summaryrefslogtreecommitdiff
path: root/modules/user.module
diff options
context:
space:
mode:
Diffstat (limited to 'modules/user.module')
-rw-r--r--modules/user.module228
1 files changed, 165 insertions, 63 deletions
diff --git a/modules/user.module b/modules/user.module
index 68d25921a..1dbc33daf 100644
--- a/modules/user.module
+++ b/modules/user.module
@@ -78,12 +78,13 @@ function user_save($account, $array = array()) {
$query .= "data = '%s', ";
$v[] = serialize($data);
- db_query("UPDATE {users} SET $query timestamp = %d WHERE uid = %d", array_merge($v, array(time(), $account->uid)));
+ db_query("UPDATE {users} SET $query changed = %d WHERE uid = %d", array_merge($v, array(time(), $account->uid)));
$user = user_load(array('uid' => $account->uid));
}
else {
- $array['timestamp'] = time();
+ $array['created'] = time();
+ $array['changed'] = time();
$array['uid'] = db_next_id("{users}_uid");
foreach ($array as $key => $value) {
@@ -112,11 +113,11 @@ function user_save($account, $array = array()) {
$user = user_load(array('name' => $array['name']));
- module_invoke_all('user', "insert", $array, $user);
+ module_invoke_all('user', 'insert', $array, $user);
}
foreach ($array as $key => $value) {
- if (substr($key, 0, 4) == "auth") {
+ if (substr($key, 0, 4) == 'auth') {
$authmaps[$key] = $value;
}
}
@@ -136,7 +137,7 @@ function user_validate_name($name) {
if (!$name) return t("You must enter a username.");
if (substr($name, 0, 1) == ' ') return t("The username cannot begin with a space.");
if (substr($name, -1) == ' ') return t("The username cannot end with a space.");
- if (ereg(" ", $name)) return t("The username cannot contain multiple spaces in a row.");
+ if (ereg(' ', $name)) return t("The username cannot contain multiple spaces in a row.");
if (ereg('[^ [:alnum:]@_.-]', $name)) return t("The username contains an illegal character.");
if (ereg('@', $name) && !eregi('@([0-9a-z](-?[0-9a-z])*.)+[a-z]{2}([zmuvtg]|fo|me)?$', $name)) return t("The username is not a valid authentication ID.");
if (strlen($name) > 56) return t("The username '%name' is too long: it must be less than 56 characters.", array("%name" => $name));
@@ -149,6 +150,35 @@ function user_validate_mail($mail) {
}
}
+function user_validate_picture($file, &$edit, $user) {
+
+ // initialize the picture:
+ $edit['picture'] = $user->picture;
+
+ // check that uploaded file is an image, with a maximum file size and maximum height/width
+ $extension = strtolower(strrchr($file->name, "."));
+ $size = getimagesize($file->path);
+ list($maxwidth, $maxheight) = explode("x", variable_get('user_picture_dimensions', "85x85"));
+
+ if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
+ $error = t("The uploaded file was not an image.");
+ }
+ else if ($file->size > (variable_get('user_picture_file_size', "30") * 1000)) {
+ $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get('user_picture_file_size', "30")));
+ }
+ else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
+ $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get('user_picture_dimensions', "85x85")));
+ }
+ else if ($file = file_save_upload('picture', variable_get('user_picture_path', "pictures") . FILE_SEPARATOR .'picture-'. $user->uid . $extension, 1)) {
+ $edit['picture'] = $file->path;
+ }
+ else {
+ $error = t("Failed to upload the picture image; the '%directory' directory doesn't exist.", array("%directory" => variable_get('user_picture_path', "pictures")));
+ }
+
+ return $error;
+}
+
function user_validate_authmap($account, $authname, $module) {
$result = db_query("SELECT COUNT(*) from {authmap} WHERE uid != %d AND authname = '%s'", $account->uid, $authname);
if (db_result($result) > 0) {
@@ -281,7 +311,7 @@ function user_fields() {
}
else {
// Make sure we return the default fields at least
- $fields = array('uid', 'name', 'pass', "mail", "mode", "sort", "threshold", "theme", "signature", "timestamp", "status", "timezone", "language", "init", "data", "rid");
+ $fields = array('uid', 'name', 'pass', "mail", "picture", "mode", "sort", "threshold", "theme", "signature", "created", "changed", "status", "timezone", "language", "init", "data", "rid");
}
}
@@ -428,6 +458,42 @@ function user_block($op = "list", $delta = 0) {
}
}
+function theme_user_picture($account) {
+ if (variable_get('user_pictures', 0)) {
+ if ($account->picture && file_exists($account->picture)) {
+ $picture = file_create_url($account->picture);
+ }
+ else if (variable_get('user_picture_default', '')) {
+ $picture = variable_get('user_picture_default', '');
+ }
+
+ if ($picture) {
+ $picture = "<img src=\"$picture\" alt=\"" . t("%user's picture", array("%user" => $account->name ? $account->name : t(variable_get("anonymous", "Anonymous")))) . "\" />";
+ if ($account->uid) {
+ $picture = l($picture, "user/view/$account->uid", array("title" => t("View user profile.")));
+ }
+
+ return "<div class=\"picture\">$picture</div>";
+ }
+ }
+}
+
+function theme_user_profile($account) {
+ $output = "<div class=\"profile\">\n";
+ $output .= theme('user_picture', $account);
+ $output .= form_item(t('Name'), $account->name);
+ $output .= implode("\n", module_invoke_all('user', 'view', '', $account));
+ $output .= form_item(t('Member for'), format_interval(time() - $account->created));
+
+ if (user_access("administer users")) {
+ $output .= form_item(t("Administration"), l(t("edit account"), "admin/user/edit/$account->uid"));
+ }
+
+ $output .= "</div>\n";
+
+ return $output;
+}
+
function theme_user_list($items, $title = NULL) {
return theme("item_list", $items, $title);
}
@@ -595,7 +661,7 @@ function user_login($edit = array(), $msg = "") {
watchdog('user', "session opened for '$user->name'");
// update the user table timestamp noting user has logged in
- db_query("UPDATE {users} SET timestamp = '%d' WHERE uid = '%s'", time(), $user->uid);
+ db_query("UPDATE {users} SET changed = '%d' WHERE uid = '%s'", time(), $user->uid);
user_module_invoke("login", $edit, $user);
@@ -685,7 +751,7 @@ function user_logout() {
*/
session_destroy();
- module_invoke_all('user', "logout", NULL, $user);
+ module_invoke_all('user', 'logout', NULL, $user);
unset($user);
}
@@ -884,7 +950,15 @@ function user_edit($edit = array()) {
else if ($edit['mail'] && db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('%s')", $edit['mail'])) > 0) {
$error = t("The e-mail address '%s' is already taken.", array("%s" => $edit['mail']));
}
- else if ($user->uid) {
+ else {
+ /*
+ ** If required, validate the picture.
+ */
+
+ if ($file = file_check_upload('picture')) {
+ $error = user_validate_picture($file, $edit, $user);
+ }
+
/*
** If required, check that proposed passwords match. If so,
** add new password to $edit.
@@ -922,7 +996,7 @@ function user_edit($edit = array()) {
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
- $result = module_invoke($module, 'user', "edit_validate", $edit, $user);
+ $result = module_invoke($module, 'user', 'validate', $edit, $user);
}
if (is_array($result)) {
$data = array_merge($data, $result);
@@ -940,7 +1014,7 @@ function user_edit($edit = array()) {
$user = user_save($user, array_merge($edit, $data));
- drupal_set_message(t("your user information changes have been saved."));
+ drupal_set_message(t('your user information changes have been saved.'));
}
}
}
@@ -953,15 +1027,25 @@ function user_edit($edit = array()) {
$edit = object2array($user);
}
- $output = form_textfield(t("Username"), 'name', $edit['name'], 30, 55, t("Your full name or your preferred username: only letters, numbers and spaces are allowed."));
- $output .= form_textfield(t("E-mail address"), "mail", $edit['mail'], 30, 55, t("Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail."));
- $output .= form_item(t("Password"), "<input type=\"password\" name=\"edit[pass1]\" size=\"12\" maxlength=\"24\" /> <input type=\"password\" name=\"edit[pass2]\" size=\"12\" maxlength=\"24\" />", t("Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password."));
- $output = form_group(t('Account information'), $output);
+ $group = form_textfield(t("Username"), 'name', $edit['name'], 30, 55, t("Your full name or your preferred username: only letters, numbers and spaces are allowed."));
+ $group .= form_textfield(t("E-mail address"), "mail", $edit['mail'], 30, 55, t("Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail."));
+ $group .= form_item(t("Password"), "<input type=\"password\" name=\"edit[pass1]\" size=\"12\" maxlength=\"24\" /> <input type=\"password\" name=\"edit[pass2]\" size=\"12\" maxlength=\"24\" />", t("Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password."));
+ $output = form_group(t('Account information'), $group);
+
+ if (variable_get('user_pictures', 0)) {
+ $group = '';
+ if (file_exists($user->picture)) {
+ $group .= '<img src="'. file_create_url($edit['picture']) .'" alt="" title="" />';
+ }
+ $group .= form_file(t('Upload picture or picture'), 'picture', 48, t("Your virtual face or picture. Maximum dimensions are %dimensions and the maximum size is %size kB.", array("%dimensions" => variable_get('user_picture_dimensions', "85x85"), "%size" => variable_get('user_picture_file_size', "30"))) ." ". variable_get('user_picture_guidelines', ''));
+ $output .= form_group(t('Picture'), $group);
+ }
+
$output .= _user_profile($edit, $user);
$output .= form_submit(t("Save user information"));
$output = form($output, "post", 0, array("enctype" => "multipart/form-data"));
- // the "enctype" attribute is required to upload files such as avatars
+ // the "enctype" attribute is required to upload files such as pictures
}
else {
$output = user_login();
@@ -973,7 +1057,7 @@ function user_edit($edit = array()) {
function _user_profile($edit, $account) {
foreach (module_list() as $module) {
- if ($data = module_invoke($module, 'user', 'edit_form', $edit, $account)) {
+ if ($data = module_invoke($module, 'user', 'edit', $edit, $account)) {
foreach ($data as $title => $form) {
$groups[$title] .= $form;
}
@@ -991,37 +1075,27 @@ function _user_profile($edit, $account) {
function user_view($uid = 0) {
global $user;
- if (!$uid) {
- $uid = $user->uid;
- }
-
- if ($user->uid && $user->uid == $uid) {
- $output = form_item(t("Name"), "$user->name ($user->init)");
- $output .= form_item(t("E-mail address"), $user->mail, t("Please note that only you can see your own e-mail address - it is not publicly visible."));
-
- $output .= implode("\n", module_invoke_all('user', "view_private", "", $user));
-
- print theme('page', $output, $user->name);
- }
- else if ($uid && $account = user_load(array('uid' => $uid, "status" => 1))) {
- $output = form_item(t("Name"), $account->name);
-
- $output .= implode("\n", module_invoke_all('user', "view_public", "", $account));
-
- if (user_access("administer users")) {
- $output .= form_item(t("Administration"), l(t("edit account"), "admin/user/edit/$account->uid"));
+ if ($uid == 0) {
+ if ($user->uid) {
+ print theme('page', theme('user_profile', $user), $user->name);
}
+ else {
+ $output = user_login();
+ if (variable_get("user_register", 1)) {
+ $output .= user_register();
+ }
+ $output .= user_pass();
- print theme('page', $output, $account->name);
+ print theme('page', $output, t("User login"));
+ }
}
else {
- $output = user_login();
- if (variable_get("user_register", 1)) {
- $output .= user_register();
+ if ($account = user_load(array('uid' => $uid, "status" => 1))) {
+ print theme('page', theme('user_profile', $account), $account->name);
+ }
+ else {
+ drupal_not_found();
}
- $output .= user_pass();
-
- print theme('page', $output, t("User login"));
}
}
@@ -1124,6 +1198,20 @@ function user_settings() {
$group .= form_textarea(t("Body of password recovery e-mail"), "user_mail_pass_body", _user_mail_text("pass_body"), 70, 10, t("Customize the body of the forgotten password e-mail.") ." ". t("Available variables are:") ." %username, %site, %password, %uri, %uri_brief, %mailto, %login_uri, %edit_uri.");
$output .= form_group(t("User email settings"), $group);
+ // picture settings:
+ if (!file_check_directory(file_create_path(variable_get('user_picture_path', 'pictures')))) {
+ $error = theme('error', t('The picture directory does not exist, or is not writable.'));
+ }
+
+ $group = form_radios(t('Picture support'), 'user_pictures', variable_get('user_pictures', 0), array(t('Disabled'), t('Enabled')), t('Enable picture support.'));
+ $group .= form_textfield(t("Picture image path"), 'user_picture_path', variable_get('user_picture_path', "pictures"), 45, 255, t("Subdirectory in the directory '%dir' where pictures will be stored.", array('%dir' => variable_get('file_directory_path', 'files') . FILE_SEPARATOR)) . $error);
+ $group .= form_textfield(t('Default picture'), 'user_picture_default', variable_get('user_picture_default', ''), 45, 255, t('URL of picture to display for users with no custom picture selected. Leave blank for none.'));
+ $group .= form_textfield(t("Picture maximum dimensions"), 'user_picture_dimensions', variable_get('user_picture_dimensions', "85x85"), 10, 10, t("Maximum dimensions for pictures."));
+ $group .= form_textfield(t("Picture maximum file size"), 'user_picture_file_size', variable_get('user_picture_file_size', "30"), 10, 10, t("Maximum file size for pictures, in kB."));
+ $group .= form_textarea(t("Picture guidelines"), 'user_picture_guidelines', variable_get('user_picture_guidelines', ''), 70, 4, t("This text is displayed at the picture upload form in addition to the default guidelines. It's useful for helping or instructing your users."));
+
+ $output .= form_group(t('Pictures'), $group);
+
// "Who's online" block settings
$period = drupal_map_assoc(array(30, 60, 120, 180, 300, 600, 900, 1800, 2700, 3600, 5400, 7200, 10800, 21600, 43200, 86400), "format_interval");
$group = form_select(t("User activity"), "user_block_seconds_online", variable_get("user_block_seconds_online", 900), $period, t("Affects \"Who's online\" block. A user is considered online for this long after they have last viewed a page."));
@@ -1270,7 +1358,7 @@ function user_admin_perm($edit = array()) {
** Compile permission array:
*/
- $perms = module_invoke_all("perm");
+ $perms = module_invoke_all('perm');
asort($perms);
/*
@@ -1376,7 +1464,7 @@ function user_admin_edit($edit = array()) {
if ($op == t("Save account")) {
foreach (module_list() as $module) {
if (module_hook($module, 'user')) {
- $result = module_invoke($module, 'user', "edit_validate", $edit, $account);
+ $result = module_invoke($module, 'user', 'validate', $edit, $account);
}
if (is_array($result)) {
$data = array_merge($data, $result);
@@ -1402,6 +1490,14 @@ function user_admin_edit($edit = array()) {
}
/*
+ ** If required, validate the picture.
+ */
+
+ if ($file = file_check_upload('picture')) {
+ $error = user_validate_picture($file, $edit, $account);
+ }
+
+ /*
** If required, check that proposed passwords match. If so,
** add new password to $edit.
*/
@@ -1429,7 +1525,7 @@ function user_admin_edit($edit = array()) {
db_query("DELETE FROM {users} WHERE uid = %d", $account->uid);
db_query("DELETE FROM {authmap} WHERE uid = %d", $account->uid);
drupal_set_message(t("the account has been deleted."));
- module_invoke_all('user', "delete", $account, $user);
+ module_invoke_all('user', 'delete', $account, $user);
}
else {
$error = t("Failed to delete account: the account has to be blocked first.");
@@ -1445,14 +1541,24 @@ function user_admin_edit($edit = array()) {
** Display user form:
*/
- $output .= form_item(t("User ID"), $account->uid);
- $output .= form_textfield(t("Username"), 'name', $account->name, 30, 55, t("Your full name or your preferred username: only letters, numbers and spaces are allowed."));
- $output .= form_textfield(t("E-mail address"), "mail", $account->mail, 30, 55, t("Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail."));
- $output .= form_item(t("Password"), "<input type=\"password\" name=\"edit[pass1]\" size=\"12\" maxlength=\"24\" /> <input type=\"password\" name=\"edit[pass2]\" size=\"12\" maxlength=\"24\" />", t("Enter a new password twice if you want to change the current password for this user or leave it blank if you are happy with the current password."));
- $output .= form_radios(t("Status"), "status", $account->status, array(t("Blocked"), t("Active")));
- $output .= form_radios(t("Role"), "rid", $account->rid, user_roles(1));
+ $group = form_item(t("User ID"), $account->uid);
+ $group .= form_textfield(t("Username"), 'name', $account->name, 30, 55, t("Your full name or your preferred username: only letters, numbers and spaces are allowed."));
+ $group .= form_textfield(t("E-mail address"), "mail", $account->mail, 30, 55, t("Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail."));
+ $group .= form_item(t("Password"), "<input type=\"password\" name=\"edit[pass1]\" size=\"12\" maxlength=\"24\" /> <input type=\"password\" name=\"edit[pass2]\" size=\"12\" maxlength=\"24\" />", t("Enter a new password twice if you want to change the current password for this user or leave it blank if you are happy with the current password."));
+ $group .= form_radios(t("Status"), "status", $account->status, array(t("Blocked"), t("Active")));
+ $group .= form_radios(t("Role"), "rid", $account->rid, user_roles(1));
+
+ $output = form_group(t('Account information'), $group);
+
+ if (variable_get('user_pictures', 0)) {
+ $group = '';
+ if (file_exists($account->picture)) {
+ $group .= '<img src="'. file_create_url($account->picture) .'" alt="" title="" />';
+ }
+ $group .= form_file(t('Upload picture or picture'), 'picture', 48, t("Maximum dimensions are %dimensions and the maximum size is %size kB.", array("%dimensions" => variable_get('user_picture_dimensions', "85x85"), "%size" => variable_get('user_picture_file_size', "30"))));
+ $output .= form_group(t('Picture'), $group);
+ }
- $output = form_group(t('Account information'), $output);
$output .= _user_profile($edit, $account);
$output .= form_submit(t("Save account"));
@@ -1473,16 +1579,16 @@ function user_admin_account() {
array("data" => t("username"), "field" => "u.name"),
array("data" => t("status"), "field" => "u.status"),
array("data" => t("role"), "field" => "u.rid"),
- array("data" => t("last access"), "field" => "u.timestamp", "sort" => "desc"),
+ array("data" => t("last access"), "field" => "u.changed", "sort" => "desc"),
t("operations")
);
- $sql = "SELECT u.uid, u.name, u.status, u.timestamp, r.name AS rolename FROM {role} r INNER JOIN {users} u ON r.rid = u.rid WHERE uid != 0";
+ $sql = "SELECT u.uid, u.name, u.status, u.changed, r.name AS rolename FROM {role} r INNER JOIN {users} u ON r.rid = u.rid WHERE uid != 0";
$sql .= tablesort_sql($header);
$result = pager_query($sql, 50);
$status = array(t("blocked"), t("active"));
while ($account = db_fetch_object($result)) {
- $rows[] = array($account->uid, format_name($account), $status[$account->status], $account->rolename, format_date($account->timestamp, "small"), l(t("edit account"), "admin/user/edit/$account->uid"));
+ $rows[] = array($account->uid, format_name($account), $status[$account->status], $account->rolename, format_date($account->changed, "small"), l(t("edit account"), "admin/user/edit/$account->uid"));
}
$pager = theme("pager", NULL, 50, 0, tablesort_pager());
@@ -1692,18 +1798,14 @@ function user_help($section = "admin/help#user") {
function julia_user(\$type, \$edit, &\$user) {
// What type of registration action are we taking?
switch (\$type) {
- case t(\"view_public\"):
- // when others look at user data
- return form_item(\"Favorite Ingredient\", \$user->julia_favingredient);
- case t(\"view_private\"):
- // when user tries to view his own user page.
+ case t(\"view\"):
return form_item(\"Favorite Ingredient\", \$user->julia_favingredient);
- case t(\"edit_form\"):
+ case t(\"edit\"):
// when user tries to edit his own user page.
return form_textfield(\"Favorite Ingredient\", \"julia_favingredient\",
\$user->julia_favingredient, 50, 65,
\"Tell everyone your secret spice\");
- case t(\"edit_validate\"): // Make sure the data they edited is \"valid\".
+ case t(\"validate\"): // Make sure the data they edited is \"valid\".
return user_save(\$user, array(\"julia_favingredient\" => \$edit[\"julia_favingredient\"]));
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-22 14:57:45 +0000