Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

#118345 by sun: Make user.module conform to standard presave/insert/update/form_alter hook paradigm.

merge-requests/26/head
Angie Byron 2009-10-10 16:48:39 +00:00
parent 15b24127b5
commit d16bead147
15 changed files with 420 additions and 457 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
includes/form.inc
View File

@ -33,8 +33,8 @@
* form for modules automatically. For example:
*
* @code
* // Display the user registration form.
* $output = drupal_get_form('user_register');
* // Display the user registration form.
* $output = drupal_get_form('user_register_form');
* @endcode
*
* Forms can also be built and submitted programmatically without any user input
@ -389,7 +389,7 @@ function form_set_cache($form_build_id, $form, $form_state) {
* $form_state['values']['mail'] = 'robouser@example.com';
* $form_state['values']['pass'] = 'password';
* $form_state['values']['op'] = t('Create new account');
* drupal_form_submit('user_register', $form_state);
* drupal_form_submit('user_register_form', $form_state);
*
* // Create a new node
* $form_state = array();

37
modules/block/block.module
View File

@ -425,42 +425,33 @@ function block_form_user_profile_form_alter(&$form, &$form_state) {
$account = $form['#user'];
$rids = array_keys($account->roles);
$result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.rid IN (:rids) OR r.rid IS NULL) ORDER BY b.weight, b.module", array(':rids' => $rids));
$form['block'] = array(
'#type' => 'fieldset',
'#title' => t('Personalize blocks'),
'#description' => t('Blocks consist of content or information that complements the main content of the page. Enable or disable optional blocks using the checkboxes below.'),
'#weight' => 3,
'#collapsible' => TRUE,
'#tree' => TRUE
);
$blocks = array();
foreach ($result as $block) {
$data = module_invoke($block->module, 'block_info');
if ($data[$block->delta]['info']) {
$return = TRUE;
$form['block'][$block->module][$block->delta] = array(
$blocks[$block->module][$block->delta] = array(
'#type' => 'checkbox',
'#title' => check_plain($data[$block->delta]['info']),
'#default_value' => isset($account->block[$block->module][$block->delta]) ? $account->block[$block->module][$block->delta] : ($block->custom == 1),
);
}
}
if (!isset($return)) {
$form['block']['#access'] = FALSE;
// Only display the fieldset if there are any personalizable blocks.
if ($blocks) {
$form['block'] = array(
'#type' => 'fieldset',
'#title' => t('Personalize blocks'),
'#description' => t('Blocks consist of content or information that complements the main content of the page. Enable or disable optional blocks using the checkboxes below.'),
'#weight' => 3,
'#collapsible' => TRUE,
'#tree' => TRUE,
);
$form['block'] += $blocks;
}
}
}
/**
* Implement hook_user_validate().
*/
function block_user_validate(&$edit, $account, $category) {
if (empty($edit['block'])) {
$edit['block'] = array();
}
return $edit;
}
/**
* Implement hook_form_FORM_ID_alter().
*/

2
modules/locale/locale.module
View File

@ -338,7 +338,7 @@ function locale_form_alter(&$form, &$form_state, $form_id) {
if (variable_get('language_count', 1) > 1) {
// Display language selector when either creating a user on the admin
// interface or editing a user account.
if (($form_id == 'user_register' && user_access('administer users')) || ($form_id == 'user_profile_form' && $form['#user_category'] == 'account')) {
if (($form_id == 'user_register_form' && user_access('administer users')) || ($form_id == 'user_profile_form' && $form['#user_category'] == 'account')) {
locale_language_selector_form($form, $form_state, $form['#user']);
}
}

10
modules/openid/openid.module
View File

@ -129,7 +129,7 @@ function _openid_user_login_form_alter(&$form, &$form_state) {
*
* Adds OpenID login to the login forms.
*/
function openid_form_user_register_alter(&$form, &$form_state) {
function openid_form_user_register_form_alter(&$form, &$form_state) {
if (isset($_SESSION['openid']['values'])) {
// We were unable to auto-register a new user. Prefill the registration
// form with the values we have.
@ -437,9 +437,9 @@ function openid_authentication($response) {
$form_state['values']['pass'] = user_password();
$form_state['values']['status'] = variable_get('user_register', 1) == 1;
$form_state['values']['response'] = $response;
$form = drupal_retrieve_form('user_register', $form_state);
drupal_prepare_form('user_register', $form, $form_state);
drupal_validate_form('user_register', $form, $form_state);
$form = drupal_retrieve_form('user_register_form', $form_state);
drupal_prepare_form('user_register_form', $form, $form_state);
drupal_validate_form('user_register_form', $form, $form_state);
if (form_get_errors()) {
// We were unable to register a valid new user, redirect to standard
// user/register and prefill with the values we received.
@ -452,7 +452,7 @@ function openid_authentication($response) {
}
else {
unset($form_state['values']['response']);
$account = user_save('', $form_state['values']);
$account = user_save(drupal_anonymous_user(), $form_state['values']);
// Terminate if an error occurred during user_save().
if (!$account) {
drupal_set_message(t("Error saving user account."), 'error');

72
modules/profile/profile.module
View File

@ -210,17 +210,19 @@ function profile_block_view($delta = '') {
}
/**
* Implement hook_user_update().
* Implement hook_user_presave().
*/
function profile_user_update(&$edit, $account, $category) {
return profile_save_profile($edit, $account, $category);
function profile_user_presave(&$edit, $account, $category) {
if ($account->uid) {
profile_save_profile($edit, $account, $category);
}
}
/**
* Implement hook_user_insert().
*/
function profile_user_insert(&$edit, $account, $category) {
return profile_save_profile($edit, $account, $category, TRUE);
profile_save_profile($edit, $account, $category, TRUE);
}
/**
@ -368,25 +370,23 @@ function _profile_form_explanation($field) {
* Implement hook_form_alter().
*/
function profile_form_alter(&$form, &$form_state, $form_id) {
if ($form_id == 'user_register' || $form_id == 'user_profile_form') {
$register = ($form['#user']->uid > 0 ? FALSE : TRUE);
$form = array_merge($form, profile_form_profile($form['#user'], $form['#user_category'], $register));
if (!($form_id == 'user_register_form' || $form_id == 'user_profile_form')) {
return;
}
}
function profile_form_profile($account, $category, $register = FALSE) {
$result = _profile_get_fields($category, $register);
$form['#validate'][] = 'profile_user_form_validate';
$account = $form['#user'];
$result = _profile_get_fields($form['#user_category'], $form['#user_category'] == 'register');
$weight = 1;
$fields = array();
foreach ($result as $field) {
$category = $field->category;
if (!isset($fields[$category])) {
$fields[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $weight++);
if (!isset($form[$category])) {
$form[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $weight++);
}
switch ($field->type) {
case 'textfield':
case 'url':
$fields[$category][$field->name] = array('#type' => 'textfield',
$form[$category][$field->name] = array(
'#type' => 'textfield',
'#title' => check_plain($field->title),
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#maxlength' => 255,
@ -394,33 +394,40 @@ function profile_form_profile($account, $category, $register = FALSE) {
'#required' => $field->required,
);
if ($field->autocomplete) {
$fields[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/" . $field->fid;
$form[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/" . $field->fid;
}
break;
case 'textarea':
$fields[$category][$field->name] = array('#type' => 'textarea',
$form[$category][$field->name] = array(
'#type' => 'textarea',
'#title' => check_plain($field->title),
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
break;
case 'list':
$fields[$category][$field->name] = array('#type' => 'textarea',
$form[$category][$field->name] = array(
'#type' => 'textarea',
'#title' => check_plain($field->title),
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
break;
case 'checkbox':
$fields[$category][$field->name] = array('#type' => 'checkbox',
$form[$category][$field->name] = array(
'#type' => 'checkbox',
'#title' => check_plain($field->title),
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
break;
case 'selection':
$options = $field->required ? array() : array('--');
$lines = preg_split("/[\n\r]/", $field->options);
@ -429,7 +436,8 @@ function profile_form_profile($account, $category, $register = FALSE) {
$options[$line] = $line;
}
}
$fields[$category][$field->name] = array('#type' => 'select',
$form[$category][$field->name] = array(
'#type' => 'select',
'#title' => check_plain($field->title),
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#options' => $options,
@ -437,8 +445,10 @@ function profile_form_profile($account, $category, $register = FALSE) {
'#required' => $field->required,
);
break;
case 'date':
$fields[$category][$field->name] = array('#type' => 'date',
$form[$category][$field->name] = array(
'#type' => 'date',
'#title' => check_plain($field->title),
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
@ -447,7 +457,6 @@ function profile_form_profile($account, $category, $register = FALSE) {
break;
}
}
return $fields;
}
/**
@ -461,25 +470,24 @@ function _profile_update_user_fields($fields, $account) {
}
/**
* Implement hook_user_validate().
* Form validation handler for the user register/profile form.
*
* @see profile_form_alter()
*/
function profile_user_validate(&$edit, $account, $category) {
$result = _profile_get_fields($category);
function profile_user_form_validate($form, &$form_state) {
$result = _profile_get_fields($form['#user_category'], $form['#user_category'] == 'register');
foreach ($result as $field) {
if ($edit[$field->name]) {
if ($field->type == 'url') {
if (!valid_url($edit[$field->name], TRUE)) {
form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title)));
}
if (!empty($form_state['values'][$field->name])) {
if ($field->type == 'url' && !valid_url($form_state['values'][$field->name], TRUE)) {
form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title)));
}
}
elseif ($field->required && !user_access('administer users')) {
form_set_error($field->name, t('The field %field is required.', array('%field' => $field->title)));
}
}
return $edit;
}
/**
* Implement hook_user_categories().
*/

2
modules/simpletest/drupal_web_test_case.php
View File

@ -866,7 +866,7 @@ class DrupalWebTestCase extends DrupalTestCase {
$edit['pass'] = user_password();
$edit['status'] = 1;
$account = user_save('', $edit);
$account = user_save(drupal_anonymous_user(), $edit);
$this->assertTrue(!empty($account->uid), t('User created with name %name and pass %pass', array('%name' => $edit['name'], '%pass' => $edit['pass'])), t('User login'));
if (empty($account->uid)) {

2
modules/system/system.api.php
View File

@ -555,7 +555,7 @@ function hook_form_alter(&$form, &$form_state, $form_id) {
*/
function hook_form_FORM_ID_alter(&$form, &$form_state) {
// Modification for the form with the given form ID goes here. For example, if
// FORM_ID is "user_register" this code would run only on the user
// FORM_ID is "user_register_form" this code would run only on the user
// registration form.
// Add a checkbox to registration form about agreeing to terms of use.

2
modules/system/system.module
View File

@ -1492,7 +1492,7 @@ function system_form_user_profile_form_alter(&$form, &$form_state) {
/**
* Implement hook_form_FORM_ID_alter().
*/
function system_form_user_register_alter(&$form, &$form_state) {
function system_form_user_register_form_alter(&$form, &$form_state) {
if (variable_get('configurable_timezones', 1)) {
if (variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT) == DRUPAL_USER_TIMEZONE_SELECT) {
system_user_timezone($form, $form_state);

1
modules/trigger/tests/trigger_test.module
View File

@ -35,6 +35,7 @@ function trigger_test_action_info() {
'comment_insert',
'comment_update',
'comment_delete',
'user_presave',
'user_insert',
'user_update',
'user_delete',

14
modules/trigger/trigger.module
View File

@ -136,11 +136,14 @@ function trigger_trigger_info() {
),
),
'user' => array(
'user_presave' => array(
'label' => t('When either creating a new user account or updating an existing'),
),
'user_insert' => array(
'label' => t('After a user account has been created'),
'label' => t('After creating a new user account'),
),
'user_update' => array(
'label' => t("After a user's profile has been updated"),
'label' => t('After updating a user account'),
),
'user_delete' => array(
'label' => t('After a user has been deleted'),
@ -469,6 +472,13 @@ function trigger_user_logout($account) {
_trigger_user('user_logout', $edit = NULL, $account);
}
/**
* Implement hook_user_presave().
*/
function trigger_user_presave(&$edit, $account, $category) {
_trigger_user('user_presave', $edit, $account, $category);
}
/**
* Implement hook_user_insert().
*/

2
modules/user/user.admin.inc
View File

@ -12,7 +12,7 @@ function user_admin($callback_arg = '') {
switch ($op) {
case t('Create new account'):
case 'create':
$build['user_register'] = drupal_get_form('user_register');
$build['user_register'] = drupal_get_form('user_register_form');
break;
default:
if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'cancel')) {

151
modules/user/user.api.php
View File

@ -178,28 +178,6 @@ function hook_user_operations() {
return $operations;
}
/**
* The user object has been updated and changed.
*
* Use this if (probably along with 'insert') if you want to reuse some
* information from the user object.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is performed.
* @param $category
* The active category of user information being edited.
*/
function hook_user_after_update(&$edit, $account, $category) {
db_insert('user_changes')
->fields(array(
'uid' => $account->uid,
'changed' => time(),
))
->execute();
}
/**
* Retrieve a list of all user setting/information categories.
*
@ -218,7 +196,36 @@ function hook_user_categories() {
}
/**
* The user account is being added.
* A user account is about to be created or updated.
*
* This hook is primarily intended for modules that want to store properties in
* the serialized {users}.data column, which is automatically loaded whenever a
* user account object is loaded, and the module needs to prepare the stored
* data in some way.
* The module should save its custom additions to the user object into the
* database and set the saved fields to NULL in $edit.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is performed.
* @param $category
* The active category of user information being edited.
*
* @see hook_user_insert()
* @see hook_user_update()
*/
function hook_user_presave(&$edit, $account, $category) {
// Make sure that our form value 'mymodule_foo' is stored as 'mymodule_bar'.
if (isset($edit['mymodule_foo'])) {
$edit['mymodule_bar'] = $edit['mymodule_foo'];
// Inform user_save() to ignore the value of our property.
$edit['mymodule_foo'] = NULL;
}
}
/**
* A user account was created.
*
* The module should save its custom additions to the user object into the
* database and set the saved fields to NULL in $edit.
@ -229,6 +236,9 @@ function hook_user_categories() {
* The user object on which the operation is being performed.
* @param $category
* The active category of user information being edited.
*
* @see hook_user_presave()
* @see hook_user_update()
*/
function hook_user_insert(&$edit, $account, $category) {
db_insert('mytable')
@ -237,9 +247,35 @@ function hook_user_insert(&$edit, $account, $category) {
'uid' => $account->uid,
))
->execute();
// Inform user_save() to ignore the value of our property.
$edit['myfield'] = NULL;
}
/**
* A user account was updated.
*
* Modules may use this hook to update their user data in a custom storage
* after a user account has been updated.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is performed.
* @param $category
* The active category of user information being edited.
*
* @see hook_user_presave()
* @see hook_user_insert()
*/
function hook_user_update(&$edit, $account, $category) {
db_insert('user_changes')
->fields(array(
'uid' => $account->uid,
'changed' => time(),
))
->execute();
}
/**
* The user just logged in.
*
@ -270,75 +306,6 @@ function hook_user_logout($account) {
->execute();
}
/**
* Modify the account before it gets saved.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is performed.
* @param $category
* The active category of user information being edited.
*/
function hook_user_submit(&$edit, $account, $category) {
if ($category == 'account') {
if (!empty($edit['picture_upload'])) {
$edit['picture'] = $edit['picture_upload'];
}
// Delete picture if requested, and if no replacement picture was given.
elseif (!empty($edit['picture_delete'])) {
$edit['picture'] = NULL;
}
// Remove these values so they don't end up serialized in the data field.
$edit['picture_upload'] = NULL;
$edit['picture_delete'] = NULL;
if (isset($edit['roles'])) {
$edit['roles'] = array_filter($edit['roles']);
}
}
}
/**
* The user account is being changed.
*
* The module should save its custom additions to the user object into the
* database and set the saved fields to NULL in $edit.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is performed.
* @param $category
* The active category of user information being edited.
*/
function hook_user_update(&$edit, $account, $category) {
db_update('mytable')
->fields(array('myfield' => $edit['myfield']))
->condition('uid', $account->uid)
->execute();
$edit['myfield'] = NULL;
}
/**
* The user account is about to be modified.
*
* The module should validate its custom additions to the user object,
* registering errors as necessary.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is being performed.
* @param $category
* The active category of user information being edited.
*/
function hook_user_validate(&$edit, $account, $category) {
if ($category == 'mymodule' && empty($edit['myfield'])) {
form_set_error('myfield', t('Myfield is required.'));
}
}
/**
* The user's account information is being displayed.
*

537
modules/user/user.module
View File

@ -336,8 +336,10 @@ function user_save($account, $edit = array(), $category = 'account') {
if (!isset($account->is_new)) {
$account->is_new = empty($account->uid);
}
user_module_invoke('presave', $edit, $account, $category);
if (is_object($account) && !$account->is_new) {
user_module_invoke('update', $edit, $account, $category);
$data = unserialize(db_query('SELECT data FROM {users} WHERE uid = :uid', array(':uid' => $account->uid))->fetchField());
// Consider users edited by an administrator as logged in, if they haven't
// already, so anonymous users can view the profile (if allowed).
@ -384,15 +386,10 @@ function user_save($account, $edit = array(), $category = 'account') {
$edit['uid'] = $account->uid;
// Save changes to the user table.
$success = drupal_write_record('users', $edit, 'uid');
if (!$success) {
if ($success === FALSE) {
// The query failed - better to abort the save than risk further
// data loss.
// TODO: Fields change: I think this is a bug. If no columns in
// the user table are changed, drupal_write_record returns
// FALSE because rowCount() (rows changed) is 0. However,
// non-users data may have been changed, e.g. fields.
// return FALSE;
return FALSE;
}
// If the picture changed or was unset, remove the old one. This step needs
@ -448,7 +445,7 @@ function user_save($account, $edit = array(), $category = 'account') {
_user_mail_notify($op, $user);
}
user_module_invoke('after_update', $edit, $user, $category);
user_module_invoke('update', $edit, $user, $category);
}
else {
// Allow 'created' to be set by the caller.
@ -463,7 +460,7 @@ function user_save($account, $edit = array(), $category = 'account') {
$edit['mail'] = trim($edit['mail']);
$success = drupal_write_record('users', $edit);
if (!$success) {
if ($success === FALSE) {
// On a failed INSERT some other existing user's uid may be returned.
// We must abort to avoid overwriting their account.
return FALSE;
@ -856,40 +853,184 @@ function user_user_view($account) {
}
/**
* Implement hook_user_validate().
* Helper function to add default user account fields to user registration and edit form.
*/
function user_user_validate(&$edit, $account, $category) {
if ($category == 'account') {
$uid = isset($account->uid) ? $account->uid : FALSE;
// Validate the username when: new user account; or user is editing own account and can change username; or an admin user.
if (!$uid || ($GLOBALS['user']->uid == $uid && user_access('change own username')) || user_access('administer users')) {
if ($error = user_validate_name($edit['name'])) {
function user_account_form(&$form, &$form_state) {
global $user;
$account = $form['#user'];
$register = ($form['#user']->uid > 0 ? FALSE : TRUE);
_user_password_dynamic_validation();
$admin = user_access('administer users');
$form['#validate'][] = 'user_account_form_validate';
// Account information.
$form['account'] = array(
'#type' => 'fieldset',
'#title' => t('Account information'),
'#weight' => -10,
);
// Only show name field on registration form or user can change own username.
$form['account']['name'] = array(
'#type' => 'textfield',
'#title' => t('Username'),
'#maxlength' => USERNAME_MAX_LENGTH,
'#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'),
'#required' => TRUE,
'#attributes' => array('class' => array('username')),
'#default_value' => (!$register ? $account->name : ''),
'#access' => ($register || ($user->uid == $account->uid && user_access('change own username')) || $admin),
);
$form['account']['mail'] = array(
'#type' => 'textfield',
'#title' => t('E-mail address'),
'#maxlength' => EMAIL_MAX_LENGTH,
'#description' => t('A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'),
'#required' => TRUE,
'#default_value' => (!$register ? $account->mail : ''),
);
// Display password field only for existing users or when user is allowed to
// assign a password during registration.
if (!$register) {
$form['account']['pass'] = array(
'#type' => 'password_confirm',
'#size' => 25,
'#description' => t('To change the current user password, enter the new password in both fields.'),
);
}
elseif (!variable_get('user_email_verification', TRUE) || $admin) {
$form['account']['pass'] = array(
'#type' => 'password_confirm',
'#size' => 25,
'#description' => t('Provide a password for the new account in both fields.'),
'#required' => TRUE,
);
}
if ($admin) {
$status = (isset($account->status) ? $account->status : 1);
}
else {
$status = (variable_get('user_register', 1) == 1);
}
$form['account']['status'] = array(
'#type' => 'radios',
'#title' => t('Status'),
'#default_value' => $status,
'#options' => array(t('Blocked'), t('Active')),
'#access' => $admin,
);
$roles = user_roles(TRUE);
// The disabled checkbox subelement for the 'authenticated user' role
// must be generated separately and added to the checkboxes element,
// because of a limitation in Form API not supporting a single disabled
// checkbox within a set of checkboxes.
// @todo This should be solved more elegantly. See issue #119038.
$checkbox_authenticated = array(
'#type' => 'checkbox',
'#title' => $roles[DRUPAL_AUTHENTICATED_RID],
'#default_value' => TRUE,
'#disabled' => TRUE,
);
unset($roles[DRUPAL_AUTHENTICATED_RID]);
$form['account']['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => (!$register && isset($account->roles) ? array_keys($account->roles) : array()),
'#options' => $roles,
'#access' => $roles && user_access('administer permissions'),
DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated,
);
$form['account']['notify'] = array(
'#type' => 'checkbox',
'#title' => t('Notify user of new account'),
'#access' => $register && $admin,
);
// Signature.
$form['signature_settings'] = array(
'#type' => 'fieldset',
'#title' => t('Signature settings'),
'#weight' => 1,
'#access' => (!$register && variable_get('user_signatures', 0)),
);
$form['signature_settings']['signature'] = array(
'#type' => 'textarea',
'#title' => t('Signature'),
'#default_value' => isset($account->signature) ? $account->signature : '',
'#description' => t('Your signature will be publicly displayed at the end of your comments.'),
);
// Picture/avatar.
$form['picture'] = array(
'#type' => 'fieldset',
'#title' => t('Picture'),
'#weight' => 1,
'#access' => (!$register && variable_get('user_pictures', 0)),
);
$form['picture']['picture'] = array(
'#type' => 'value',
'#value' => isset($account->picture) ? $account->picture : NULL,
);
$form['picture']['picture_current'] = array(
'#markup' => theme('user_picture', array('account' => $account)),
);
$form['picture']['picture_delete'] = array(
'#type' => 'checkbox',
'#title' => t('Delete picture'),
'#access' => !empty($account->picture->fid),
'#description' => t('Check this box to delete your current picture.'),
);
$form['picture']['picture_upload'] = array(
'#type' => 'file',
'#title' => t('Upload picture'),
'#size' => 48,
'#description' => t('Your virtual face or picture. Maximum dimensions are %dimensions pixels and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) . ' ' . variable_get('user_picture_guidelines', ''),
);
$form['#validate'][] = 'user_validate_picture';
}
/**
* Form validation handler for user_account_form().
*/
function user_account_form_validate($form, &$form_state) {
if ($form['#user_category'] == 'account' || $form['#user_category'] == 'register') {
$account = $form['#user'];
// Validate new or changing username.
if (isset($form_state['values']['name'])) {
if ($error = user_validate_name($form_state['values']['name'])) {
form_set_error('name', $error);
}
elseif ((bool) db_query_range("SELECT 1 FROM {users} WHERE uid <> :uid AND LOWER(name) = LOWER(:name)", 0, 1, array(':uid' => $uid, ':name' => $edit['name']))->fetchField()) {
form_set_error('name', t('The name %name is already taken.', array('%name' => $edit['name'])));
elseif ((bool) db_query_range("SELECT 1 FROM {users} WHERE uid <> :uid AND LOWER(name) = LOWER(:name)", 0, 1, array(':uid' => $account->uid, ':name' => $form_state['values']['name']))->fetchField()) {
form_set_error('name', t('The name %name is already taken.', array('%name' => $form_state['values']['name'])));
}
}
// Validate the e-mail address, and check if it is taken by an existing user.
if ($error = user_validate_mail($edit['mail'])) {
if ($error = user_validate_mail($form_state['values']['mail'])) {
form_set_error('mail', $error);
}
elseif ((bool) db_query_range("SELECT 1 FROM {users} WHERE uid <> :uid AND LOWER(mail) = LOWER(:mail)", 0, 1, array(':uid' => $uid, ':mail' => $edit['mail']))->fetchField()) {
elseif ((bool) db_query_range("SELECT 1 FROM {users} WHERE uid <> :uid AND LOWER(mail) = LOWER(:mail)", 0, 1, array(':uid' => $account->uid, ':mail' => $form_state['values']['mail']))->fetchField()) {
// Format error message dependent on whether the user is logged in or not.
if ($GLOBALS['user']->uid) {
form_set_error('mail', t('The e-mail address %email is already taken.', array('%email' => $edit['mail'])));
form_set_error('mail', t('The e-mail address %email is already taken.', array('%email' => $form_state['values']['mail'])));
}
else {
form_set_error('mail', t('The e-mail address %email is already registered. <a href="@password">Have you forgotten your password?</a>', array('%email' => $edit['mail'], '@password' => url('user/password'))));
form_set_error('mail', t('The e-mail address %email is already registered. <a href="@password">Have you forgotten your password?</a>', array('%email' => $form_state['values']['mail'], '@password' => url('user/password'))));
}
}
// Make sure the signature isn't longer than the size of the database field.
// Signatures are disabled by default, so make sure it exists first.
if (isset($edit['signature'])) {
if (isset($form_state['values']['signature'])) {
$user_schema = drupal_get_schema('users');
if (strlen($edit['signature']) > $user_schema['fields']['signature']['length']) {
if (drupal_strlen($form_state['values']['signature']) > $user_schema['fields']['signature']['length']) {
form_set_error('signature', t('The signature is too long: it must be %max characters or less.', array('%max' => $user_schema['fields']['signature']['length'])));
}
}
@ -897,10 +1038,10 @@ function user_user_validate(&$edit, $account, $category) {
}
/**
* Implement hook_user_submit().
* Implement hook_user_presave().
*/
function user_user_submit(&$edit, $account, $category) {
if ($category == 'account') {
function user_user_presave(&$edit, $account, $category) {
if ($category == 'account' || $category == 'register') {
if (!empty($edit['picture_upload'])) {
$edit['picture'] = $edit['picture_upload'];
}
@ -912,6 +1053,7 @@ function user_user_submit(&$edit, $account, $category) {
$edit['picture_upload'] = NULL;
$edit['picture_delete'] = NULL;
// Prepare user roles.
if (isset($edit['roles'])) {
$edit['roles'] = array_filter($edit['roles']);
}
@ -1235,7 +1377,7 @@ function user_menu() {
$items['user/register'] = array(
'title' => 'Create new account',
'page callback' => 'drupal_get_form',
'page arguments' => array('user_register'),
'page arguments' => array('user_register_form'),
'access callback' => 'user_register_access',
'type' => MENU_LOCAL_TASK,
);
@ -1376,8 +1518,10 @@ function user_menu() {
$items['user/%user/edit'] = array(
'title' => 'Edit',
'page callback' => 'user_edit',
'page arguments' => array(1),
'title callback' => 'user_page_title',
'title arguments' => array(1),
'page callback' => 'drupal_get_form',
'page arguments' => array('user_profile_form', 1),
'access callback' => 'user_edit_access',
'access arguments' => array(1),
'type' => MENU_LOCAL_TASK,
@ -1397,8 +1541,8 @@ function user_menu() {
$items['user/%user_category/edit/' . $category['name']] = array(
'title callback' => 'check_plain',
'title arguments' => array($category['title']),
'page callback' => 'user_edit',
'page arguments' => array(1, 3),
'page callback' => 'drupal_get_form',
'page arguments' => array('user_profile_form', 1, 3),
'access callback' => isset($category['access callback']) ? $category['access callback'] : 'user_edit_access',
'access arguments' => isset($category['access arguments']) ? $category['access arguments'] : array(1),
'type' => MENU_LOCAL_TASK,
@ -1760,7 +1904,7 @@ function user_external_login_register($name, $module) {
'status' => 1,
'access' => REQUEST_TIME
);
$account = user_save('', $userinfo);
$account = user_save(drupal_anonymous_user(), $userinfo);
// Terminate if an error occurred during user_save().
if (!$account) {
drupal_set_message(t("Error saving user account."), 'error');
@ -1794,142 +1938,6 @@ function user_pass_rehash($password, $timestamp, $login) {
return md5($timestamp . $password . $login);
}
function user_edit_form(&$form, &$form_state) {
global $user;
$account = $form['#user'];
$register = ($form['#user']->uid > 0 ? FALSE : TRUE);
_user_password_dynamic_validation();
$admin = user_access('administer users');
// Account information:
$form['account'] = array(
'#type' => 'fieldset',
'#title' => t('Account information'),
'#weight' => -10,
);
// Only show name field when: registration page; or user is editing own
// account and can change username; or an admin user.
if ($register || ($user->uid == $account->uid && user_access('change own username')) || $admin) {
$form['account']['name'] = array(
'#type' => 'textfield',
'#title' => t('Username'),
'#maxlength' => USERNAME_MAX_LENGTH,
'#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'),
'#required' => TRUE,
'#attributes' => array('class' => array('username')),
);
if (!$register) {
$form['account']['name']['#default_value'] = $account->name;
}
}
$form['account']['mail'] = array(
'#type' => 'textfield',
'#title' => t('E-mail address'),
'#maxlength' => EMAIL_MAX_LENGTH,
'#description' => t('A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'),
'#required' => TRUE,
);
if (!$register) {
$form['account']['mail']['#default_value'] = $account->mail;
}
if (!$register) {
$form['account']['pass'] = array(
'#type' => 'password_confirm',
'#description' => t('To change the current user password, enter the new password in both fields.'),
'#size' => 25,
);
}
elseif (!variable_get('user_email_verification', TRUE) || $admin) {
$form['account']['pass'] = array(
'#type' => 'password_confirm',
'#description' => t('Provide a password for the new account in both fields.'),
'#required' => TRUE,
'#size' => 25,
);
}
if ($admin) {
$form['account']['status'] = array(
'#type' => 'radios',
'#title' => t('Status'),
'#default_value' => isset($account->status) ? $account->status : 1,
'#options' => array(t('Blocked'), t('Active'))
);
}
if (user_access('administer permissions')) {
$roles = user_roles(TRUE);
// The disabled checkbox subelement for the 'authenticated user' role
// must be generated separately and added to the checkboxes element,
// because of a limitation in D6 FormAPI not supporting a single disabled
// checkbox within a set of checkboxes.
// TODO: This should be solved more elegantly. See issue #119038.
$checkbox_authenticated = array(
'#type' => 'checkbox',
'#title' => $roles[DRUPAL_AUTHENTICATED_RID],
'#default_value' => TRUE,
'#disabled' => TRUE,
);
unset($roles[DRUPAL_AUTHENTICATED_RID]);
if ($roles) {
$form['account']['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => isset($account->roles) ? array_keys($account->roles) : array(),
'#options' => $roles,
DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated,
);
}
}
// Signature:
if (variable_get('user_signatures', 0) && module_exists('comment') && !$register) {
$form['signature_settings'] = array(
'#type' => 'fieldset',
'#title' => t('Signature settings'),
'#weight' => 1,
);
$form['signature_settings']['signature'] = array(
'#type' => 'textarea',
'#title' => t('Signature'),
'#default_value' => isset($account->signature) ? $account->signature : '',
'#description' => t('Your signature will be publicly displayed at the end of your comments.'),
);
}
// Picture/avatar:
if (variable_get('user_pictures', 0) && !$register) {
$form['picture'] = array(
'#type' => 'fieldset',
'#title' => t('Picture'),
'#weight' => 1,
);
$form['picture']['picture'] = array(
'#type' => 'value',
'#value' => isset($account->picture) ? $account->picture : NULL,
);
$form['picture']['picture_current'] = array(
'#markup' => theme('user_picture', array('account' => $account)),
);
$form['picture']['picture_delete'] = array(
'#type' => 'checkbox',
'#title' => t('Delete picture'),
'#access' => !empty($account->picture->fid),
'#description' => t('Check this box to delete your current picture.'),
);
$form['picture']['picture_upload'] = array(
'#type' => 'file',
'#title' => t('Upload picture'),
'#size' => 48,
'#description' => t('Your virtual face or picture. Maximum dimensions are %dimensions pixels and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) . ' ' . variable_get('user_picture_guidelines', ''),
);
$form['#validate'][] = 'user_profile_form_validate';
$form['#validate'][] = 'user_validate_picture';
}
}
/**
* Cancel a user account.
*
@ -3034,104 +3042,15 @@ function user_block_user_action(&$object, $context = array()) {
}
/**
* Submit handler for the user registration form.
*
* This function is shared by the installation form and the normal registration form,
* which is why it can't be in the user.pages.inc file.
*/
function user_register_submit($form, &$form_state) {
global $base_url;
$admin = user_access('administer users');
$mail = $form_state['values']['mail'];
$name = $form_state['values']['name'];
if (!variable_get('user_email_verification', TRUE) || $admin) {
$pass = $form_state['values']['pass'];
}
else {
$pass = user_password();
};
$notify = isset($form_state['values']['notify']) ? $form_state['values']['notify'] : NULL;
$from = variable_get('site_mail', ini_get('sendmail_from'));
if (isset($form_state['values']['roles'])) {
// Remove unset roles.
$roles = array_filter($form_state['values']['roles']);
}
else {
$roles = array();
}
if (!$admin && array_intersect(array_keys($form_state['values']), array('uid', 'roles', 'init', 'session', 'status'))) {
watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
$form_state['redirect'] = 'user/register';
return;
}
// The unset below is needed to prevent these form values from being saved as
// user data.
unset($form_state['values']['form_token'], $form_state['values']['submit'], $form_state['values']['op'], $form_state['values']['notify'], $form_state['values']['form_id'], $form_state['values']['affiliates'], $form_state['values']['destination'], $form_state['values']['form_build_id']);
$merge_data = array('pass' => $pass, 'init' => $mail, 'roles' => $roles);
if (!$admin) {
// Set the user's status because it was not displayed in the form.
$merge_data['status'] = variable_get('user_register', 1) == 1;
}
$account = user_save('', array_merge($form_state['values'], $merge_data));
// Terminate if an error occurred during user_save().
if (!$account) {
drupal_set_message(t("Error saving user account."), 'error');
$form_state['redirect'] = '';
return;
}
$form_state['user'] = $account;
watchdog('user', 'New user: %name (%email).', array('%name' => $name, '%email' => $mail), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $account->uid . '/edit'));
// Add plain text password into user account to generate mail tokens.
$account->password = $pass;
if ($admin && !$notify) {
drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
elseif (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
// No e-mail verification is required, create new user account, and login
// user immediately.
_user_mail_notify('register_no_approval_required', $account);
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
drupal_set_message(t('Registration successful. You are now logged in.'));
$form_state['redirect'] = '';
return;
}
elseif ($account->status || $notify) {
// Create new user account, no administrator approval required.
$op = $notify ? 'register_admin_created' : 'register_no_approval_required';
_user_mail_notify($op, $account);
if ($notify) {
drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
else {
drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = '';
return;
}
}
else {
// Create new user account, administrator approval required.
_user_mail_notify('register_pending_approval', $account);
drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
$form_state['redirect'] = '';
return;
}
}
/**
* Form builder; The user registration form.
* Form builder; the user registration form.
*
* @ingroup forms
* @see user_register_validate()
* @see user_account_form()
* @see user_account_form_validate()
* @see user_account_form_submit()
* @see user_register_submit()
*/
function user_register($form, &$form_state) {
function user_register_form($form, &$form_state) {
global $user;
$admin = user_access('administer users');
@ -3145,12 +3064,9 @@ function user_register($form, &$form_state) {
$form['#user_category'] = 'register';
// Start with the default user account fields.
user_edit_form($form, $form_state);
user_account_form($form, $form_state);
if ($admin) {
$form['account']['notify'] = array(
'#type' => 'checkbox',
'#title' => t('Notify user of new account')
);
// Redirect back to page which initiated the create request;
// usually admin/people/create.
$form_state['redirect'] = $_GET['q'];
@ -3164,14 +3080,89 @@ function user_register($form, &$form_state) {
$form['account']['#type'] = 'markup';
}
$form['submit'] = array('#type' => 'submit', '#value' => t('Create new account'), '#weight' => 30);
$form['#validate'][] = 'user_register_validate';
$form['submit'] = array(
'#type' => 'submit',
'#value' => t('Create new account'),
'#weight' => 30,
);
// Add the final user registration form submit handler.
$form['#submit'][] = 'user_register_submit';
return $form;
}
function user_register_validate($form, &$form_state) {
user_module_invoke('validate', $form_state['values'], $form_state['values'], 'account');
/**
* Submit handler for the user registration form.
*
* This function is shared by the installation form and the normal registration form,
* which is why it can't be in the user.pages.inc file.
*
* @see user_register_form()
*/
function user_register_submit($form, &$form_state) {
$admin = user_access('administer users');
if (!variable_get('user_email_verification', TRUE) || $admin) {
$pass = $form_state['values']['pass'];
}
else {
$pass = user_password();
}
$notify = !empty($form_state['values']['notify']);
// The unset below is needed to prevent these form values from being saved as
// user data.
unset($form_state['values']['form_token'], $form_state['values']['submit'], $form_state['values']['op'], $form_state['values']['notify'], $form_state['values']['form_id'], $form_state['values']['affiliates'], $form_state['values']['destination'], $form_state['values']['form_build_id']);
$form_state['values']['pass'] = $pass;
$form_state['values']['init'] = $form_state['values']['mail'];
$account = $form['#user'];
$account = user_save($account, $form_state['values']);
// Terminate if an error occurred during user_save().
if (!$account) {
drupal_set_message(t("Error saving user account."), 'error');
$form_state['redirect'] = '';
return;
}
$form_state['user'] = $account;
watchdog('user', 'New user: %name (%email).', array('%name' => $form_state['values']['name'], '%email' => $form_state['values']['mail']), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $account->uid . '/edit'));
// Add plain text password into user account to generate mail tokens.
$account->password = $pass;
// New administrative account without notification.
if ($admin && !$notify) {
drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
// No e-mail verification required; login user immediately.
elseif (!$admin && !variable_get('user_email_verification', TRUE) && $account->status) {
_user_mail_notify('register_no_approval_required', $account);
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
drupal_set_message(t('Registration successful. You are now logged in.'));
$form_state['redirect'] = '';
}
// No administrator approval required.
elseif ($account->status || $notify) {
$op = $notify ? 'register_admin_created' : 'register_no_approval_required';
_user_mail_notify($op, $account);
if ($notify) {
drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
else {
drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = '';
}
}
// Administrator approval required.
else {
_user_mail_notify('register_pending_approval', $account);
drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
$form_state['redirect'] = '';
}
}
/**

37
modules/user/user.pages.inc
View File

@ -209,18 +209,13 @@ function template_preprocess_user_profile_category(&$variables) {
}
}
/**
* Menu callback; Present the form to edit a given user or profile category.
*/
function user_edit($account, $category = 'account') {
drupal_set_title($account->name);
return drupal_get_form('user_profile_form', $account, $category);
}
/**
* Form builder; edit a user account or one of their profile categories.
*
* @ingroup forms
* @see user_account_form()
* @see user_account_form_validate()
* @see user_account_form_submit()
* @see user_profile_form_validate()
* @see user_profile_form_submit()
* @see user_cancel_confirm_form_submit()
@ -232,23 +227,31 @@ function user_profile_form($form, &$form_state, $account, $category = 'account')
$form['#user_category'] = $category;
if ($category == 'account') {
user_edit_form($form, $form_state);
user_account_form($form, $form_state);
}
// Attach field widgets.
field_attach_form('user', $account, $form, $form_state);
$form['submit'] = array('#type' => 'submit', '#value' => t('Save'), '#weight' => 30);
if (($account->uid == $user->uid && user_access('cancel account')) || user_access('administer users')) {
$form['submit'] = array(
'#type' => 'submit',
'#value' => t('Save'),
'#weight' => 30,
);
if ($category == 'account') {
$form['cancel'] = array(
'#type' => 'submit',
'#value' => t('Cancel account'),
'#weight' => 31,
'#submit' => array('user_edit_cancel_submit'),
'#access' => ($account->uid == $user->uid && user_access('cancel account')) || user_access('administer users'),
);
}
$form['#validate'][] = 'user_profile_form_validate';
// Add the final user profile form submit handler.
$form['#submit'][] = 'user_profile_form_submit';
return $form;
}
@ -258,14 +261,6 @@ function user_profile_form($form, &$form_state, $account, $category = 'account')
function user_profile_form_validate($form, &$form_state) {
$edit = (object)$form_state['values'];
field_attach_form_validate('user', $edit, $form, $form_state);
$edit = (array)$edit;
user_module_invoke('validate', $edit, $form['#user'], $form['#user_category']);
// Validate input to ensure that non-privileged users can't alter protected data.
if ((!user_access('administer users') && array_intersect(array_keys($edit), array('uid', 'init', 'session'))) || (!user_access('administer permissions') && isset($form_state['values']['roles']))) {
watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
// set this to a value type field
form_set_error('category', t('Detected malicious attempt to alter protected user fields.'));
}
}
/**
@ -279,7 +274,7 @@ function user_profile_form_submit($form, &$form_state) {
$edit = (object)$form_state['values'];
field_attach_submit('user', $edit, $form, $form_state);
$edit = (array)$edit;
user_module_invoke('submit', $edit, $account, $category);
user_save($account, $edit, $category);
// Clear the page cache because pages can contain usernames and/or profile information:

2
modules/user/user.test
View File

@ -1224,7 +1224,7 @@ class UserSaveTestCase extends DrupalWebTestCase {
'pass' => user_password(),
'status' => 1,
);
$user_by_return = user_save('', $user);
$user_by_return = user_save(drupal_anonymous_user(), $user);
$this->assertTrue($user_by_return, t('Loading user by return of user_save().'));
// Test if created user exists.