user[userid]' is already taken");
if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the e-mail address '$user[real_email]' is already in use by another account");
return $error;
if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) return t("the username '$user[userid]' is already taken.");
if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) return t("the e-mail address '$user[real_email]' is already in use by another account.");
}
?>

24
modules/account.module
View File

@ -41,7 +41,7 @@ function account_search($keys) {
global $user;
$result = db_query("SELECT * FROM users WHERE userid LIKE '%$keys%' LIMIT 20");
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->userid, "link" => (user_access($user, "account") ? "admin.php?mod=account&op=view&name=$account->userid" : "account.php?op=view&name=$account->userid"), "user" => $account->userid);
$find[$i++] = array("title" => $account->userid, "link" => (user_access($user, "account") ? "admin.php?mod=account&op=view&name=". urlencode($account->userid) : "account.php?op=view&name=". urlencode($account->userid)), "user" => $account->userid);
}
return $find;
}
@ -92,7 +92,7 @@ function account_overview($query = array()) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>username</TH><TH>last access</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
while ($account = db_fetch_object($result)) {
$output .= " <TR><TD>". format_username($account->userid) ."</TD><TD>". format_date($account->last_access) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account->userid\">view account</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=$account->userid\">edit account</A></TD></TR>\n";
$output .= " <TR><TD>". format_username($account->userid) ."</TD><TD>". format_date($account->last_access) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=". urlencode($account->userid) ."\">view account</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=". urlencode($account->userid) ."\">edit account</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
@ -150,12 +150,12 @@ function account_form($account = 0) {
if (module_hook($name, "admin")) $access[$name] = $name;
}
module_iterate("access");
$account->access = explode(",", $account->access);
foreach ($account->access as $key=>$value) {
$account->access[$key] = substr($value, 0, -2);
}
$form .= $account->id ? form_item("ID", $account->id) . form_hidden("id", $account->id) : "";
$form .= $account->userid ? form_item(t("Username"), check_output($account->userid)) . form_hidden("userid", $account->userid) : form_textfield(t("Username"), "userid", $account->userid, 15, 15);
$form .= form_select(t("Status"), "status", ($account->status ? $account->status : 1), array("blocked", "not confirmed", "open"));
@ -190,22 +190,22 @@ function account_save($edit) {
}
}
$query .= "access = '$access'";
db_query("UPDATE users SET $query WHERE id = $edit[id]");
watchdog("account", "account: modified user '$edit[userid]'");
return $edit[userid];
}
else {
// Adding new account
$edit[userid] = trim($edit[userid]);
$edit[real_email] = trim($edit[real_email]);
$edit[userid] = $edit[userid];
$edit[real_email] = $edit[real_email];
if ($error = account_validate($edit)) {
if ($error = user_validate($edit)) {
print status($error);
return 0;
}
else {
$edit[passwd] = account_password();
$edit[passwd] = user_password();
$edit[hash] = substr(md5("$edit[userid]. ". time()), 0, 12);
if ($edit[access]) {
@ -217,7 +217,7 @@ function account_save($edit) {
$user = user_save("", array("userid" => $edit[userid], "access" => $edit[access], "real_email" => $edit[real_email], "passwd" => $edit[passwd], "status" => $edit[status], "hash" => $edit[hash]));
$link = path_uri() ."account.php?op=confirm&name=$edit[userid]&hash=$edit[hash]";
$link = path_uri() ."account.php?op=confirm&name=". urlencode($edit[userid]) ."&hash=$edit[hash]";
$subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
$message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $edit[userid], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $edit[passwd]));
@ -331,13 +331,13 @@ function account_admin() {
break;
case "Save account":
$name = account_save($edit);
if ($name)
if ($name)
print account_view($name);
else {
foreach ($edit as $key=>$value) {
$account->$key = $value;
}
print account_form($account);
print account_form($account);
}
break;
case "View account":