Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
drupal/modules/account.module

200 lines
9.3 KiB
Plaintext
Raw Blame History

<?php
$module = array("help" => "account_help",
"find" => "account_find",
"admin" => "account_admin");
function account_help() {
?>
<P>The account-module is responsible for maintaining the user database. It automatically handles tasks like registration, authentication, access rights, password retrieval, user settings and much more.</P>
<P>The required administration can be accomplished through the "account" interface of the administration section. From here administrators can get a quick overview of all registered users and view/edit specific accounts using the links provided. Some useful operations include blocking specific accounts (e.g. a troublesome user) and giving/taking administration permissions. Note that you should only give these permissions to people you trust!</P>
<P>Check the documentation page for detailed information about user management.</P>
<?php
}
function account_find($keys) {
global $user;
$find = array();
$result = db_query("SELECT * FROM users WHERE userid LIKE '%$keys%' LIMIT 20");
while ($account = db_fetch_object($result)) {
array_push($find, array("subject" => $account->userid, "link" => (user_access($user, "account") ? "admin.php?mod=account&op=view&name=$account->userid" : "account.php?op=view&name=$account->userid"), "user" => $account->userid));
}
return $find;
}
function account_search() {
global $keys, $mod;
print search_form($keys);
print search_data($keys, $mod);
}
function account_display($order = "username") {
$result = db_query("SELECT id, userid, last_access FROM users ORDER BY last_access DESC LIMIT 50");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>username</TH><TH>last access</TH><TH COLSPAN=\"3\">operations</TH></TR>\n";
while ($account = db_fetch_object($result)) {
$output .= " <TR><TD>". format_username($account->userid) ."</TD><TD>". format_date($account->last_access) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account->userid\">view</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=$account->userid\">edit</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=delete&name=$account->userid\">delete</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
print $output;
}
function account_access($account) {
$data = explode(";", $account->access);
foreach ($data as $array) {
$access = explode(":", $array);
if ($access[0]) $output .= " $access[0]";
}
return $output;
}
function account_blocks($id) {
$result = db_query("SELECT * FROM layout WHERE user = '$id'");
while ($layout = db_fetch_object($result)) {
$output .= "<LI>$layout->block</LI>\n";
}
return $output;
}
function account_nodes($id) {
$result = db_query("SELECT * FROM nodes WHERE author = $id ORDER BY timestamp DESC");
while ($node = db_fetch_object($result)) {
$output .= "<LI><A HREF=\"node.php?id=$node->nid\">$node->title</A> ($node->type)</LI>\n";
}
return $output;
}
function account_comments($id) {
$result = db_query("SELECT * FROM comments WHERE author = '$id' ORDER BY timestamp DESC");
while ($comment = db_fetch_object($result)) {
$output .= "<LI><A HREF=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">$comment->subject</A></LI>\n";
}
return $output;
}
function account_delete($name) {
$result = db_query("SELECT * FROM users WHERE userid = '$name' AND status = 0 AND id > 1");
if ($account = db_fetch_object($result)) {
db_query("DELETE FROM users WHERE id = '$account->id'");
}
else {
print "<P>Failed to delete account '". format_username($name) ."': the account must be blocked first.</P>";
}
}
function account_edit_save($name, $edit) {
foreach ($edit as $key=>$value) if ($key != "access") $query .= "$key = '". addslashes($value) ."', ";
db_query("UPDATE users SET $query access = '' WHERE userid = '$name'");
if ($edit["access"]) foreach ($edit["access"] as $key=>$value) user_set(user_load($name), "access", $value, 1);
watchdog("message", "account: modified user '$name'");
}
function account_edit($name) {
global $access, $account;
function access($name, $module) {
global $access, $account;
$access .= "<OPTION VALUE=\"$name\"". (user_access($account, $name) ? " SELECTED" : "") .">$name</OPTION>";
}
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
foreach ($status as $key=>$value) {
$stat .= " <OPTION VALUE=\"$key\"". (($account->status == $key) ? " SELECTED" : "") .">$value</OPTION>\n";
}
module_iterate("access");
$output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$output .= "<B>ID:</B><BR>$account->id<P>\n";
$output .= "<B>Username:</B><BR>". check_output($account->userid) ."<P>\n";
$output .= "<B>Status:</B><BR><SELECT NAME=\"edit[status]\">\n$stat</SELECT><P>\n";
$output .= "<B>Administrator access:</B><BR><SELECT NAME=\"edit[access][]\" MULTIPLE=\"true\" SIZE=\"10\">$access</SELECT><P>\n";
$output .= "<B>Real name:</B><BR><INPUT NAME=\"edit[name]\" SIZE=\"55\" VALUE=\"$account->real_name\"><P>\n";
$output .= "<B>Real e-mail address:</B><BR><INPUT NAME=\"edit[real_email]\" SIZE=\"55\" VALUE=\"$account->real_email\"><P>\n";
$output .= "<B>Fake e-mail address:</B><BR><INPUT NAME=\"edit[fake_email]\" SIZE=\"55\" VALUE=\"$account->fake_email\"><P>\n";
$output .= "<B>URL of homepage:</B><BR><INPUT NAME=\"edit[url]\" SIZE=\"55\" VALUE=\"$account->url\"><P>\n";
$output .= "<B>Bio information:</B><BR><TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->bio</TEXTAREA><P>\n";
$output .= "<B>Signature:</B><BR><TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->signature</TEXTAREA><P>\n";
$output .= "<INPUT TYPE=\"hidden\" NAME=\"name\" VALUE=\"$account->userid\">\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"View account\">\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save account\">\n";
$output .= "</FORM>\n";
print "$output";
}
}
function account_view($name) {
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
$output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TH>ID:</TH><TD>$account->id</TD></TR>\n";
$output .= " <TR><TH>Username:</TH><TD>$account->userid</TD></TR>\n";
$output .= " <TR><TH>Status:</TH><TD>". $status[$account->status] ."</TD></TR>\n";
$output .= " <TR><TH>Access:</TH><TD>". check_output(account_access($account)) ."</TD></TR>\n";
$output .= " <TR><TH>Real name:</TH><TD>". check_output($account->name) ."</TD></TR>\n";
$output .= " <TR><TH>Real e-mail address:</TH><TD>". format_email($account->real_email) ."</TD></TR>\n";
$output .= " <TR><TH>Fake e-mail address:</TH><TD>". check_output($account->fake_email) ."</TD></TR>\n";
$output .= " <TR><TH>URL of homepage:</TH><TD>". format_url($account->url) ."</TD></TR>\n";
$output .= " <TR><TH>Last access:</TH><TD>". format_date($account->last_access) ." from ". check_output($account->last_host) ."</TD></TR>\n";
$output .= " <TR><TH>User rating:</TH><TD>". check_output($account->rating) ."</TD></TR>\n";
$output .= " <TR><TH>Bio information:</TH><TD>". check_output($account->bio) ."</TD></TR>\n";
$output .= " <TR><TH><B>Signature:</TH><TD>". check_output($account->signature) ."</TD></TR>\n";
$output .= " <TR><TH>Theme:</TH><TD>". check_output($account->theme) ."</TD></TR>\n";
$output .= " <TR><TH>Timezone:</TH><TD>". check_output($account->timezone / 3600) ."</TD></TR>\n";
$output .= " <TR><TH>Selected blocks:</TH><TD>". check_output(account_blocks($account->id)) ."</TD></TR>\n";
$output .= " <TR><TH>Submitted nodes:</TH><TD>". check_output(account_nodes($account->id)) ."</TD></TR>\n";
$output .= " <TR><TH>Submitted comments:</TH><TD>". check_output(account_comments($account->id)) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"center\" COLSPAN=\"2\"><INPUT TYPE=\"hidden\" NAME=\"name\" VALUE=\"$account->userid\"><INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Edit account\"><INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Delete account\"></TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "</FORM>\n";
print "$output";
}
}
function account_admin() {
global $op, $edit, $order, $name;
print "<SMALL><A HREF=\"admin.php?mod=account\">overview</A> | <A HREF=\"admin.php?mod=account&op=search\">search account</A> | <A HREF=\"admin.php?mod=account&op=help\">help</A></SMALL><HR>\n";
switch ($op) {
case "Delete account":
case "delete":
account_delete(check_input($name));
account_display();
break;
case "Edit account":
case "edit":
account_edit(check_input($name));
break;
case "help":
account_help();
break;
case "search":
account_search();
break;
case "View account":
case "view":
account_view($name);
break;
case "Save account":
account_edit_save(check_input($name), $edit);
account_view(check_input($name));
break;
default:
account_display();
}
}
?>
Reference in New Issue View Git Blame Copy Permalink