diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/comment.module | 4 | ||||
| -rw-r--r-- | modules/comment/comment.module | 4 | ||||
| -rw-r--r-- | modules/locale.module | 2 | ||||
| -rw-r--r-- | modules/locale/locale.module | 2 | ||||
| -rw-r--r-- | modules/poll.module | 30 | ||||
| -rw-r--r-- | modules/poll/poll.module | 30 | ||||
| -rw-r--r-- | modules/profile.module | 40 | ||||
| -rw-r--r-- | modules/profile/profile.module | 40 | ||||
| -rw-r--r-- | modules/statistics.module | 110 | ||||
| -rw-r--r-- | modules/statistics/statistics.module | 110 | ||||
| -rw-r--r-- | modules/user.module | 13 | ||||
| -rw-r--r-- | modules/user/user.module | 13 |
12 files changed, 206 insertions, 192 deletions
diff --git a/modules/comment.module b/modules/comment.module index bca28f425..1b965e711 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -1197,7 +1197,7 @@ function comment_folded($comment) { function comment_flat_collapsed($comments, $threshold) { foreach ($comments as $comment) { if (comment_visible($comment, $threshold)) { - print comment_view($comment, "", 0); + comment_view($comment, "", 0); } } } @@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) { #$comment = $comments[$n]; if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) { print "<ul>"; - print comment_view($comment, "", 0); + comment_view($comment, "", 0); comment_thread_min($comments, $threshold, $comment->cid); print "</ul>"; } diff --git a/modules/comment/comment.module b/modules/comment/comment.module index bca28f425..1b965e711 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -1197,7 +1197,7 @@ function comment_folded($comment) { function comment_flat_collapsed($comments, $threshold) { foreach ($comments as $comment) { if (comment_visible($comment, $threshold)) { - print comment_view($comment, "", 0); + comment_view($comment, "", 0); } } } @@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) { #$comment = $comments[$n]; if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) { print "<ul>"; - print comment_view($comment, "", 0); + comment_view($comment, "", 0); comment_thread_min($comments, $threshold, $comment->cid); print "</ul>"; } diff --git a/modules/locale.module b/modules/locale.module index 38c0ee681..99f374d36 100644 --- a/modules/locale.module +++ b/modules/locale.module @@ -103,7 +103,7 @@ function locale_edit($lid) { $result = db_query("SELECT * FROM locales WHERE lid = '$lid'"); if ($translation = db_fetch_object($result)) { - $form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string))); + $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string))); foreach ($languages as $code=>$language) { $form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128); diff --git a/modules/locale/locale.module b/modules/locale/locale.module index 38c0ee681..99f374d36 100644 --- a/modules/locale/locale.module +++ b/modules/locale/locale.module @@ -103,7 +103,7 @@ function locale_edit($lid) { $result = db_query("SELECT * FROM locales WHERE lid = '$lid'"); if ($translation = db_fetch_object($result)) { - $form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string))); + $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string))); foreach ($languages as $code=>$language) { $form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128); diff --git a/modules/poll.module b/modules/poll.module index 2dcb835ee..f799bf5e1 100644 --- a/modules/poll.module +++ b/modules/poll.module @@ -43,22 +43,24 @@ function poll_access($op, $node) { } function poll_block($op = "list", $delta = 0) { - if ($op == "list") { - $blocks[0]["info"] = t("Most recent poll"); - return $blocks; - } - else { - $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); - if ($timestamp) { - $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); - if ($poll->nid) { - // Poll_view dumps the output into $poll->body - poll_view($poll, 1, 1); + if (user_access("access content")) { + if ($op == "list") { + $blocks[0]["info"] = t("Most recent poll"); + return $blocks; + } + else { + $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); + if ($timestamp) { + $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); + if ($poll->nid) { + // Poll_view dumps the output into $poll->body + poll_view($poll, 1, 1); + } } + $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); + $block["content"] = $poll->body; + return $block; } - $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); - $block["content"] = $poll->body; - return $block; } } diff --git a/modules/poll/poll.module b/modules/poll/poll.module index 2dcb835ee..f799bf5e1 100644 --- a/modules/poll/poll.module +++ b/modules/poll/poll.module @@ -43,22 +43,24 @@ function poll_access($op, $node) { } function poll_block($op = "list", $delta = 0) { - if ($op == "list") { - $blocks[0]["info"] = t("Most recent poll"); - return $blocks; - } - else { - $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); - if ($timestamp) { - $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); - if ($poll->nid) { - // Poll_view dumps the output into $poll->body - poll_view($poll, 1, 1); + if (user_access("access content")) { + if ($op == "list") { + $blocks[0]["info"] = t("Most recent poll"); + return $blocks; + } + else { + $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); + if ($timestamp) { + $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); + if ($poll->nid) { + // Poll_view dumps the output into $poll->body + poll_view($poll, 1, 1); + } } + $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); + $block["content"] = $poll->body; + return $block; } - $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); - $block["content"] = $poll->body; - return $block; } } diff --git a/modules/profile.module b/modules/profile.module index 26a4c9145..a8acb7ca1 100644 --- a/modules/profile.module +++ b/modules/profile.module @@ -36,7 +36,7 @@ function _profile_init() { $GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December")); } -function profile_system($field){ +function profile_system($field) { $system["description"] = t("Support for configurable user profiles."); $system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>"); return $system[$field]; @@ -113,8 +113,8 @@ function _profile_form($edit, $mode) { foreach ($profile_fields as $name => $field) { if ($field[0] && in_array($name, $reg_fields)) { - $f = "form_".$field[0]; - $t = "profile_".$name; + $f = "form_". $field[0]; + $t = "profile_". $name; $output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]); } } @@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) { $enabled_fields = _profile_active_fields($mode); if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) { - $error .= $birth_error."<br />"; + $error .= $birth_error ."<br />"; } if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) { - $error .= $avatar_error."<br />"; + $error .= $avatar_error ."<br />"; } foreach (array_keys($profile_fields) as $field) { @@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) { } // now check for required fields - foreach(_profile_active_fields("required") as $required) { + foreach (_profile_active_fields("required") as $required) { if ($required != "0" && in_array($required, $enabled_fields)) { - if (!$edit["profile_".$required]) { - $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />"; + if (!$edit["profile_". $required]) { + $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />"; } } } @@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) { foreach (_profile_active_fields($mode) as $name) { $field = $profile_fields[$name]; - $t = "profile_".$name; + $t = "profile_". $name; if (!empty($user->$t)) { switch ($field[0]) { case "textfield": case "textarea": case "checkbox": - $value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t); + $value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t); $output .= form_item($field[1], $value); break; case "select": @@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) { $extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], ".")); $size = getimagesize($image_file); list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85")); - if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { - $error = t("the uploaded file was not an image."); + if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { + $error = t("The uploaded file was not an image."); } - else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) { - $error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); + else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) { + $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); } else if ($size[0] > $maxwidth || $size[1] > $maxheight) { - $error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + } + else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); + } + else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) { - $error = t("error in file upload"); + $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else { $edit["profile_avatar"] = $extension; @@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) { return; } else { - return t("The specified birthday is not valid.")."<br />"; + return t("The specified birthday is not valid.") ."<br />"; } } diff --git a/modules/profile/profile.module b/modules/profile/profile.module index 26a4c9145..a8acb7ca1 100644 --- a/modules/profile/profile.module +++ b/modules/profile/profile.module @@ -36,7 +36,7 @@ function _profile_init() { $GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December")); } -function profile_system($field){ +function profile_system($field) { $system["description"] = t("Support for configurable user profiles."); $system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>"); return $system[$field]; @@ -113,8 +113,8 @@ function _profile_form($edit, $mode) { foreach ($profile_fields as $name => $field) { if ($field[0] && in_array($name, $reg_fields)) { - $f = "form_".$field[0]; - $t = "profile_".$name; + $f = "form_". $field[0]; + $t = "profile_". $name; $output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]); } } @@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) { $enabled_fields = _profile_active_fields($mode); if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) { - $error .= $birth_error."<br />"; + $error .= $birth_error ."<br />"; } if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) { - $error .= $avatar_error."<br />"; + $error .= $avatar_error ."<br />"; } foreach (array_keys($profile_fields) as $field) { @@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) { } // now check for required fields - foreach(_profile_active_fields("required") as $required) { + foreach (_profile_active_fields("required") as $required) { if ($required != "0" && in_array($required, $enabled_fields)) { - if (!$edit["profile_".$required]) { - $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />"; + if (!$edit["profile_". $required]) { + $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />"; } } } @@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) { foreach (_profile_active_fields($mode) as $name) { $field = $profile_fields[$name]; - $t = "profile_".$name; + $t = "profile_". $name; if (!empty($user->$t)) { switch ($field[0]) { case "textfield": case "textarea": case "checkbox": - $value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t); + $value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t); $output .= form_item($field[1], $value); break; case "select": @@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) { $extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], ".")); $size = getimagesize($image_file); list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85")); - if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { - $error = t("the uploaded file was not an image."); + if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { + $error = t("The uploaded file was not an image."); } - else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) { - $error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); + else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) { + $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); } else if ($size[0] > $maxwidth || $size[1] > $maxheight) { - $error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + } + else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); + } + else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) { - $error = t("error in file upload"); + $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else { $edit["profile_avatar"] = $extension; @@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) { return; } else { - return t("The specified birthday is not valid.")."<br />"; + return t("The specified birthday is not valid.") ."<br />"; } } diff --git a/modules/statistics.module b/modules/statistics.module index 294b67135..9618a31c9 100644 --- a/modules/statistics.module +++ b/modules/statistics.module @@ -613,67 +613,69 @@ function statistics_display_topnodes_block() { function statistics_display_online_block() { global $id, $recent_activity; - $throttle = throttle_status(); - $multiplier = variable_get("statistics_throttle_multiplier", 60); + if (user_access("access content")) { + $throttle = throttle_status(); + $multiplier = variable_get("statistics_throttle_multiplier", 60); - /* don't do any database lookups if on maximum throttle */ - if ($throttle < 5) { - /* count users with activity in the past defined period */ - $time_period = variable_get("statistics_block_online_time", 2700); + /* don't do any database lookups if on maximum throttle */ + if ($throttle < 5) { + /* count users with activity in the past defined period */ + $time_period = variable_get("statistics_block_online_time", 2700); - /* - ** This call gathers all the info we need on users/guests in a single - ** database call, thus is quite efficient. - */ - $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); - - $users = $guests = 0; - /* Count number of users & guests currently online based on db query */ - while ($users_online = db_fetch_array($result)) { - if ($users_online["uid"]) { - /* Has uid, so is a registered user */ - $user_list[$users] = $users_online[uid]; - $users++; - } - else { - /* - ** There's only going to be one return with a uid of 0, and that's - ** the guest(s). Hence, the count of this field is the total number - ** of guests currently online. - */ - $guests = $users_online["count"]; + /* + ** This call gathers all the info we need on users/guests in a single + ** database call, thus is quite efficient. + */ + $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); + + $users = $guests = 0; + /* Count number of users & guests currently online based on db query */ + while ($users_online = db_fetch_array($result)) { + if ($users_online["uid"]) { + /* Has uid, so is a registered user */ + $user_list[$users] = $users_online[uid]; + $users++; + } + else { + /* + ** There's only going to be one return with a uid of 0, and that's + ** the guest(s). Hence, the count of this field is the total number + ** of guests currently online. + */ + $guests = $users_online["count"]; + } } - } - /* format the output with proper grammar */ - $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); - - if (user_access("access userlist") && $users) { - /* Display a list of currently online users */ - $max_users = variable_get("statistics_block_online_max_cnt", 10); - $max_name_len = variable_get("statistics_block_online_max_len", 15); - $uid = reset($user_list); - while (($uid) && ($max_users)) { - $user = user_load(array("uid" => $uid)); - /* When displaying name, be sure it's not more than defined max length */ - $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); - $uid = next($user_list); - /* - ** When $max_users reaches zero, we break out even if there are - ** more online (as defined by the admin) - */ - $max_users--; + /* format the output with proper grammar */ + $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); + + if (user_access("access userlist") && $users) { + /* Display a list of currently online users */ + $max_users = variable_get("statistics_block_online_max_cnt", 10); + $max_name_len = variable_get("statistics_block_online_max_len", 15); + $uid = reset($user_list); + while (($uid) && ($max_users)) { + $user = user_load(array("uid" => $uid)); + /* When displaying name, be sure it's not more than defined max length */ + $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); + $uid = next($user_list); + /* + ** When $max_users reaches zero, we break out even if there are + ** more online (as defined by the admin) + */ + $max_users--; + } + + $output .= "<br /><br />"; + $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } - - $output .= "<br /><br />"; - $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } + else { + /* default message when fully throttled */ + $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); + } + return $output; } - else { - /* default message when fully throttled */ - $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); - } - return $output; } diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module index 294b67135..9618a31c9 100644 --- a/modules/statistics/statistics.module +++ b/modules/statistics/statistics.module @@ -613,67 +613,69 @@ function statistics_display_topnodes_block() { function statistics_display_online_block() { global $id, $recent_activity; - $throttle = throttle_status(); - $multiplier = variable_get("statistics_throttle_multiplier", 60); + if (user_access("access content")) { + $throttle = throttle_status(); + $multiplier = variable_get("statistics_throttle_multiplier", 60); - /* don't do any database lookups if on maximum throttle */ - if ($throttle < 5) { - /* count users with activity in the past defined period */ - $time_period = variable_get("statistics_block_online_time", 2700); + /* don't do any database lookups if on maximum throttle */ + if ($throttle < 5) { + /* count users with activity in the past defined period */ + $time_period = variable_get("statistics_block_online_time", 2700); - /* - ** This call gathers all the info we need on users/guests in a single - ** database call, thus is quite efficient. - */ - $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); - - $users = $guests = 0; - /* Count number of users & guests currently online based on db query */ - while ($users_online = db_fetch_array($result)) { - if ($users_online["uid"]) { - /* Has uid, so is a registered user */ - $user_list[$users] = $users_online[uid]; - $users++; - } - else { - /* - ** There's only going to be one return with a uid of 0, and that's - ** the guest(s). Hence, the count of this field is the total number - ** of guests currently online. - */ - $guests = $users_online["count"]; + /* + ** This call gathers all the info we need on users/guests in a single + ** database call, thus is quite efficient. + */ + $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); + + $users = $guests = 0; + /* Count number of users & guests currently online based on db query */ + while ($users_online = db_fetch_array($result)) { + if ($users_online["uid"]) { + /* Has uid, so is a registered user */ + $user_list[$users] = $users_online[uid]; + $users++; + } + else { + /* + ** There's only going to be one return with a uid of 0, and that's + ** the guest(s). Hence, the count of this field is the total number + ** of guests currently online. + */ + $guests = $users_online["count"]; + } } - } - /* format the output with proper grammar */ - $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); - - if (user_access("access userlist") && $users) { - /* Display a list of currently online users */ - $max_users = variable_get("statistics_block_online_max_cnt", 10); - $max_name_len = variable_get("statistics_block_online_max_len", 15); - $uid = reset($user_list); - while (($uid) && ($max_users)) { - $user = user_load(array("uid" => $uid)); - /* When displaying name, be sure it's not more than defined max length */ - $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); - $uid = next($user_list); - /* - ** When $max_users reaches zero, we break out even if there are - ** more online (as defined by the admin) - */ - $max_users--; + /* format the output with proper grammar */ + $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); + + if (user_access("access userlist") && $users) { + /* Display a list of currently online users */ + $max_users = variable_get("statistics_block_online_max_cnt", 10); + $max_name_len = variable_get("statistics_block_online_max_len", 15); + $uid = reset($user_list); + while (($uid) && ($max_users)) { + $user = user_load(array("uid" => $uid)); + /* When displaying name, be sure it's not more than defined max length */ + $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); + $uid = next($user_list); + /* + ** When $max_users reaches zero, we break out even if there are + ** more online (as defined by the admin) + */ + $max_users--; + } + + $output .= "<br /><br />"; + $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } - - $output .= "<br /><br />"; - $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } + else { + /* default message when fully throttled */ + $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); + } + return $output; } - else { - /* default message when fully throttled */ - $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); - } - return $output; } diff --git a/modules/user.module b/modules/user.module index 3c307043f..6a6c1d91d 100644 --- a/modules/user.module +++ b/modules/user.module @@ -211,6 +211,10 @@ function user_access($string) { global $user; static $perm; + if ($user->uid == 1) { + return 1; + } + /* ** To reduce the number of SQL queries, we cache the user's permissions ** in a static variable. @@ -225,13 +229,7 @@ function user_access($string) { } } - if ($user->uid == 1) { - return 1; - } - else { - return strstr($perm, $string); - } - + return strstr($perm, $string); } function user_mail($mail, $subject, $message, $header) { @@ -366,7 +364,6 @@ function user_block($op = "list", $delta = 0) { } break; case 2: - $result = db_query_range("SELECT uid, name FROM users WHERE status != '0' ORDER BY uid DESC", 0, 5); while ($account = db_fetch_object($result)) { $items[] = l((strlen($account->name) > 15 ? substr($account->name, 0, 15) . '...' : $account->name), "user/view/$account->uid"); diff --git a/modules/user/user.module b/modules/user/user.module index 3c307043f..6a6c1d91d 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -211,6 +211,10 @@ function user_access($string) { global $user; static $perm; + if ($user->uid == 1) { + return 1; + } + /* ** To reduce the number of SQL queries, we cache the user's permissions ** in a static variable. @@ -225,13 +229,7 @@ function user_access($string) { } } - if ($user->uid == 1) { - return 1; - } - else { - return strstr($perm, $string); - } - + return strstr($perm, $string); } function user_mail($mail, $subject, $message, $header) { @@ -366,7 +364,6 @@ function user_block($op = "list", $delta = 0) { } break; case 2: - $result = db_query_range("SELECT uid, name FROM users WHERE status != '0' ORDER BY uid DESC", 0, 5); while ($account = db_fetch_object($result)) { $items[] = l((strlen($account->name) > 15 ? substr($account->name, 0, 15) . '...' : $account->name), "user/view/$account->uid"); |