From ac65ff9074223e7b09c1c609c9d82da45b28aa55 Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Mon, 14 May 2007 13:43:38 +0000 Subject: - Patch #138706 by eaton, chx, webchick, yched et al: form api 3 ... yay. :) --- modules/user/user.module | 158 +++++++++++++++++++++++++---------------------- 1 file changed, 85 insertions(+), 73 deletions(-) (limited to 'modules/user/user.module') diff --git a/modules/user/user.module b/modules/user/user.module index ff3ee7b33..3b36beba2 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -313,35 +313,34 @@ function user_validate_mail($mail) { } } -function user_validate_picture($file, &$edit, $user) { - global $form_values; - // Initialize the picture: - $form_values['picture'] = $user->picture; - - // Check that uploaded file is an image, with a maximum file size - // and maximum height/width. - $info = image_get_info($file->filepath); - list($maxwidth, $maxheight) = explode('x', variable_get('user_picture_dimensions', '85x85')); - - if (!$info || !$info['extension']) { - form_set_error('picture_upload', t('The uploaded file was not an image.')); - } - else if (image_get_toolkit()) { - image_scale($file->filepath, $file->filepath, $maxwidth, $maxheight); - } - else if (filesize($file->filepath) > (variable_get('user_picture_file_size', '30') * 1000)) { - form_set_error('picture_upload', t('The uploaded image is too large; the maximum file size is %size kB.', array('%size' => variable_get('user_picture_file_size', '30')))); - } - else if ($info['width'] > $maxwidth || $info['height'] > $maxheight) { - form_set_error('picture_upload', t('The uploaded image is too large; the maximum dimensions are %dimensions pixels.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85')))); - } +function user_validate_picture(&$form_values, $form, &$form_state) { + // If required, validate the uploaded picture. + if (isset($form['picture']) && ($file = file_check_upload('picture_upload'))) { + // Check that uploaded file is an image, with a maximum file size + // and maximum height/width. + $info = image_get_info($file->filepath); + list($maxwidth, $maxheight) = explode('x', variable_get('user_picture_dimensions', '85x85')); - if (!form_get_errors()) { - if ($file = file_save_upload('picture_upload', variable_get('user_picture_path', 'pictures') .'/picture-'. $user->uid .'.'. $info['extension'], 1)) { - $form_values['picture'] = $file->filepath; + if (!$info || !$info['extension']) { + form_set_error('picture_upload', t('The uploaded file was not an image.')); } - else { - form_set_error('picture_upload', t("Failed to upload the picture image; the %directory directory doesn't exist or is not writable.", array('%directory' => variable_get('user_picture_path', 'pictures')))); + else if (image_get_toolkit()) { + image_scale($file->filepath, $file->filepath, $maxwidth, $maxheight); + } + else if (filesize($file->filepath) > (variable_get('user_picture_file_size', '30') * 1000)) { + form_set_error('picture_upload', t('The uploaded image is too large; the maximum file size is %size kB.', array('%size' => variable_get('user_picture_file_size', '30')))); + } + else if ($info['width'] > $maxwidth || $info['height'] > $maxheight) { + form_set_error('picture_upload', t('The uploaded image is too large; the maximum dimensions are %dimensions pixels.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85')))); + } + + if (!form_get_errors()) { + if ($file = file_save_upload('picture_upload', variable_get('user_picture_path', 'pictures') .'/picture-'. $form['#uid'] .'.'. $info['extension'], 1)) { + $form_values['picture'] = $file->filepath; + } + else { + form_set_error('picture_upload', t("Failed to upload the picture image; the %directory directory doesn't exist or is not writable.", array('%directory' => variable_get('user_picture_path', 'pictures')))); + } } } } @@ -522,8 +521,8 @@ function user_login_block() { $form = array( '#action' => url($_GET['q'], array('query' => drupal_get_destination())), '#id' => 'user-login-form', - '#validate' => array('user_login_validate' => array()), - '#submit' => array('user_login_submit' => array()), + '#validate' => array('user_login_validate'), + '#submit' => array('user_login_submit'), ); $form['name'] = array('#type' => 'textfield', '#title' => t('Username'), @@ -661,7 +660,7 @@ function user_block($op = 'list', $delta = 0, $edit = array()) { function theme_user_picture($account) { if (variable_get('user_pictures', 0)) { - if ($account->picture && file_exists($account->picture)) { + if (!empty($account->picture) && file_exists($account->picture)) { $picture = file_create_url($account->picture); } else if (variable_get('user_picture_default', '')) { @@ -1056,7 +1055,7 @@ function user_login($msg = '') { return $form; } -function user_login_validate($form_id, $form_values) { +function user_login_validate($form_values, $form, &$form_state) { if ($form_values['name']) { if (user_is_blocked($form_values['name'])) { // blocked in user administration @@ -1077,7 +1076,7 @@ function user_login_validate($form_id, $form_values) { } } -function user_login_submit($form_id, $form_values) { +function user_login_submit($form_values, $form, &$form_state) { global $user; if ($user->uid) { watchdog('user', 'Session opened for %name.', array('%name' => $user->name)); @@ -1088,7 +1087,8 @@ function user_login_submit($form_id, $form_values) { user_module_invoke('login', $form_values, $user); sess_regenerate(); - return 'user/'. $user->uid; + $form_state['redirect'] = 'user/'. $user->uid; + return; } } @@ -1171,7 +1171,7 @@ function user_pass() { return $form; } -function user_pass_validate($form_id, $form_values) { +function user_pass_validate($form_values, $form, &$form_state) { $name = trim($form_values['name']); if (valid_email_address($name)) { $account = user_load(array('mail' => $name, 'status' => 1)); @@ -1180,14 +1180,14 @@ function user_pass_validate($form_id, $form_values) { $account = user_load(array('name' => $name, 'status' => 1)); } if (isset($account->uid)) { - form_set_value(array('#parents' => array('account')), $account); + form_set_value(array('#parents' => array('account')), $account, $form_state); } else { form_set_error('name', t('Sorry, %name is not recognized as a user name or an e-mail address.', array('%name' => $name))); } } -function user_pass_submit($form_id, $form_values) { +function user_pass_submit($form_values, $form, &$form_state) { global $base_url; $account = $form_values['account']; @@ -1207,7 +1207,8 @@ function user_pass_submit($form_id, $form_values) { watchdog('user', 'Error mailing password reset instructions to %name at %email.', array('%name' => $account->name, '%email' => $account->mail), WATCHDOG_ERROR); drupal_set_message(t('Unable to send mail. Please contact the site admin.')); } - return 'user'; + $form_state['redirect'] = 'user'; + return; } /** @@ -1326,15 +1327,16 @@ function user_register() { $form = array_merge($form, $extra); } $form['submit'] = array('#type' => 'submit', '#value' => t('Create new account'), '#weight' => 30); + $form['#validate'][] = 'user_register_validate'; return $form; } -function user_register_validate($form_id, $form_values) { +function user_register_validate($form_values, $form, &$form_state) { user_module_invoke('validate', $form_values, $form_values, 'account'); } -function user_register_submit($form_id, $form_values) { +function user_register_submit($form_values, $form, &$form_state) { global $base_url; $admin = user_access('administer users'); @@ -1357,7 +1359,8 @@ function user_register_submit($form_id, $form_values) { if (!$admin && array_intersect(array_keys($form_values), array('uid', 'roles', 'init', 'session', 'status'))) { watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING); - return 'user/register'; + $form_state['redirect'] = 'user/register'; + return; } //the unset below is needed to prevent these form values from being saved as user data unset($form_values['form_token'], $form_values['submit'], $form_values['op'], $form_values['notify'], $form_values['form_id'], $form_values['affiliates'], $form_values['destination']); @@ -1368,6 +1371,8 @@ function user_register_submit($form_id, $form_values) { $merge_data['status'] = variable_get('user_register', 1) == 1; } $account = user_save('', array_merge($form_values, $merge_data)); + $form_state['user'] = $account; + watchdog('user', 'New user: %name (%email).', array('%name' => $name, '%email' => $mail), WATCHDOG_NOTICE, l(t('edit'), 'user/'. $account->uid .'/edit')); $variables = array('!username' => $name, '!site' => variable_get('site_name', 'Drupal'), '!password' => $pass, '!uri' => $base_url, '!uri_brief' => substr($base_url, strlen('http://')), '!mailto' => $mail, '!date' => format_date(time()), '!login_uri' => url('user', array('absolute' => TRUE)), '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE)), '!login_url' => user_pass_reset_url($account)); @@ -1378,9 +1383,11 @@ function user_register_submit($form_id, $form_values) { if (variable_get('user_email_verification', TRUE)) { drupal_set_message(t('

Your password is %pass. You may change your password below.

', array('%pass' => $pass))); } + user_authenticate($account->name, trim($pass)); - return 'user/1/edit'; + $form_state['redirect'] = 'user/1/edit'; + return; } else { if ($admin && !$notify) { @@ -1392,7 +1399,8 @@ function user_register_submit($form_id, $form_values) { $body = _user_mail_text('welcome_body', $variables); drupal_mail('user-register-welcome', $mail, $subject, $body, $from); user_authenticate($account->name, trim($pass)); - return ''; + $form_state['redirect'] = ''; + return; } else if ($account->status || $notify) { // Create new user account, no administrator approval required. @@ -1406,7 +1414,8 @@ function user_register_submit($form_id, $form_values) { } else { drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.')); - return ''; + $form_state['redirect'] = ''; + return; } } else { @@ -1498,7 +1507,9 @@ function user_edit_form($uid, $edit, $register = FALSE) { $form['picture']['picture_delete'] = array('#type' => 'hidden'); } $form['picture']['picture_upload'] = array('#type' => 'file', '#title' => t('Upload picture'), '#size' => 48, '#description' => t('Your virtual face or picture. Maximum dimensions are %dimensions and the maximum size is %size kB.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'), '%size' => variable_get('user_picture_file_size', '30'))) .' '. variable_get('user_picture_guidelines', '')); + $form['#validate'][] = 'user_validate_picture'; } + $form['#uid'] = $uid; return $form; } @@ -1528,11 +1539,6 @@ function _user_edit_validate($uid, &$edit) { else if (drupal_is_denied('mail', $edit['mail'])) { form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => $edit['mail']))); } - - // If required, validate the uploaded picture. - if ($file = file_check_upload('picture_upload')) { - user_validate_picture($file, $edit, $user); - } } function _user_edit_submit($uid, &$edit) { @@ -1587,6 +1593,7 @@ function user_edit($category = 'account') { $form['delete'] = array('#type' => 'submit', '#value' => t('Delete'), '#weight' => 31); } $form['#attributes']['enctype'] = 'multipart/form-data'; + $form['#validate'][] = 'user_edit_validate'; drupal_set_title(check_plain($account->name)); return $form; @@ -1618,7 +1625,7 @@ function user_delete($edit, $uid) { module_invoke_all('user', 'delete', $edit, $account); } -function user_edit_validate($form_id, $form_values) { +function user_edit_validate($form_values, $form, &$form_state) { user_module_invoke('validate', $form_values, $form_values['_account'], $form_values['_category']); // Validate input to ensure that non-privileged users can't alter protected data. if ((!user_access('administer users') && array_intersect(array_keys($form_values), array('uid', 'init', 'session'))) || (!user_access('administer access control') && isset($form_values['roles']))) { @@ -1628,7 +1635,7 @@ function user_edit_validate($form_id, $form_values) { } } -function user_edit_submit($form_id, $form_values) { +function user_edit_submit($form_values, $form, &$form_state) { $account = $form_values['_account']; $category = $form_values['_category']; unset($form_values['_account'], $form_values['op'], $form_values['submit'], $form_values['delete'], $form_values['form_token'], $form_values['form_id'], $form_values['_category']); @@ -1639,7 +1646,8 @@ function user_edit_submit($form_id, $form_values) { cache_clear_all(); drupal_set_message(t('The changes have been saved.')); - return 'user/'. $account->uid; + $form_state['redirect'] = 'user/'. $account->uid; + return; } function user_view($account) { @@ -1701,8 +1709,8 @@ function user_admin_check_user() { $form['user']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a username to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => USERNAME_MAX_LENGTH); $form['user']['type'] = array('#type' => 'hidden', '#value' => 'user'); $form['user']['submit'] = array('#type' => 'submit', '#value' => t('Check username')); - $form['#submit']['user_admin_access_check_submit'] = array(); - $form['#validate']['user_admin_access_check_validate'] = array(); + $form['#submit'][] = 'user_admin_access_check_submit'; + $form['#validate'][] = 'user_admin_access_check_validate'; $form['#theme'] = 'user_admin_access_check'; return $form; } @@ -1712,8 +1720,8 @@ function user_admin_check_mail() { $form['mail']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter an e-mail address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => EMAIL_MAX_LENGTH); $form['mail']['type'] = array('#type' => 'hidden', '#value' => 'mail'); $form['mail']['submit'] = array('#type' => 'submit', '#value' => t('Check e-mail')); - $form['#submit']['user_admin_access_check_submit'] = array(); - $form['#validate']['user_admin_access_check_validate'] = array(); + $form['#submit'][] = 'user_admin_access_check_submit'; + $form['#validate'][] = 'user_admin_access_check_validate'; $form['#theme'] = 'user_admin_access_check'; return $form; } @@ -1723,8 +1731,8 @@ function user_admin_check_host() { $form['host']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a hostname or IP address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => 64); $form['host']['type'] = array('#type' => 'hidden', '#value' => 'host'); $form['host']['submit'] = array('#type' => 'submit', '#value' => t('Check hostname')); - $form['#submit']['user_admin_access_check_submit'] = array(); - $form['#validate']['user_admin_access_check_validate'] = array(); + $form['#submit'][] = 'user_admin_access_check_submit'; + $form['#validate'][] = 'user_admin_access_check_validate'; $form['#theme'] = 'user_admin_access_check'; return $form; } @@ -1739,13 +1747,13 @@ function user_admin_access_check() { return $output; } -function user_admin_access_check_validate($form_id, $form_values) { +function user_admin_access_check_validate($form_values, $form, &$form_state) { if (empty($form_values['test'])) { form_set_error($form_values['type'], t('No value entered. Please enter a test string and try again.')); } } -function user_admin_access_check_submit($form_id, $form_values) { +function user_admin_access_check_submit($form_values, $form, &$form_state) { switch ($form_values['type']) { case 'user': if (drupal_is_denied('user', $form_values['test'])) { @@ -1816,10 +1824,11 @@ function user_admin_access_delete_confirm($aid = 0) { return $output; } -function user_admin_access_delete_confirm_submit($form_id, $form_values) { +function user_admin_access_delete_confirm_submit($form_values, $form, &$form_state) { db_query('DELETE FROM {access} WHERE aid = %d', $form_values['aid']); drupal_set_message(t('The access rule has been deleted.')); - return 'admin/user/rules'; + $form_state['redirect'] = 'admin/user/rules'; + return; } /** @@ -2008,7 +2017,7 @@ function theme_user_admin_perm($form) { return $output; } -function user_admin_perm_submit($form_id, $form_values) { +function user_admin_perm_submit($form_values, $form, &$form_state) { // Save permissions: $result = db_query('SELECT * FROM {role}'); while ($role = db_fetch_object($result)) { @@ -2073,13 +2082,13 @@ function user_admin_role() { '#type' => 'submit', '#value' => t('Add role'), ); - $form['#submit']['user_admin_role_submit'] = array(); - $form['#validate']['user_admin_role_validate'] = array(); + $form['#submit'][] = 'user_admin_role_submit'; + $form['#validate'][] = 'user_admin_role_validate'; } return $form; } -function user_admin_role_validate($form_id, $form_values) { +function user_admin_role_validate($form_values, $form, &$form_state) { if ($form_values['name']) { if ($form_values['op'] == t('Save role')) { if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s' AND rid != %d", $form_values['name'], $form_values['rid']))) { @@ -2097,7 +2106,7 @@ function user_admin_role_validate($form_id, $form_values) { } } -function user_admin_role_submit($form_id, $form_values) { +function user_admin_role_submit($form_values, $form, &$form_state) { if ($form_values['op'] == t('Save role')) { db_query("UPDATE {role} SET name = '%s' WHERE rid = %d", $form_values['name'], $form_values['rid']); drupal_set_message(t('The role has been renamed.')); @@ -2114,7 +2123,8 @@ function user_admin_role_submit($form_id, $form_values) { db_query("INSERT INTO {role} (name) VALUES ('%s')", $form_values['name']); drupal_set_message(t('The role has been added.')); } - return 'admin/user/roles'; + $form_state['redirect'] = 'admin/user/roles'; + return; } function theme_user_admin_new_role($form) { @@ -2248,7 +2258,7 @@ function theme_user_admin_account($form) { /** * Submit the user administration update form. */ -function user_admin_account_submit($form_id, $form_values) { +function user_admin_account_submit($form_values, $form, &$form_state) { $operations = module_invoke_all('user_operations'); $operation = $operations[$form_values['operation']]; // Filter out unchecked accounts. @@ -2267,7 +2277,7 @@ function user_admin_account_submit($form_id, $form_values) { } } -function user_admin_account_validate($form_id, $form_values) { +function user_admin_account_validate($form_values, $form, &$form_state) { $form_values['accounts'] = array_filter($form_values['accounts']); if (count($form_values['accounts']) == 0) { form_set_error('', t('No users selected.')); @@ -2419,14 +2429,15 @@ function user_multiple_delete_confirm() { t('Delete all'), t('Cancel')); } -function user_multiple_delete_confirm_submit($form_id, $form_values) { +function user_multiple_delete_confirm_submit($form_values, $form, &$form_state) { if ($form_values['confirm']) { foreach ($form_values['accounts'] as $uid => $value) { user_delete($form_values, $uid); } drupal_set_message(t('The users have been deleted.')); } - return 'admin/user/user'; + $form_state['redirect'] = 'admin/user/user'; + return; } function user_admin_settings() { @@ -2787,7 +2798,7 @@ function theme_user_filters($form) { /** * Process result from user administration filter form. */ -function user_filter_form_submit($form_id, $form_values) { +function user_filter_form_submit($form_values, $form, &$form_state) { $op = $form_values['op']; $filters = user_filters(); switch ($op) { @@ -2811,7 +2822,8 @@ function user_filter_form_submit($form_id, $form_values) { return; } - return 'admin/user/user'; + $form_state['redirect'] = 'admin/user/user'; + return; } -- cgit v1.2.3