Changes

- Moved account_password() and account_validate() to user.inc. - Greatly reduced the number of SQL calls in account_save() when editing an account. Now uses one db_query() call instead of 1 + (2 * # of access granted). - Fixed access not being saved when account was added. - Should now be possible to edit and add accounts. There were certain bugs before that would cause odd errors.
author: natrak <> 2001-06-18 20:29:36 +0000
committer: natrak <> 2001-06-18 20:29:36 +0000
commit: 6e64691450be0ec2a77fa7c6da74d67f4376db62 (patch)
tree: b9662698c8a45cc85f81c69449d7e1b9d7fa6616 /modules/account.module
parent: e381f5b34a195f35fde904ddd7d2a40cf795aecb (diff)
download: brdo-6e64691450be0ec2a77fa7c6da74d67f4376db62.tar.gz
brdo-6e64691450be0ec2a77fa7c6da74d67f4376db62.tar.bz2
1 files changed, 59 insertions, 67 deletions
diff --git a/modules/account.module b/modules/account.module
index 56ad34737..560d706f0 100644
--- a/modules/account.module
+++ b/modules/account.module
@@ -37,30 +37,6 @@ function account_conf_options() {
   return $output;
 }
 
-function account_password($min_length=6) {
-  mt_srand((double)microtime() * 1000000);
-  $words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
-  while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
-  return $password;
-}
-
-function account_validate($user) {
-  // Verify username and e-mail address:
-  if (empty($user[real_email]) || (!check_mail($user[real_email]))) $error = t("the e-mail address '$user[real_email]' is not valid");
-  if (empty($user[userid]) || (!check_name($user[userid]))) $error = t("the username '$user[userid]' is not valid");
-  if (strlen($user[userid]) > 15) $error = t("the username '$user[userid]' is too long: it must be less than 15 characters");
-
-  // Check to see whether the username or e-mail address are banned:
-  if ($ban = user_ban($user[userid], "username")) $error = t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>";
-  if ($ban = user_ban($user[real_email], "e-mail address")) $error = t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>";
-
-  // Verify whether username and e-mail address are unique:
-  if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the username '$user[userid]' is already taken");
-  if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the e-mail address '$user[real_email]' is already in use by another account");
-
-  return $error;
-}
-
 function account_search($keys) {
   global $user;
   $result = db_query("SELECT * FROM users WHERE userid LIKE '%$keys%' LIMIT 20");
@@ -166,37 +142,74 @@ function account_delete($name) {
   }
 }
 
-function account_save($edit, &$name) {
-  if (!empty($name)) {
+function account_form($account = 0) {
+  global $access;
+
+  function access($name) {
+    global $access, $account;
+    if (module_hook($name, "admin")) $access .= "<OPTION VALUE=\"$name\"". (user_access($account, $name) ? " SELECTED" : "") .">$name</OPTION>";
+  }
+  module_iterate("access");
+  
+  $form .= $account->id ? form_item("ID", $account->id) . form_hidden("id", $account->id) : "";
+  $form .= $account->userid ? form_item(t("Username"), check_output($account->userid)) . form_hidden("userid", $account->userid) : form_textfield(t("Username"), "userid", $account->userid, 15, 15);
+  $form .= form_select(t("Status"), "status", ($account->status ? $account->status : 1), array("blocked", "not confirmed", "open"));
+  $form .= form_item(t("Administrator access"), "<SELECT NAME=\"edit[access][]\" MULTIPLE=\"true\" SIZE=\"10\">$access</SELECT>");
+  $form .= form_textfield(t("Real name"), "name", $account->name, 30, 55);
+  $form .= form_textfield(t("Real e-mail address"), "real_email", $account->real_email, 30, 55);
+  $form .= form_textfield(t("Fake e-mail address"), "fake_email", $account->fake_email, 30, 55);
+  $form .= form_textfield(t("Homepage"), "url", $account->url, 30, 55);
+  $form .= form_textarea(t("Bio"), "bio", $account->bio, 35, 5);
+  $form .= form_textarea(t("Signature"), "signature", $account->signature, 35, 5);
+  if ($account) {
+    $form .= form_submit("View account");
+  }
+  $form .= form_submit("Save account");
+
+  return form("admin.php?mod=account", $form);
+}
+
+function account_save($edit) {
+  if ($edit[id]) {
+    // Updating existing account
     foreach ($edit as $key=>$value) {
       if ($key != "access") {
         $query .= "$key = '". addslashes($value) ."', ";
       }
     }
-    db_query("UPDATE users SET $query access = '' WHERE userid = '$name'");
 
     if ($edit[access]) {
       foreach ($edit[access] as $key=>$value) {
-        $account = user_load($name);
-        db_query("UPDATE users SET access = '". field_set($account->access, $value, 1) ."' WHERE id = $account->id");
+        $access = field_set($access, $value, 1);
       }
     }
-
-    watchdog("account", "account: modified user '$name'");
+    $query .= "access = '$access'";
+    
+    db_query("UPDATE users SET $query WHERE id = $edit[id]");
+    watchdog("account", "account: modified user '$edit[userid]'");
+    return $edit[userid];
   }
   else {
+    // Adding new account
     $edit[userid] = trim($edit[userid]);
     $edit[real_email] = trim($edit[real_email]);
-    $edit[name] = $edit[realname];
 
     if ($error = account_validate($edit)) {
-      return $error;
+      print status($error);
+      return 0;
     }
     else {
       $edit[passwd] = account_password();
       $edit[hash] = substr(md5("$edit[userid]. ". time()), 0, 12);
 
-      $user = user_save("", array("userid" => $edit[userid], "real_email" => $edit[real_email], "passwd" => $edit[passwd], "status" => 1, "hash" => $edit[hash]));
+      if ($edit[access]) {
+        foreach ($edit[access] as $key=>$value) {
+          $access = field_set($access, $value, 1);
+        }
+        $edit[access] = $access;
+      }
+
+      $user = user_save("", array("userid" => $edit[userid], "access" => $edit[access], "real_email" => $edit[real_email], "passwd" => $edit[passwd], "status" => $edit[status], "hash" => $edit[hash]));
 
       $link = path_uri() ."account.php?op=confirm&name=$edit[userid]&hash=$edit[hash]";
       $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
@@ -204,39 +217,11 @@ function account_save($edit, &$name) {
 
       watchdog("account", "new account: `$edit[userid]' &lt;$edit[real_email]&gt;");
 
-      mail($edit[real_email], $subject, $message, "From: noreply");
-      $name = $edit[userid];
-    }
-  }
-}
-
-function account_form($account = 0) {
-  global $access;
-
-  function access($name) {
-    global $access, $account;
-    if (module_hook($name, "admin")) $access .= "<OPTION VALUE=\"$name\"". (user_access($account, $name) ? " SELECTED" : "") .">$name</OPTION>";
-  }
-
-  module_iterate("access");
+      if ($edit[status] == 1) mail($edit[real_email], $subject, $message, "From: noreply");
 
-  $form .= $account->id ? form_item("ID", $account->id) : "";
-  $form .= $account->userid ? form_item(t("Username"), check_output($account->userid)) : form_textfield(t("Username"), "userid", "", 15, 15);
-  $form .= form_select(t("Status"), "status", ($account->status ? $account->status : 1), array("blocked", "not confirmed", "open"));
-  $form .= form_item(t("Administrator access"), "<SELECT NAME=\"edit[access][]\" MULTIPLE=\"true\" SIZE=\"10\">$access</SELECT>");
-  $form .= form_textfield(t("Real name"), "realname", $account->name, 30, 55);
-  $form .= form_textfield(t("Real e-mail address"), "real_email", $account->real_email, 30, 55);
-  $form .= form_textfield(t("Fake e-mail address"), "fake_email", $account->fake_email, 30, 55);
-  $form .= form_textfield(t("Homepage"), "url", $account->url, 30, 55);
-  $form .= form_textarea(t("Bio"), "bio", $account->bio, 35, 5);
-  $form .= form_textarea(t("Signature"), "signature", $account->signature, 35, 5);
-  if ($account) {
-    $form .= form_hidden("name", $account->userid);
-    $form .= form_submit("View account");
+      return $edit[userid];
+    }
   }
-  $form .= form_submit("Save account");
-
-  return form("admin.php?mod=account", $form);
 }
 
 function account_edit($name) {
@@ -339,8 +324,15 @@ function account_admin() {
       print search_data($keys, $mod);
       break;
     case "Save account":
-      print status(account_save($edit, $name));
-      print account_view($name);
+      $name = account_save($edit);
+      if ($name) 
+        print account_view($name);
+      else {
+        foreach ($edit as $key=>$value) {
+          $account->$key = $value;
+        }
+        print account_form($account);      
+      }
       break;
     case "View account":
     case "view":
author	natrak <>	2001-06-18 20:29:36 +0000
committer	natrak <>	2001-06-18 20:29:36 +0000
commit	6e64691450be0ec2a77fa7c6da74d67f4376db62 (patch)
tree	b9662698c8a45cc85f81c69449d7e1b9d7fa6616 /modules/account.module
parent	e381f5b34a195f35fde904ddd7d2a40cf795aecb (diff)
download	brdo-6e64691450be0ec2a77fa7c6da74d67f4376db62.tar.gz brdo-6e64691450be0ec2a77fa7c6da74d67f4376db62.tar.bz2