diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-08-11 14:54:39 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-08-11 14:54:39 +0000 |
| commit | 808b6b6cae71afd741023a0c08a6c925f2198752 (patch) | |
| tree | d17e890898959601d841227fecd538f135371bfc /account.php | |
| parent | 876536a955b783c4f82185dc45557ef3b1bd949f (diff) | |
| download | brdo-808b6b6cae71afd741023a0c08a6c925f2198752.tar.gz brdo-808b6b6cae71afd741023a0c08a6c925f2198752.tar.bz2 | |
- Changed the authentication and login scheme as discussed on the mailing
list.
- Fixed the export function in book.module (patch my Julian).
- Fixed the comment alignment (comments got truncated).
Diffstat (limited to 'account.php')
| -rw-r--r-- | account.php | 265 |
1 files changed, 164 insertions, 101 deletions
diff --git a/account.php b/account.php index f68ae948a..56532a1b3 100644 --- a/account.php +++ b/account.php @@ -4,51 +4,63 @@ include_once "includes/common.inc"; page_header(); -function account_get_user($uname) { - $result = db_query("SELECT * FROM users WHERE userid = '$uname'"); - return db_fetch_object($result); +function account_get_user($name) { + return db_fetch_object(db_query("SELECT * FROM users WHERE name = '". check_input($name) ."'")); } -function account_email() { - $output .= "<P>". t("Lost your password? Fill out your username and e-mail address, and your password will be mailed to you.") ."</P>\n"; - $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n"; - $output .= "<B>". t("Username") .":</B><BR>\n"; - $output .= "<INPUT NAME=\"userid\"><P>\n"; - $output .= "<B>". t("E-mail address") .":</B><BR>\n"; - $output .= "<INPUT NAME=\"email\"><P>\n"; - $output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"". t("E-mail new password") ."\">\n"; - $output .= "</FORM>\n"; - - return $output; +function account_email_form() { + global $REQUEST_URI; + + $output .= "<p>". t("Lost your password? Fill out your username and e-mail address, and your password will be mailed to you.") ."</p>\n"; + + $output .= form_textfield(t("Username"), "login", $edit[login], 30, 64, t("Enter your full name or username.")); + $output .= form_textfield(t("E-mail address"), "email", $edit[email], 30, 64, t("You will be sent a new password.")); + $output .= form_submit(t("E-mail new password")); + + return form($REQUEST_URI, $output); } -function account_create($error = "") { +function account_page() { global $theme; + $theme->header(); + + if (variable_get("account_register", 1)) { + $theme->box(t("Create user account"), account_create_form()); + } + + if (variable_get("account_password", 1)) { + $theme->box(t("E-mail new password"), account_email_form()); + } + + $theme->footer(); +} + +function account_create_form($edit = array(), $error = "") { + global $theme, $REQUEST_URI; + if ($error) { - $output .= "<P><FONT COLOR=\"red\">". t("Failed to create account") .": ". check_output($error) ."</FONT></P>\n"; - watchdog("account", "failed to create account: $error"); + $output .= "<p><font color=\"red\">". t("Failed to create new account") .": ". check_output($error) ."</font></p>\n"; + watchdog("account", "failed to create new account: $error"); } else { - $output .= "<P>". t("Registering allows you to comment, to moderate comments and pending submissions, to customize the look and feel of the site and generally helps you interact with the site more efficiently.") ."</P><P>". t("To create an account, simply fill out this form an click the 'Create account' button below. An e-mail will then be sent to you with instructions on how to validate your account.") ."</P>\n"; + $output .= "<p>". t("Registering allows you to comment, to moderate comments and pending submissions, to customize the look and feel of the site and generally helps you interact with the site more efficiently.") ."</p><p>". t("To create an account, simply fill out this form an click the 'Create new account' button below. An e-mail will then be sent to you with instructions on how to validate your account.") ."</p>\n"; } - $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n"; - $output .= "<B>". t("Username") .":</B><BR>\n"; - $output .= "<INPUT NAME=\"userid\"><BR>\n"; - $output .= "<SMALL><I>". t("Enter your desired username: only letters, numbers and common special characters are allowed.") ."</I></SMALL><P>\n"; - $output .= "<B>". t("E-mail address") .":</B><BR>\n"; - $output .= "<INPUT NAME=\"email\"><BR>\n"; - $output .= "<SMALL><I>". t("You will be sent instructions on how to validate your account via this e-mail address: make sure it is accurate.") ."</I></SMALL><P>\n"; - $output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"". t("Create account") ."\">\n"; - $output .= "</FORM>\n"; + $output .= form_textfield(t("Username"), "login", $edit[login], 30, 64, t("Enter your full name or username: only letters, numbers and common special characters like spaces are allowed.")); + $output .= form_textfield(t("E-mail address"), "email", $edit[email], 30, 64, t("You will be sent instructions on how to validate your account via this e-mail address: make sure it is accurate.")); + $output .= form_submit(t("Create new account")); - return $output; + return form($REQUEST_URI, $output); } function account_session_start($userid, $passwd) { global $user; - if ($userid && $passwd) $user = new User($userid, $passwd); + + if ($userid && $passwd) { + $user = new User($userid, $passwd); + } + if ($user->id) { if ($rule = user_ban($user->userid, "username")) { watchdog("account", "failed to login for '$user->userid': banned by $rule->type rule '$rule->mask'"); @@ -61,7 +73,9 @@ function account_session_start($userid, $passwd) { watchdog("account", "session opened for '$user->userid'"); } } - else watchdog("account", "failed to login for '$userid': invalid username - password combination"); + else { + watchdog("account", "failed to login for '$userid': invalid password"); + } } function account_session_close() { @@ -72,13 +86,17 @@ function account_session_close() { unset($user); } -function account_info_edit() { +function account_info_edit($error = 0) { global $theme, $user; if ($user->id) { - // construct form: - $form .= form_item(t("Username"), $user->userid, t("Required, unique, and can not be changed.")); - // $form .= form_textfield(t("Real name"), "name", $user->name, 30, 55, t("Optional")); + + if ($error) { + $form .= "<p><font color=\"red\">$error</font></p>\n"; + } + + $form .= form_textfield(t("Username"), "userid", $user->userid, 30, 55, t("Required, a unique name that can be used to log on.")); + $form .= form_textfield(t("Name"), "name", $user->name, 30, 55, t("Required, a unique name displayed with your contributions.")); $form .= form_item(t("Real e-mail address"), $user->real_email, t("Required, unique, can not be changed.") ." ". t("Your real e-mail address is never displayed publicly: only needed in case you lose your password.")); $form .= form_textfield(t("Fake e-mail address"), "fake_email", $user->fake_email, 30, 55, t("Optional") .". ". t("Displayed publicly so you may spam proof your real e-mail address if you want.")); $form .= form_textfield(t("Homepage"), "url", $user->url, 30, 55, t("Optional") .". ". t("Make sure you enter fully qualified URLs only. That is, remember to include \"http://\".")); @@ -87,23 +105,32 @@ function account_info_edit() { $form .= form_item(t("Password"), "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"> <INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\">", t("Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.")); $form .= form_submit(t("Save user information")); - // display form: $theme->header(); $theme->box(t("Edit user information"), form("account.php", $form)); $theme->footer(); } else { - $theme->header(); - $theme->box(t("Create user account"), account_create()); - $theme->box(t("E-mail new password"), account_email()); - $theme->footer(); + account_page(); } } function account_info_save($edit) { global $user; - if ($user->id) { - $user = user_save($user, array("name" => $edit[name], "fake_email" => $edit[fake_email], "url" => $edit[url], "bio" => $edit[bio], "signature" => $edit[signature])); + + if ($error = user_validate_name($edit[userid])) { + return t("Invalid name") .": $error"; + } + else if ($error = user_validate_name($edit[name])) { + return t("Invalid name") .": $error"; + } + else if (db_num_rows(db_query("SELECT userid FROM users WHERE id != '$user->id' AND (LOWER(userid) = LOWER('$edit[userid]') OR LOWER(name) = LOWER('$edit[userid]'))")) > 0) { + return t("Invalid username") .": the username '$edit[userid]' is already taken."; + } + else if (db_num_rows(db_query("SELECT name FROM users WHERE id != '$user->id' AND (LOWER(userid) = LOWER('$edit[name]') OR LOWER(name) = LOWER('$edit[name]'))")) > 0) { + return t("Invalid name") .": the name '$edit[name]' is already taken."; + } + else if ($user->id) { + $user = user_save($user, array("userid" => $edit[userid], "name" => $edit[name], "fake_email" => $edit[fake_email], "url" => $edit[url], "bio" => $edit[bio], "signature" => $edit[signature])); if ($edit[pass1] && $edit[pass1] == $edit[pass2]) $user = user_save($user, array("passwd" => $edit[pass1])); } } @@ -112,7 +139,6 @@ function account_settings_edit() { global $cmodes, $corder, $theme, $themes, $languages, $user; if ($user->id) { - // construct form: foreach ($themes as $key=>$value) $options .= "<OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>\n"; $form .= form_item(t("Theme"), "<SELECT NAME=\"edit[theme]\">$options</SELECT>", t("Selecting a different theme will change the look and feel of the site.")); for ($zone = -43200; $zone <= 46800; $zone += 3600) $zones[$zone] = date("l, F dS, Y - h:i A", time() - date("Z") + $zone) ." (GMT ". $zone / 3600 .")"; @@ -125,24 +151,22 @@ function account_settings_edit() { $form .= form_select(t("Comment filter"), "threshold", $user->threshold, $threshold, t("Comments that scored less than this threshold setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.")); $form .= form_submit(t("Save site settings")); - // display form: $theme->header(); $theme->box(t("Edit your preferences"), form("account.php", $form)); $theme->footer(); } else { - $theme->header(); - if (variable_get("account_register", 1)) $theme->box(t("Create user account"), account_create()); - $theme->box(t("E-mail new password"), account_email()); - $theme->footer(); + account_page(); } } function account_settings_save($edit) { global $user; + if ($user->id) { $user = user_save($user, array("theme" => $edit[theme], "timezone" => $edit[timezone], "language" => $edit[language], "nodes" => $edit[nodes], "mode" => $edit[mode], "sort" => $edit[sort], "threshold" => $edit[threshold])); } + } function account_blocks_edit() { @@ -153,7 +177,7 @@ function account_blocks_edit() { $result = db_query("SELECT * FROM blocks WHERE status = 1 ORDER BY module"); while ($block = db_fetch_object($result)) { $entry = db_fetch_object(db_query("SELECT * FROM layout WHERE block = '". check_input($block->name) ."' AND user = '$user->id'")); - $options .= "<INPUT TYPE=\"checkbox\" NAME=\"edit[$block->name]\"". ($entry->user ? " CHECKED" : "") ."> ". t($block->name) ."<BR>\n"; + $options .= "<input type=\"checkbox\" name=\"edit[$block->name]\"". ($entry->user ? " checked=\"checked\"" : "") ." /> ". t($block->name) ."<br />\n"; } $form .= form_item(t("Blocks in side bars"), $options, t("Enable the blocks you would like to see displayed in the side bars.")); @@ -165,10 +189,7 @@ function account_blocks_edit() { $theme->footer(); } else { - $theme->header(); - $theme->box(t("Create user account"), account_create()); - $theme->box(t("E-mail new password"), account_email()); - $theme->footer(); + account_page(); } } @@ -182,13 +203,13 @@ function account_blocks_save($edit) { } } -function account_user($uname) { +function account_user($name) { global $user, $theme; - if ($user->id && $user->userid == $uname) { + if ($user->id && $user->name == $name) { $output .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("Username") .":</B></TD><TD>$user->userid</TD></TR>\n"; - $output .= " <TR><TD ALIGN=\"right\"><B>". t("Real name") .":</B></TD><TD>". check_output($user->name) ."</TD></TR>\n"; + $output .= " <TR><TD ALIGN=\"right\"><B>". t("Name") .":</B></TD><TD>". check_output($user->name) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("E-mail") .":</B></TD><TD>". format_email($user->fake_email) ."</A></TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("Homepage") .":</B></TD><TD>". format_url($user->url) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>". t("Bio") .":</B></TD><TD>". check_output($user->bio, 1) ."</TD></TR>\n"; @@ -200,19 +221,19 @@ function account_user($uname) { $theme->box(t("Personal information"), $output); $theme->footer(); } - elseif ($uname && $account = account_get_user($uname)) { + elseif ($name && $account = account_get_user($name)) { $theme->header(); // Display account information: $output .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("Username") .":</B></TD><TD>". check_output($account->userid) ."</TD></TR>\n"; - $output .= " <TR><TD ALIGN=\"right\"><B>". t("Real name") .":</B></TD><TD>". check_output($account->name) ."</TD></TR>\n"; + $output .= " <TR><TD ALIGN=\"right\"><B>". t("Name") .":</B></TD><TD>". check_output($account->name) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("E-mail") .":</B></TD><TD>". format_email($account->fake_email) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("Homepage") .":</B></TD><TD>". format_url($account->url) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>". t("Bio") .":</B></TD><TD>". check_output($account->bio) ."</TD></TR>\n"; $output .= "</TABLE>\n"; - $theme->box(strtr(t("%a's user information"), array("%a" => $uname)), $output); + $theme->box(strtr(t("%a's user information"), array("%a" => $name)), $output); // Display contributions: if (user_access("access contents")) { @@ -227,7 +248,7 @@ function account_user($uname) { $nodes .= "<P>\n"; } - $theme->box(strtr(t("%a's contributions"), array("%a" => $uname)), ($nodes ? $nodes : t("Not posted any nodes."))); + $theme->box(strtr(t("%a's contributions"), array("%a" => $name)), ($nodes ? $nodes : t("Not posted any nodes."))); } if (user_access("access comments")) { @@ -244,44 +265,54 @@ function account_user($uname) { $comments .= " </UL>\n"; } - $theme->box(strtr(t("%a's comments"), array("%a" => $uname)), ($comments ? $comments : t("Not posted any comments."))); + $theme->box(strtr(t("%a's comments"), array("%a" => $name)), ($comments ? $comments : t("Not posted any comments."))); } $theme->footer(); } else { - // Display login form: - $theme->header(); - if (variable_get("account_register", 1)) $theme->box(t("Create user account"), account_create()); - $theme->box(t("E-mail new password"), account_email()); - $theme->footer(); + account_page(); } } -function account_email_submit($userid, $email) { +function account_email_submit($edit) { global $theme; - $result = db_query("SELECT id FROM users WHERE userid = '$userid' AND real_email = '$email'"); + $result = db_query("SELECT id FROM users WHERE (userid = '". check_input($edit[login]) ."' OR name = '". check_input($edit[login]) ."') AND real_email = '". check_input($edit[email]) ."'"); if ($account = db_fetch_object($result)) { + + /* + ** Generate a password and a confirmation hash: + */ + $passwd = user_password(); $hash = substr(md5("$userid. ". time() .""), 0, 12); $status = 1; - db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '$userid'"); + /* + ** Update the user account in the database: + */ - $link = path_uri() ."account.php?op=confirm&name=$userid&hash=$hash"; - $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal"))); - $message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $userid, "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $passwd)); + db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '". check_input($edit[login]) ."'"); - watchdog("account", "new password: `$userid' <$email>"); + /* + ** Send out an e-mail with the account details: + */ + + $link = path_uri() ."account.php?op=confirm&name=". urlencode($edit[login]) ."&hash=$hash"; + $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal"))); + $message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $edit[login], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $passwd)); mail($email, $subject, $message, "From: noreply"); + watchdog("account", "new password: `$edit[login]' <$edit[email]>"); + $output = t("Your password and further instructions have been sent to your e-mail address."); } else { - watchdog("account", "new password: '$userid' and <$email> do not match"); + watchdog("account", "new password: '$edit[login]' and <$edit[email]> do not match"); + $output = t("Could not sent password: no match for the specified username and e-mail address."); } @@ -290,33 +321,61 @@ function account_email_submit($userid, $email) { $theme->footer(); } -function account_create_submit($userid, $email) { +function account_create_submit($edit) { global $theme, $HTTP_HOST, $REQUEST_URI; - $new[userid] = $userid; - $new[real_email] = $email; + if (variable_get("account_register", 1)) { - if ($error = user_validate($new)) { $theme->header(); - $theme->box(t("Create user account"), account_create($error)); - $theme->footer(); - } - else { - $new[passwd] = user_password(); - $new[hash] = substr(md5("$new[userid]. ". time()), 0, 12); - $user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "role" => "authenticated user", "status" => 1, "hash" => $new[hash])); + if ($error = user_validate_name($edit[login])) { + $theme->box(t("Create user account"), account_create_form($edit, $error)); + } + else if ($error = user_validate_mail($edit[email])) { + $theme->box(t("Create user account"), account_create_form($edit, $error)); + } + else if ($ban = user_ban($edit[login], "username")) { + $theme->box(t("Create user account"), account_create_form($edit, t("the username '$edit[login]' is banned") .": <i>$ban->reason</i>.")); + } + else if ($ban = user_ban($edit[real_email], "e-mail address")) { + $theme->box(t("Create user account"), account_create_form($edit, t("the username '$edit[email]' is banned") .": <i>$ban->reason</i>.")); + } + else if (db_num_rows(db_query("SELECT userid FROM users WHERE (LOWER(userid) = LOWER('$edit[login]') OR LOWER(name) = LOWER('$edit[login]'))")) > 0) { + $theme->box(t("Create user account"), account_create_form($edit, t("the username '$edit[login]' is already taken."))); + } + else if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$edit[email]')")) > 0) { + $theme->box(t("Create user account"), account_create_form($edit, t("the e-mail address '$edit[email]' is already in use by another account."))); + } + else { - $link = path_uri() ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]"; - $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal"))); - $message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a bundle and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $new[userid], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $new[passwd])); + /* + ** Generate a password and a confirmation hash: + */ - watchdog("account", "new account: `$new[userid]' <$new[real_email]>"); + $edit[passwd] = user_password(); + $edit[hash] = substr(md5("$new[userid]. ". time()), 0, 12); - mail($new[real_email], $subject, $message, "From: noreply"); + /* + ** Create the new user account in the database: + */ + + $user = user_save("", array("userid" => $edit[login], "name" => $edit[login], "real_email" => $edit[email], "passwd" => $edit[passwd], "role" => "authenticated user", "status" => 1, "hash" => $edit[hash])); + + /* + ** Send out an e-mail with the account details: + */ + + $link = path_uri() ."account.php?op=confirm&name=". urlencode($edit[login]) ."&hash=$edit[hash]"; + $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal"))); + $message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a bundle and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $edit[login], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $edit[passwd])); + + mail($edit[email], $subject, $message, "From: noreply"); + + watchdog("account", "new account: `$edit[login]' <$edit[email]>"); + + $theme->box(t("Create user account"), t("Congratulations! Your member account has been successfully created and further instructions on how to confirm your account have been sent to your e-mail address. You have to confirm your account first or you will not be able to login.")); + } - $theme->header(); - $theme->box(t("Create user account"), t("Congratulations! Your member account has been successfully created and further instructions on how to confirm your account have been sent to your e-mail address. You have to confirm your account first or you will not be able to login.")); $theme->footer(); } } @@ -407,7 +466,7 @@ function account_track_site() { $cresult = db_query("SELECT c.subject, c.cid, c.pid, u.userid, u.name FROM comments c LEFT JOIN users u ON u.id = c.author WHERE c.lid = $node->nid ORDER BY c.timestamp DESC LIMIT $node->count"); $output .= "<UL>\n"; while ($comment = db_fetch_object($cresult)) { - $output .= " <LI>'<A HREF=\"node.php?id=$node->nid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A>' ". t("by") ." ". format_username($comment->userid, $comment->name) ."</LI>\n"; + $output .= " <LI>'<A HREF=\"node.php?id=$node->nid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A>' ". t("by") ." ". format_name($comment->name) ."</LI>\n"; } $output .= "</UL>\n"; } @@ -422,7 +481,7 @@ function account_track_site() { $output .= "<TABLE BORDER=\"0\" CELLSPACING=\"4\" CELLPADDING=\"4\">\n"; $output .= " <TR><TH>". t("Subject") ."</TH><TH>". t("Author") ."</TH><TH>". t("Type") ."</TH><TH>". t("Status") ."</TH></TR>\n"; while ($node = db_fetch_object($result)) { - $output .= " <TR><TD><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A></TD><TD ALIGN=\"center\">". format_username($node->userid, $node->name) ."</TD><TD ALIGN=\"center\">$node->type</TD><TD>". node_status($node->status) ."</TD></TR>"; + $output .= " <TR><TD><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A></TD><TD ALIGN=\"center\">". format_name($node->name) ."</TD><TD ALIGN=\"center\">$node->type</TD><TD>". node_status($node->status) ."</TD></TR>"; } $output .= "</TABLE>"; } @@ -434,14 +493,18 @@ function account_track_site() { switch ($op) { case t("E-mail new password"): - account_email_submit(check_input($userid), check_input($email)); + account_email_submit($edit); break; - case t("Create account"): - if (variable_get("account_register", 1)) account_create_submit(check_input($userid), check_input($email)); + case t("Create new account"): + account_create_submit($edit); break; case t("Save user information"): - account_info_save($edit); - account_user($user->userid); + if ($error = account_info_save($edit)) { + account_info_edit($error); + } + else { + account_user($user->name); + } break; case t("Save site settings"): account_settings_save($edit); @@ -449,7 +512,7 @@ switch ($op) { break; case t("Save block settings"): account_blocks_save($edit); - account_user($user->userid); + account_user($user->name); break; case "confirm": account_create_confirm(check_input($name), check_input($hash)); @@ -465,7 +528,7 @@ switch ($op) { case "view": switch ($type) { case "information": - account_user($user->userid); + account_user($user->name); break; case "site": account_track_site(); @@ -493,7 +556,7 @@ switch ($op) { } break; default: - account_user($user->userid); + account_user($user->name); } page_footer(); |