diff options
Diffstat (limited to 'modules/user/user.module')
| -rw-r--r-- | modules/user/user.module | 115 |
1 files changed, 101 insertions, 14 deletions
diff --git a/modules/user/user.module b/modules/user/user.module index d16d04264..24a67d170 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -70,6 +70,13 @@ function user_load($array = array()) { $result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3 LIMIT 1"); $user = db_fetch_object($result); + if ($data = unserialize($user->data)) { + foreach ($data as $key => $value) { + if (!isset($user->$key)) { + $user->$key = $value; + } + } + } return $user; @@ -82,14 +89,21 @@ function user_save($account, $array = array()) { */ if ($account->uid) { + $data = unserialize(db_result(db_query("SELECT data FROM users WHERE uid = '$account->uid'"))); foreach ($array as $key => $value) { if ($key == "pass") { $query .= "$key = '". md5($value) ."', "; } else if (substr($key, 0, 4) !== "auth") { - $query .= "$key = '". addslashes($value) ."', "; + if (in_array($key, user_fields())) { + $query .= "$key = '". check_query($value) ."', "; + } + else { + $data[$key] = $value; + } } } + $query .= "data = '". check_query(serialize($data)) ."', "; db_query("UPDATE users SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'"); @@ -104,11 +118,19 @@ function user_save($account, $array = array()) { $values[] = "'". md5($value) ."'"; } else if (substr($key, 0, 4) !== "auth") { - $fields[] = check_query($key); - $values[] = "'". check_query($value) ."'"; + if (in_array($key, user_fields())) { + $fields[] = check_query($key); + $values[] = "'". check_query($value) ."'"; + } + else { + $data[$key] = $value; + } } } + $fields[] = "data"; + $values[] = "'". serialize($data) ."'"; + db_query("INSERT INTO users (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")"); $user = user_load(array("name" => $array["name"])); @@ -241,6 +263,18 @@ function user_deny($type, $mask) { } +function user_fields() { + static $fields; + if (!$fields) { + // is this ANSI? perhaps this should go in the database include... + $result = db_query("SHOW FIELDS FROM users"); + while ($data = db_fetch_object($result)) { + $fields[] = $data->Field; + } + } + return $fields; +} + /*** Module hooks **********************************************************/ function user_help() { @@ -779,7 +813,21 @@ function user_register($edit = array()) { $error = t("Public registrations have been disabled by the site administrator."); } else { - $success = 1; + foreach (module_list() as $module) { + if (module_hook($module, "user")) { + $result = module_invoke($module, "user", "register_validate", $edit, $user); + if (is_array($result)) { + $data = array_merge($data, $result); + } + elseif (is_string($result)) { + $error = $result; + break; + } + } + } + if (!$error) { + $success = 1; + } } } @@ -795,7 +843,7 @@ function user_register($edit = array()) { ** Create new user account, no administrator approval required: */ - user_save("", array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 1)); + user_save("", array_merge(array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 1), $data)); user_mail($edit["mail"], t("user account details"), sprintf(t("%s,\n\nsomoneone signed up for a user account on %s and supplied this e-mail address as their contact. If it wasn't you, just ignore this mail but if it was you, you can now login using the following username and password:\n\n username: %s\n password: %s\n\n\n-- %s team"), $edit["name"], variable_get("site_name", "drupal"), $edit["name"], $pass, variable_get("site_name", "drupal")), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from"); } @@ -804,7 +852,7 @@ function user_register($edit = array()) { ** Create new user account, administrator approval required: */ - user_save("", array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 0)); + user_save("", array_merge(array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 0), $data)); user_mail($edit["mail"], t("user account details"), sprintf(t("%s,\n\nsomoneone signed up for a user account on %s and supplied this e-mail address as their contact. If it wasn't you, just ignore this mail but if it was you, you can login as soon a site administrator approved your request using the following username and password:\n\n username: %s\n password: %s\n\n\n-- %s team"), $edit["name"], variable_get("site_name", "drupal"), $edit["name"], $pass, variable_get("site_name", "drupal")), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from"); } @@ -819,6 +867,11 @@ function user_register($edit = array()) { $output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64, t("Your full name or your prefered username: only letters, numbers and spaces are allowed.")); $output .= form_textfield(t("E-mail address"), "mail", $edit["mail"], 30, 64, t("Your e-mail address: a password and instructions will be sent to this e-mail address so make sure it is accurate.")); + foreach (module_list() as $module) { + if (module_hook($module, "user")) { + $output .= module_invoke($module, "user", "register_form", $edit, $user); + } + } $output .= form_submit(t("Create new account")); return form($output); @@ -846,6 +899,19 @@ function user_edit($edit = array()) { // do nothing } else if ($user->uid) { + foreach (module_list() as $module) { + if (module_hook($module, "user")) { + $result = module_invoke($module, "user", "edit_validate", $edit, $user); + } + if (is_array($result)) { + $data = array_merge($data, $result); + } + elseif (is_string($result)) { + $error = $result; + break; + } + } + /* ** If required, check that proposed passwords match. If so, ** add new password to $edit. @@ -862,17 +928,19 @@ function user_edit($edit = array()) { unset($edit["pass1"], $edit["pass2"]); - /* - ** Save user information: - */ + if (!$error) { + /* + ** Save user information: + */ - $user = user_save($user, $edit); + $user = user_save($user, array_merge($edit, $data)); - /* - ** Redirect the user to his personal information page: - */ + /* + ** Redirect the user to his personal information page: + */ - drupal_goto("module.php?mod=user&op=view"); + drupal_goto("module.php?mod=user&op=view"); + } } } @@ -890,6 +958,12 @@ function user_edit($edit = array()) { } } + foreach (module_list() as $module) { + if (module_hook($module, "user")) { + $output .= module_invoke($module, "user", "edit_form", $edit, $user); + } + } + $output .= form_textfield(t("Homepage"), "homepage", $user->homepage, 30, 55, t("Optional") .". ". t("Make sure you enter a fully qualified URL: remember to include \"http://\".")); foreach ($themes as $key => $value) $options .= "<option value=\"$key\"". (($user->theme == $key) ? " selected=\"selected\"" : "") .">$key - $value[1]</option>\n"; $output .= form_item(t("Theme"), "<select name=\"edit[theme]\">$options</select>", t("Selecting a different theme will change the look and feel of the site.")); @@ -934,6 +1008,13 @@ function user_view($uid = 0) { } } } + + foreach (module_list() as $module) { + if (module_hook($module, "user")) { + $output .= module_invoke($module, "user", "view_private", "", $user); + } + } + $output .= form_item(t("Homepage"), format_url($user->homepage)); $output .= form_item(t("Signature"), check_output($user->signature, 1)); @@ -946,6 +1027,12 @@ function user_view($uid = 0) { $output .= form_item(t("Name"), check_output($account->name)); $output .= form_item(t("Homepage"), format_url($account->homepage)); + foreach (module_list() as $module) { + if (module_hook($module, "user")) { + $output .= module_invoke($module, "user", "view_public", "", $account); + } + } + $theme->header(); $theme->box(t("View user information"), $output); $theme->footer(); |