From 8043cb998f3325731bfab8d82251fa49639aec1d Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Sat, 20 Apr 2002 11:52:50 +0000 Subject: - Applied Marco's big patch, including contributions from Moshe: + Changed the db_query() API. + Wrapped all links in l(), lm(), la(), ..., drupal_url() functions. + XHTML-ified some HTML. + Wrapped a lot of text in the administrative pages in a t() function. + Replaced all $REQUEST_URI/$PATH_INFOs by request_uri(). + Small bugfixes (eg. bug in book_export_html() and clean-ups (eg. RSS code). + Fixed some bugs in the taxonomy module (eg. tree making bug), added new functionality (eg. new APIs for use by other modules), included Moshe's taxonomy extensions, and some documentation udpates. + ... --- modules/user/user.module | 168 +++++++++++++++++++++++------------------------ 1 file changed, 84 insertions(+), 84 deletions(-) (limited to 'modules/user/user.module') diff --git a/modules/user/user.module b/modules/user/user.module index f8e38a655..1169898c8 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -24,7 +24,7 @@ function sess_read($key) { function sess_write($key, $value) { global $HTTP_SERVER_VARS; - db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS["REMOTE_ADDR"]) ."', session = '". check_query($value) ."', timestamp = '". time() ."' WHERE sid = '$key'"); + db_query("UPDATE users SET hostname = '%s', session = '%s', timestamp = '%s' WHERE sid = '$key'", $HTTP_SERVER_VARS["REMOTE_ADDR"], $value, time()); return ''; } @@ -32,7 +32,7 @@ function sess_write($key, $value) { function sess_destroy($key) { global $HTTP_SERVER_VARS; - db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS["REMOTE_ADDR"]) ."', timestamp = '". time() ."', sid = '' WHERE sid = '$key'"); + db_query("UPDATE users SET hostname = '%s', timestamp = '%s', sid = '' WHERE sid = '$key'", $HTTP_SERVER_VARS["REMOTE_ADDR"], time()); } function sess_gc($lifetime) { @@ -107,7 +107,7 @@ function user_save($account, $array = array()) { } $query .= "data = '". check_query(serialize($data)) ."', "; - db_query("UPDATE users SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'"); + db_query("UPDATE users SET $query timestamp = '%s' WHERE uid = '$account->uid'", time()); $user = user_load(array("uid" => $account->uid)); } @@ -192,7 +192,7 @@ function user_validate_authmap($account, $authname, $module) { $result = db_query("SELECT COUNT(*) from authmap WHERE uid != '$account->uid' && authname = '$authname'"); if (db_result($result) > 0) { $name = module_invoke($module, "info", "name"); - return strtr(t("The %u ID %s is already taken."), array("%u" => ucfirst($name), "%s" => "$authname")); + return t("The %u ID %s is already taken.", array("%u" => ucfirst($name), "%s" => "$authname")); } } @@ -447,7 +447,7 @@ function user_search($keys) { global $PHP_SELF; $result = db_query("SELECT * FROM users WHERE name LIKE '%$keys%' LIMIT 20"); while ($account = db_fetch_object($result)) { - $find[$i++] = array("title" => $account->name, "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=user&op=edit&id=$account->uid" : "module.php?mod=user&op=view&id=$account->uid"), "user" => $account->name); + $find[$i++] = array("title" => $account->name, "link" => (strstr($PHP_SELF, "admin.php") ? drupal_url(array("mod" => "user", "op" => "edit", "id" => $account->uid), "admin") : drupal_url(array("mod" => "user", "op" => "view", "id" => $account->uid), "module")), "user" => $account->name); } return $find; } @@ -471,26 +471,26 @@ function user_block() { $block[1]["subject"] = t("Log in"); $output .= "
\n"; - $output .= "
\n"; + $output .= " "user", "op" => "login"), "module")."\" method=\"post\">\n"; $output .= "". t("Username") .":

\n"; $output .= "". t("Password") .":

\n"; $output .= "". t("Remember me") ."
\n"; $output .= "
\n"; $output .= "
\n"; if (variable_get("account_register", 1)) { - $output .= "» ". t("Register") ."\n"; + $output .= "» ".lm(t("Register"), array("mod" => "user", "op" => "register"), t("Create a new user account."))."\n"; } - $output .= "
» " . t("New password") . "
"; + $output .= "
» ".lm(t("New password"), array("mod" => "user", "op" => "password"), t("Request new password via e-mail"))."
"; $output .= "\n"; $block[1]["content"] = $output; } $block[0]["info"] = t("User information"); - $block[0]["link"] = "module.php?mod=user"; + $block[0]["link"] = drupal_url(array("mod" => "user"), "module"); $block[1]["info"] = t("Log in"); - $block[1]["link"] = "module.php?mod=user"; + $block[1]["link"] = drupal_url(array("mod" => "user"), "module"); // Who's online block $time = 60 * 60; // minutes * seconds @@ -501,7 +501,7 @@ function user_block() { if (db_num_rows($result)) { $output = "
    "; while ($account = db_fetch_object($result)) { - $output .= '
  1. '. (strlen($account->name) > 10 ? substr($account->name, 0, 10) . '...' : $account->name) .'
    2. '; + $output .= '
  2. '.lm((strlen($account->name) > 10 ? substr($account->name, 0, 10) . '...' : $account->name), array("mod" => "user", "op" => "view", "id" => $account->uid)).'
    3. '; } $output .= "
"; $block[2]["content"] = $output; @@ -514,23 +514,23 @@ function user_block() { function user_link($type) { if ($type == "page") { - $links[] = "". t("user account") .""; + $links[] = lm(t("user account"), array("mod" => "user"), t("Create a user account, request a new password or edit your account settings.")); } if ($type == "menu.settings") { - $links[] = "". t("edit account") .""; + $links[] = lm(t("edit account"), array("mod" => "user", "op" => "edit"), t("View and edit your account information.")); } if ($type == "menu.misc") { if (user_access("access administration pages")) { - $links[] = "". strtr(t("administer %a"), array("%a" => variable_get("site_name", "drupal"))) .""; + $links[] = la(t("administer %a", array("%a" => variable_get("site_name", "drupal")))); } - $links[] = "". t("logout") .""; + $links[] = lm(t("logout"), array("mod" => "user", "op" => "logout"), t("Logout.")); } if ($type == "admin" && user_access("administer users")) { - $links[] = "user management"; + $links[] = la(t("user management"), array("mod" => "user")); } return $links ? $links : array(); @@ -594,7 +594,7 @@ function user_set_authmaps($account, $authmaps) { if ($value) { $result = db_query("SELECT COUNT(*) from authmap WHERE uid = '$account->uid' && module = '$module[1]'"); if (db_result($result) == 0) { - $result = db_query("INSERT INTO authmap (authname, uid, module) VALUES ('" . check_query($value) . "', '" . check_query($account->uid) . "', '" . check_query($module[1]) . "')"); + $result = db_query("INSERT INTO authmap (authname, uid, module) VALUES ('%s', '%s', '%s')", $value, $account->uid, $module[1]); } else { $result = db_query("UPDATE authmap SET authname = '$value' WHERE uid = '$account->uid' && module = '$module[1]'"); @@ -634,7 +634,7 @@ function user_help_da() { on logging into %s in the same manner, and he will always be logged into the same account.

"; - $output = strtr(t($output), array("%s" => $site)); + $output = t($output, array("%s" => $site)); foreach (module_list() as $module) { if (module_hook($module, "auth")) { @@ -649,7 +649,7 @@ function user_help_da() { function user_auth_help_links() { foreach (module_list() as $module) { if (module_hook($module, "auth_help")) { - $links[] = "". module_invoke($module, "info", "name") .""; + $links[] = lm(module_invoke($module, "info", "name"), array("mod" => "user", "op" => "help#$module")); } } return $links; @@ -665,11 +665,11 @@ function user_login($edit = array()) { */ if ($user->uid) { - drupal_goto("module.php?mod=user"); + drupal_goto(drupal_url(array("mod" => "user"), "module")); } if (user_deny("user", $edit["name"])) { - $error = strtr(t("The name '%s' has been denied access."), array("%s" => $edit["name"])); + $error = t("The name '%s' has been denied access.", array("%s" => $edit["name"])); } else if ($edit["name"] && $edit["pass"]) { @@ -703,7 +703,7 @@ function user_login($edit = array()) { watchdog("user", "external load: $name@$server, module: " . key($result)); } else { - $error = strtr(t("Invalid password for %s."), array("%s" => "$name@$server")); + $error = t("Invalid password for %s.", array("%s" => "$name@$server")); } } @@ -751,12 +751,12 @@ function user_login($edit = array()) { ** information page if we can detect the referer page: */ - $url = $HTTP_REFERER ? $HTTP_REFERER : "module.php?mod=user&op=view"; + $url = $HTTP_REFERER ? $HTTP_REFERER : drupal_url(array("mod" => "user", "op" => "view"), "module"); drupal_goto($url); } else { if (!$error) { - $error = sprintf(t("Sorry. Unrecognized username or password. Have you %sforgotten your password%s?"), "", ""); + $error = t("Sorry. Unrecognized username or password.")." ".lm(t("Have you forgotten your password?"), array("mod" => "user", "op" => "password")); } if ($server) { watchdog("user", "failed login for '$name@$server': $error"); @@ -779,12 +779,12 @@ function user_login($edit = array()) { ** Display login form: */ - $output .= form_textfield(t("Username"), "name", $edit["name"], 20, 64, strtr(t("Enter your %s username, or an ID from one of our affiliates: %a."), array("%s" => variable_get("site_name", "local"), "%a" => implode(", ", user_auth_help_links())))); + $output .= form_textfield(t("Username"), "name", $edit["name"], 20, 64, t("Enter your %s username, or an ID from one of our affiliates: %a.", array("%s" => variable_get("site_name", "local"), "%a" => implode(", ", user_auth_help_links())))); $output .= form_password(t("Password"), "pass", $pass, 20, 64, t("Enter the password that accompanies your username.")); $output .= form_checkbox(t("Remember me"), "remember_me", 1, 0, 0); $output .= form_submit(t("Log in")); - $output .= "

» " . t("E-mail new password") . "
"; - $output .= "» " . t("Create new account") . "

"; + $output .= "

» ".lm(t("E-mail new password"), array("mod" => "user", "op" => "password")). "
"; + $output .= "» " .lm(t("Create new account"), array("mod" => "user", "op" => "register")). "

"; return form($output); } @@ -814,12 +814,12 @@ function user_logout() { function user_pass($edit = array()) { if ($edit["name"]) { - $account = db_fetch_object(db_query("SELECT uid, name, mail FROM users WHERE name = '". check_input($edit["name"]) . "'")); - if (!$account) $error = strtr(t("Sorry. The username %s is not recognized."), array("%s" => $edit["name"])); + $account = db_fetch_object(db_query("SELECT uid, name, mail FROM users WHERE name = '%s'", $edit["name"])); + if (!$account) $error = t("Sorry. The username %s is not recognized.", array("%s" => $edit["name"])); } else if ($edit["mail"]) { - $account = db_fetch_object(db_query("SELECT uid, name, mail FROM users WHERE mail = '". check_input($edit["mail"]) ."'")); - if (!$account) $error = strtr(t("Sorry. The e-mail address %s is not recognized."), array("%s" => $edit["mail"])); + $account = db_fetch_object(db_query("SELECT uid, name, mail FROM users WHERE mail = '%s'", $edit["mail"])); + if (!$account) $error = t("Sorry. The e-mail address %s is not recognized.", array("%s" => $edit["mail"])); } if ($account) { @@ -839,7 +839,7 @@ function user_pass($edit = array()) { global $HTTP_HOST; $variables = array("%username" => $account->name, "%site" => variable_get("site_name", "drupal"), "%password" => $pass, "%uri" => path_uri(), "%uri_brief" => $HTTP_HOST, "%mailto" => $account->mail); $subject = strtr(variable_get("user_mail_pass_subject", t("Replacement login information for %username at %site")), $variables); - $body = strtr(variable_get("user_mail_pass_body", t("%username,\n\nHere is your new password for %site. You may now login to %urimodule.php?mod=login using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %urimodule.php?mod=user&op=edit\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), $variables); + $body = strtr(variable_get("user_mail_pass_body", t("%username,\n\nHere is your new password for %site. You may now login to %uri".drupal_url(array("mod" => "login"), "module")." using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %uri".drupal_url(array("mod" => "user", "op" => "edit"), "module")."\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), $variables); $headers = "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from"; user_mail($account->mail, $subject, $body, $headers); @@ -862,8 +862,8 @@ function user_pass($edit = array()) { $output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64); $output .= form_textfield(t("E-mail address"), "mail", $edit["mail"], 30, 64); $output .= form_submit(t("E-mail new password")); - $output .= "

» " . t("Log in") . "
"; - $output .= "» " . t("Create new account") . "

"; + $output .= "

» ".lm(t("Log in"), array("mod" =>user, "op" => "login"))."
"; + $output .= "» ".lm(t("Create new account"), array("mod" => "user", "op" => "register"))."

"; return form($output); } @@ -877,7 +877,7 @@ function user_register($edit = array()) { */ if ($user->uid) { - drupal_goto("module.php?mod=user&op=edit"); + drupal_goto(drupal_url(array("mod" => "user", "op" => "edit"), "module")); } if ($edit["name"] && $edit["mail"]) { @@ -888,16 +888,16 @@ function user_register($edit = array()) { // do nothing } else if (user_deny("user", $edit["name"])) { - $error = strtr(t("The name '%s' has been denied access."), array("%s" => $edit["name"])); + $error = t("The name '%s' has been denied access.", array("%s" => $edit["name"])); } else if (user_deny("mail", $edit["mail"])) { - $error = strtr(t("The e-mail address '%s' has been denied access."), array("%s" => $edit["mail"])); + $error = t("The e-mail address '%s' has been denied access.", array("%s" => $edit["mail"])); } - else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) { - $error = strtr(t("The name '%s' is already taken."), array("%s" => $edit["name"])); + else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('%s')", $edit["name"])) > 0) { + $error = t("The name '%s' is already taken.", array("%s" => $edit["name"])); } - else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) { - $error = strtr(t("The e-mail address '%s' is already taken."), array("%s" => $edit["mail"])); + else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('%s')", $edit["mail"])) > 0) { + $error = t("The e-mail address '%s' is already taken.", array("%s" => $edit["mail"])); } else if (variable_get("user_register", 1) == 0) { $error = t("Public registrations have been disabled by the site administrator."); @@ -940,7 +940,7 @@ function user_register($edit = array()) { //the first user may login immediately, and receives a customized welcome email. if ($user->uid == 1) { - user_mail($edit["mail"], strtr(t("drupal user account details for %s"), array("%s" => $edit["name"])), strtr(t("%username,\n\nYou may now login to %uri using the following username and password:\n\n username: %username\n password: %password\n\nAfter logging in, you may wish to visit the following pages:\n\nAdministration: %uriadmin.php\nEdit user account: %utimodule.php?mod=user&op=edit\n\n--drupal"), $variables), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from"); + user_mail($edit["mail"], t("drupal user account details for %s", array("%s" => $edit["name"])), t("%username,\n\nYou may now login to %uri using the following username and password:\n\n username: %username\n password: %password\n\nAfter logging in, you may wish to visit the following pages:\n\nAdministration: %uriadmin.php\nEdit user account: %uri".drupal_url(array("mod" => "user", "op" => "edit"), "module")."\n\n--drupal"), $variables, "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from"); // This should not be t()'ed. No point as its only shown once in the sites lifetime, and it would be bad to store the password $output .= "

Welcome to Drupal. You are user #1, which gives you full and immediate access. All future registrants will receive their passwords via email, so please configure your email settings using the Administration pages.

Your password is $pass. You may change your password on the next page.

Please login below.

"; $output .= form_hidden("name", $user->name); @@ -951,7 +951,7 @@ function user_register($edit = array()) { else { global $HTTP_HOST; $subject = strtr(variable_get("user_mail_welcome_subject", t("User account details for %username at %site")), $variables); - $body = strtr(variable_get("user_mail_welcome_body", t("%username,\n\nThank you for registering at %site. You may now login to %urimodule.php?mod=login using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %urimodule.php?mod=user&op=edit\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), $variables); + $body = strtr(variable_get("user_mail_welcome_body", t("%username,\n\nThank you for registering at %site. You may now login to %uri".drupal_url(array("mod" => "login"), "module")." using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %urimodule.php?mod=user&op=edit\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), $variables); user_mail($edit["mail"], $subject, $body, "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from"); return t("Your password and further instructions have been sent to your e-mail address."); } @@ -966,7 +966,7 @@ function user_register($edit = array()) { $affiliates = user_auth_help_links(); if (array_count_values($affiliates) > 1) { $affiliates = implode(", ", $affiliates); - $output .= "

" . strtr(t("Note: If you have an account with one of our affiliates (%s), you may login now instead of registering."), array("%s" => $affiliates)) ."

"; + $output .= "

" . t("Note: If you have an account with one of our affiliates (%s), you may ".lm("login now", array("mod" => "user", "op" => "login"))." instead of registering.", array("%s" => $affiliates)) ."

"; } $output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64, t("Your full name or your prefered username: only letters, numbers and spaces are allowed.")); $output .= form_textfield(t("E-mail address"), "mail", $edit["mail"], 30, 64, t("A password and instructions will be sent to this e-mail address, so make sure it is accurate.")); @@ -1009,11 +1009,11 @@ function user_edit($edit = array()) { else if ($error = user_validate_mail($edit["mail"])) { // do nothing } - else if (db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) { - $error = strtr(t("The name '%s' is already taken."), array("%s" => $edit["name"])); + else if (db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(name) = LOWER('%s')", $edit["name"])) > 0) { + $error = t("The name '%s' is already taken.", array("%s" => $edit["name"])); } - else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) { - $error = strtr(t("The e-mail address '%s' is already taken."), array("%s" => $edit["mail"])); + else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('%s')", $edit["mail"])) > 0) { + $error = t("The e-mail address '%s' is already taken.", array("%s" => $edit["mail"])); } else if ($user->uid) { foreach (module_list() as $module) { @@ -1089,9 +1089,9 @@ function user_edit($edit = array()) { } function user_menu() { - $links[] = "". t("view user information") .""; - $links[] = "". t("edit user information") .""; - $links[] = "". t("delete account") .""; + $links[] = lm(t("view user information"), array("mod" => "user", "op" => "view")); + $links[] = lm(t("edit user information"), array("mod" => "user", "op" => "edit")); + $links[] = lm(t("delete account"), array("mod" => "user", "op" => "delete")); return "
". implode(" · ", $links) ."
"; } @@ -1208,9 +1208,9 @@ function user_conf_options() { $output .= form_select("Public registrations", "user_register", variable_get("user_register", 1), array("Only site administrators can create new user accounts.", "Visitors can create accounts and no administrator approval is required.", "Visitors can create accounts but administrator approval is required.")); $output .= form_textfield("Password words", "user_password", variable_get("user_password", "foo,bar,guy,neo,tux,moo,sun,asm,dot,god,axe,geek,nerd,fish,hack,star,mice,warp,moon,hero,cola,girl,fish,java,perl,boss,dark,sith,jedi,drop,mojo"), 55, 256, "A comma separated list of short words that can be concatenated to generate human-readable passwords."); $output .= form_textfield("Welcome e-mail subject", "user_mail_welcome_subject", variable_get("user_mail_welcome_subject", t("User account details for %username at %site")), 80, 180, "Customize the Subject of your welcome email, which is sent to new members upon registering. Available variables are: %username, %site, %password, %uri, %uri_brief, %mailto"); - $output .= form_textarea("Welcome e-mail body", "user_mail_welcome_body", variable_get("user_mail_welcome_body", t("%username,\n\nThank you for registering at %site. You may now login to %urimodule.php?mod=login using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %urimodule.php?mod=user&op=edit\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), 70, 10, "Customize the Body of the welcome email, which is sent to new members upon registering. Available variables are: %username, %site, %password, %uri, %uri_brief, %mailto"); + $output .= form_textarea("Welcome e-mail body", "user_mail_welcome_body", variable_get("user_mail_welcome_body", t("%username,\n\nThank you for registering at %site. You may now login to %uri".drupal_url(array("mod" => "login"), "module")." using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %uri".drupal_url(array("mod" => "user", "op" => "edit"), "module")."\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), 70, 10, "Customize the Body of the welcome email, which is sent to new members upon registering. Available variables are: %username, %site, %password, %uri, %uri_brief, %mailto"); $output .= form_textfield("Forgotten password e-mail subject", "user_mail_pass_subject", variable_get("user_mail_pass_subject", t("Replacement login information for %username at %site")), 80, 180, "Customize the Subject of your Forgotten Password email. Available variables are: %username, %site, %password, %uri, %uri_brief, %mailto"); - $output .= form_textarea("Forgotten password e-mail body", "user_mail_pass_body", variable_get("user_mail_pass_body", t("%username,\n\nHere is your new password for %site. You may now login to %urimodule.php?mod=login using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %urimodule.php?mod=user&op=edit\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), 70, 10, "Customize the Body of the Forgotten Password email. Available variables are: %username, %site, %password, %uri, %uri_brief, %mailto"); + $output .= form_textarea("Forgotten password e-mail body", "user_mail_pass_body", variable_get("user_mail_pass_body", t("%username,\n\nHere is your new password for %site. You may now login to %uri".drupal_url(array("mod" => "login"), "module")." using the following username and password:\n\nusername: %username\npassword: %password\n\nAfter logging in, you may wish to change your password at %uri".drupal_url(array("mod" => "user", "op" => "edit"), "module")."\n\nYour new %site membership also enables to you to login to other Drupal powered web sites (e.g. http://www.drop.org) without registering. Just use the following Drupal ID and password:\n\nDrupal ID: %username@%uri_brief\npassword: %password\n\n\n-- %site team")), 70, 10, "Customize the Body of the Forgotten Password email. Available variables are: %username, %site, %password, %uri, %uri_brief, %mailto"); return $output; } @@ -1250,11 +1250,11 @@ function user_admin_create($edit = array()) { else if ($error = user_validate_mail($edit["mail"])) { // do nothing } - else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) { - $error = strtr(t("The name '%s' is already taken."), array("%s" => $edit["name"])); + else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('%s')", $edit["name"])) > 0) { + $error = t("The name '%s' is already taken.", array("%s" => $edit["name"])); } - else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) { - $error = strtr(t("The e-mail address '%s' is already taken."), array("%s" => $edit["mail"])); + else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('%s')", $edit["mail"])) > 0) { + $error = t("The e-mail address '%s' is already taken.", array("%s" => $edit["mail"])); } else { $success = 1; @@ -1287,7 +1287,7 @@ function user_admin_create($edit = array()) { function user_admin_access($edit = array()) { global $op, $id, $type; - $output .= "e-mail rules :: username rules
"; + $output .= "".la(t("e-mail rules"), array("mod" => "user", "op" => "access", "type" => "mail"))." :: ".la(t("username rules"), array("mod" => "user", "op" => "access", "type" => "user"))."
"; // irc rules, too! if ($type != "user") { $output .= "

E-mail rules

"; @@ -1298,7 +1298,7 @@ function user_admin_access($edit = array()) { } if ($op == "Add rule") { - db_query("INSERT INTO access (mask, type, status) VALUES ('". check_input($edit["mask"]) ."', '". check_input($type) ."', '". check_input($edit["status"]) ."')"); + db_query("INSERT INTO access (mask, type, status) VALUES ('%s', '%s', '%s')", $edit["mask"], $type, $edit["status"]); } else if ($op == "Check") { if (user_deny($type, $edit["test"])) { @@ -1315,16 +1315,16 @@ function user_admin_access($edit = array()) { $output .= ""; $output .= " "; - $result = db_query("SELECT * FROM access WHERE type = '". check_input($type) ."' AND status = '1' ORDER BY mask"); + $result = db_query("SELECT * FROM access WHERE type = '%s' AND status = '1' ORDER BY mask", $type); while ($rule = db_fetch_object($result)) { - $output .= ""; + $output .= ""; } - $result = db_query("SELECT * FROM access WHERE type = '". check_input($type) ."' AND status = '0' ORDER BY mask"); + $result = db_query("SELECT * FROM access WHERE type = '%s' AND status = '0' ORDER BY mask", $type); while ($rule = db_fetch_object($result)) { - $output .= ""; + $output .= ""; } $output .= " "; @@ -1365,7 +1365,7 @@ function user_admin_perm($edit = array()) { $result = db_query("SELECT * FROM role"); while ($role = db_fetch_object($result)) { $perm = $edit[$role->name] ? implode(", ", array_keys($edit[$role->name])) : ""; - db_query("UPDATE role SET perm = '$perm' WHERE name = '$role->name'"); + db_query("UPDATE role SET perm = '%s' WHERE name = '$role->name'", $perm); } } @@ -1415,13 +1415,13 @@ function user_admin_role($edit = array()) { global $op, $id; if ($op == "Save role") { - db_query("UPDATE role SET name = '". $edit["name"] ."' WHERE rid = '$id'"); + db_query("UPDATE role SET name = '%s' WHERE rid = '%s'", $edit["name"], $id); } else if ($op == "Delete role") { - db_query("DELETE FROM role WHERE rid = '$id'"); + db_query("DELETE FROM role WHERE rid = '%s'", $id); } else if ($op == "Add role") { - db_query("INSERT INTO role (name) VALUES ('". $edit["name"] ."')"); + db_query("INSERT INTO role (name) VALUES ('%s')", $edit["name"]); } else if ($id) { @@ -1429,7 +1429,7 @@ function user_admin_role($edit = array()) { ** Display role form: */ - $role = db_fetch_object(db_query("SELECT * FROM role WHERE rid = '$id'")); + $role = db_fetch_object(db_query("SELECT * FROM role WHERE rid = '%s'", $id)); $output .= form_textfield("Role name", "name", $role->name, 32, 64, "The name for this role. Example: 'moderator', 'editorial board', 'site architect'."); $output .= form_submit("Save role"); @@ -1448,7 +1448,7 @@ function user_admin_role($edit = array()) { $output .= "
typemaskoperations
allow". check_output($rule->mask) ."aid\">delete rule
allow". check_output($rule->mask) ."".la(t("delete rule"), array("mod" => "user", "op" => "access", "type" => $type, "id" => $rule->aid))."
deny". check_output($rule->mask) ."aid\">delete rule
deny". check_output($rule->mask) ."". la(t("delete rule"), array("mod" => "user", "op" => "access", "type" => $type, "id" => $rule->aid)). "
"; $output .= " "; while ($role = db_fetch_object($result)) { - $output .= ""; + $output .= ""; } $output .= " "; $output .= "
nameoperations
". check_output($role->name) ."rid\">edit role
". check_output($role->name) ."".la(t("edit role"), array("mod" => "user", "op" => "role", "id" => $role->rid))."
"; @@ -1484,11 +1484,11 @@ function user_admin_edit($edit = array()) { else if ($error = user_validate_mail($edit["mail"])) { // do nothing } - else if (db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$account->uid' AND LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) { - $error = strtr(t("The name '%s' is already taken."), array("%s" => $edit["name"])); + else if (db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$account->uid' AND LOWER(name) = LOWER('%s')", $edit["name"])) > 0) { + $error = t("The name '%s' is already taken.", array("%s" => $edit["name"])); } - else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$account->uid' AND LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) { - $error = strtr(t("The e-mail address '%s' is already taken."), array("%s" => $edit["mail"])); + else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$account->uid' AND LOWER(mail) = LOWER('%s')", $edit["mail"])) > 0) { + $error = t("The e-mail address '%s' is already taken.", array("%s" => $edit["mail"])); } if (!$error) { $account = user_save($account, $edit); @@ -1560,7 +1560,7 @@ function user_admin_account() { $result = db_query("SELECT uid, name, timestamp FROM users ". $queries[$query ? $query : 0][0] ." LIMIT 50"); foreach ($queries as $key => $value) { - $links[] = "$value[1]"; + $links[] = la($value[1], array("mod" => "user", "op" => "account", "query" => $key)); } $output .= "". implode(" :: ", $links) ."
"; @@ -1568,7 +1568,7 @@ function user_admin_account() { $output .= ""; $output .= " "; while ($account = db_fetch_object($result)) { - $output .= " "; + $output .= " "; } $output .= "
usernamelast accessoperations
". format_name($account) ."". format_date($account->timestamp, "small") ."uid\">edit account
". format_name($account) ."". format_date($account->timestamp, "small") ."".la(t("edit account"), array("mod" => "user", "op" => "edit", "id" =>$account->uid))."
"; @@ -1599,14 +1599,14 @@ function user_admin() { ** Compile a list of the administrative links: */ - $links[] = "add new user"; - $links[] = "access rules"; - $links[] = "user accounts"; - $links[] = "user roles"; - $links[] = "user permissions"; - $links[] = "search account"; - $links[] = "settings"; - $links[] = "help"; + $links[] = la(t("add new user"), array("mod" => "user", "op" => "create")); + $links[] = la(t("access rules"), array("mod" => "user", "op" => "access")); + $links[] = la(t("user accounts"), array("mod" => "user", "op" => "account")); + $links[] = la(t("user roles"), array("mod" => "user", "op" => "role")); + $links[] = la(t("user permissions"), array("mod" => "user", "op" => "permission")); + $links[] = la(t("search account"), array("mod" => "user", "op" => "search")); + $links[] = la(t("settings"), array("mod" => "user", "op" => "settings")); + $links[] = la(t("help"), array("mod" => "user", "op" => "help")); print "". implode(" · ", $links) ."
"; @@ -1615,7 +1615,7 @@ function user_admin() { print user_help(); break; case "search": - print search_type("user", "admin.php?mod=user&op=search"); + print search_type("user", drupal_url(array("mod" => "user", "op" => "search"), "admin")); break; case "Save configuration": case "Reset to defaults": -- cgit v1.2.3