manuelcillero/suitedesk
manuelcillero/suitedesk
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial code using Drupal 6.38

Browse source
This commit is contained in:
Manuel Cillero 2017-07-24 15:21:05 +02:00
commit 4824608a33
467 changed files with 90887 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/user/user-picture.tpl.php Normal file
View file

@ -0,0 +1,19 @@
<?php
/**
* @file user-picture.tpl.php
* Default theme implementation to present an picture configured for the
* user's account.
*
* Available variables:
* - $picture: Image set by the user or the site's default. Will be linked
* depending on the viewer's permission to view the users profile page.
* - $account: Array of account information. Potentially unsafe. Be sure to
* check_plain() before use.
*
* @see template_preprocess_user_picture()
*/
?>
<div class="picture">
<?php print $picture; ?>
</div>

33
modules/user/user-profile-category.tpl.php Normal file
View file

@ -0,0 +1,33 @@
<?php
/**
* @file user-profile-category.tpl.php
* Default theme implementation to present profile categories (groups of
* profile items).
*
* Categories are defined when configuring user profile fields for the site.
* It can also be defined by modules. All profile items for a category will be
* output through the $profile_items variable.
*
* @see user-profile-item.tpl.php
* where each profile item is rendered. It is implemented as a definition
* list by default.
* @see user-profile.tpl.php
* where all items and categories are collected and printed out.
*
* Available variables:
* - $title: Category title for the group of items.
* - $profile_items: All the items for the group rendered through
* user-profile-item.tpl.php.
* - $attributes: HTML attributes. Usually renders classes.
*
* @see template_preprocess_user_profile_category()
*/
?>
<?php if ($title) : ?>
<h3><?php print $title; ?></h3>
<?php endif; ?>
<dl<?php print $attributes; ?>>
<?php print $profile_items; ?>
</dl>

26
modules/user/user-profile-item.tpl.php Normal file
View file

@ -0,0 +1,26 @@
<?php
/**
* @file user-profile-item.tpl.php
* Default theme implementation to present profile items (values from user
* account profile fields or modules).
*
* This template is used to loop through and render each field configured
* for the user's account. It can also be the data from modules. The output is
* grouped by categories.
*
* @see user-profile-category.tpl.php
* for the parent markup. Implemented as a definition list by default.
* @see user-profile.tpl.php
* where all items and categories are collected and printed out.
*
* Available variables:
* - $title: Field title for the profile item.
* - $value: User defined value for the profile item or data from a module.
* - $attributes: HTML attributes. Usually renders classes.
*
* @see template_preprocess_user_profile_item()
*/
?>
<dt<?php print $attributes; ?>><?php print $title; ?></dt>
<dd<?php print $attributes; ?>><?php print $value; ?></dd>

45
modules/user/user-profile.tpl.php Normal file
View file

@ -0,0 +1,45 @@
<?php
/**
* @file user-profile.tpl.php
* Default theme implementation to present all user profile data.
*
* This template is used when viewing a registered member's profile page,
* e.g., example.com/user/123. 123 being the users ID.
*
* By default, all user profile data is printed out with the $user_profile
* variable. If there is a need to break it up you can use $profile instead.
* It is keyed to the name of each category or other data attached to the
* account. If it is a category it will contain all the profile items. By
* default $profile['summary'] is provided which contains data on the user's
* history. Other data can be included by modules. $profile['user_picture'] is
* available by default showing the account picture.
*
* Also keep in mind that profile items and their categories can be defined by
* site administrators. They are also available within $profile. For example,
* if a site is configured with a category of "contact" with
* fields for of addresses, phone numbers and other related info, then doing a
* straight print of $profile['contact'] will output everything in the
* category. This is useful for altering source order and adding custom
* markup for the group.
*
* To check for all available data within $profile, use the code below.
* @code
* print '<pre>'. check_plain(print_r($profile, 1)) .'</pre>';
* @endcode
*
* Available variables:
* - $user_profile: All user profile data. Ready for print.
* - $profile: Keyed array of profile categories and their items or other data
* provided by modules.
*
* @see user-profile-category.tpl.php
* Where the html is handled for the group.
* @see user-profile-item.tpl.php
* Where the html is handled for each item in the group.
* @see template_preprocess_user_profile()
*/
?>
<div class="profile">
<?php print $user_profile; ?>
</div>

21
modules/user/user-rtl.css Normal file
View file

@ -0,0 +1,21 @@
#permissions td.permission {
padding-left: 0;
padding-right: 1.5em;
}
#access-rules .access-type, #access-rules .rule-type {
margin-right: 0;
margin-left: 1em;
float: right;
}
#user-admin-buttons {
float: right;
margin-left: 0;
margin-right: 0.5em;
clear: left;
}
.profile .picture {
float: left;
margin: 0 0 1em 1em;
}

1034
modules/user/user.admin.inc Normal file
View file

File diff suppressed because it is too large Load diff

58
modules/user/user.css Normal file
View file

@ -0,0 +1,58 @@
#permissions td.module {
font-weight: bold;
}
#permissions td.permission {
padding-left: 1.5em; /* LTR */
}
#access-rules .access-type, #access-rules .rule-type {
margin-right: 1em; /* LTR */
float: left; /* LTR */
}
#access-rules .access-type .form-item, #access-rules .rule-type .form-item {
margin-top: 0;
}
#access-rules .mask {
clear: both;
}
#user-login-form {
text-align: center;
}
#user-admin-filter ul {
list-style-type: none;
padding: 0;
margin: 0;
width: 100%;
}
#user-admin-buttons {
float: left; /* LTR */
margin-left: 0.5em; /* LTR */
clear: right; /* LTR */
}
#user-admin-settings fieldset .description {
font-size: 0.85em;
padding-bottom: .5em;
}
/* Generated by user.module but used by profile.module: */
.profile {
clear: both;
margin: 1em 0;
}
.profile .picture {
float: right; /* LTR */
margin: 0 1em 1em 0; /* LTR */
}
.profile h3 {
border-bottom: 1px solid #ccc;
}
.profile dl {
margin: 0 0 1.5em 0;
}
.profile dt {
margin: 0 0 0.2em 0;
font-weight: bold;
}
.profile dd {
margin: 0 0 1em 0;
}

11
modules/user/user.info Normal file
View file

@ -0,0 +1,11 @@
name = User
description = Manages the user registration and login system.
package = Core - required
version = VERSION
core = 6.x
; Information added by Drupal.org packaging script on 2016-02-24
version = "6.38"
project = "drupal"
datestamp = "1456343372"

296
modules/user/user.install Normal file
View file

@ -0,0 +1,296 @@
<?php
/**
* Implementation of hook_schema().
*/
function user_schema() {
$schema['access'] = array(
'description' => 'Stores site access rules.',
'fields' => array(
'aid' => array(
'type' => 'serial',
'not null' => TRUE,
'description' => 'Primary Key: Unique access ID.',
),
'mask' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => 'Text mask used for filtering access.',
),
'type' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => 'Type of access rule: name, mail or host.',
),
'status' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'size' => 'tiny',
'description' => 'Whether rule is to allow(1) or deny(0) access.',
),
),
'primary key' => array('aid'),
);
$schema['authmap'] = array(
'description' => 'Stores distributed authentication mapping.',
'fields' => array(
'aid' => array(
'description' => 'Primary Key: Unique authmap ID.',
'type' => 'serial',
'unsigned' => TRUE,
'not null' => TRUE,
),
'uid' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'description' => "User's {users}.uid.",
),
'authname' => array(
'type' => 'varchar',
'length' => 128,
'not null' => TRUE,
'default' => '',
'description' => 'Unique authentication name.',
),
'module' => array(
'type' => 'varchar',
'length' => 128,
'not null' => TRUE,
'default' => '',
'description' => 'Module which is controlling the authentication.',
),
),
'unique keys' => array('authname' => array('authname')),
'primary key' => array('aid'),
);
$schema['permission'] = array(
'description' => 'Stores permissions for users.',
'fields' => array(
'pid' => array(
'type' => 'serial',
'not null' => TRUE,
'description' => 'Primary Key: Unique permission ID.',
),
'rid' => array(
'type' => 'int',
'unsigned' => TRUE,
'not null' => TRUE,
'default' => 0,
'description' => 'The {role}.rid to which the permissions are assigned.',
),
'perm' => array(
'type' => 'text',
'not null' => FALSE,
'size' => 'big',
'description' => 'List of permissions being assigned.',
),
'tid' => array(
'type' => 'int',
'unsigned' => TRUE,
'not null' => TRUE,
'default' => 0,
'description' => 'Originally intended for taxonomy-based permissions, but never used.',
),
),
'primary key' => array('pid'),
'indexes' => array('rid' => array('rid')),
);
$schema['role'] = array(
'description' => 'Stores user roles.',
'fields' => array(
'rid' => array(
'type' => 'serial',
'unsigned' => TRUE,
'not null' => TRUE,
'description' => 'Primary Key: Unique role id.',
),
'name' => array(
'type' => 'varchar',
'length' => 64,
'not null' => TRUE,
'default' => '',
'description' => 'Unique role name.',
),
),
'unique keys' => array('name' => array('name')),
'primary key' => array('rid'),
);
$schema['users'] = array(
'description' => 'Stores user data.',
'fields' => array(
'uid' => array(
'type' => 'serial',
'unsigned' => TRUE,
'not null' => TRUE,
'description' => 'Primary Key: Unique user ID.',
),
'name' => array(
'type' => 'varchar',
'length' => 60,
'not null' => TRUE,
'default' => '',
'description' => 'Unique user name.',
),
'pass' => array(
'type' => 'varchar',
'length' => 32,
'not null' => TRUE,
'default' => '',
'description' => "User's password (md5 hash).",
),
'mail' => array(
'type' => 'varchar',
'length' => 64,
'not null' => FALSE,
'default' => '',
'description' => "User's email address.",
),
'mode' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'size' => 'tiny',
'description' => 'Per-user comment display mode (threaded vs. flat), used by the {comment} module.',
),
'sort' => array(
'type' => 'int',
'not null' => FALSE,
'default' => 0,
'size' => 'tiny',
'description' => 'Per-user comment sort order (newest vs. oldest first), used by the {comment} module.',
),
'threshold' => array(
'type' => 'int',
'not null' => FALSE,
'default' => 0,
'size' => 'tiny',
'description' => 'Previously used by the {comment} module for per-user preferences; no longer used.',
),
'theme' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => "User's default theme.",
),
'signature' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => "User's signature.",
),
'signature_format' => array(
'type' => 'int',
'size' => 'small',
'not null' => TRUE,
'default' => 0,
'description' => 'The {filter_formats}.format of the signature.',
),
'created' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'description' => 'Timestamp for when user was created.',
),
'access' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'description' => 'Timestamp for previous time user accessed the site.',
),
'login' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'description' => "Timestamp for user's last login.",
),
'status' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'size' => 'tiny',
'description' => 'Whether the user is active(1) or blocked(0).',
),
'timezone' => array(
'type' => 'varchar',
'length' => 8,
'not null' => FALSE,
'description' => "User's timezone.",
),
'language' => array(
'type' => 'varchar',
'length' => 12,
'not null' => TRUE,
'default' => '',
'description' => "User's default language.",
),
'picture' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => "Path to the user's uploaded picture.",
),
'init' => array(
'type' => 'varchar',
'length' => 64,
'not null' => FALSE,
'default' => '',
'description' => 'Email address used for initial account creation.',
),
'data' => array(
'type' => 'text',
'not null' => FALSE,
'size' => 'big',
'description' => 'A serialized array of name value pairs that are related to the user. Any form values posted during user edit are stored and are loaded into the $user object during user_load(). Use of this field is discouraged and it will likely disappear in a future version of Drupal.',
),
),
'indexes' => array(
'access' => array('access'),
'created' => array('created'),
'mail' => array('mail'),
),
'unique keys' => array(
'name' => array('name'),
),
'primary key' => array('uid'),
);
$schema['users_roles'] = array(
'description' => 'Maps users to roles.',
'fields' => array(
'uid' => array(
'type' => 'int',
'unsigned' => TRUE,
'not null' => TRUE,
'default' => 0,
'description' => 'Primary Key: {users}.uid for user.',
),
'rid' => array(
'type' => 'int',
'unsigned' => TRUE,
'not null' => TRUE,
'default' => 0,
'description' => 'Primary Key: {role}.rid for role.',
),
),
'primary key' => array('uid', 'rid'),
'indexes' => array(
'rid' => array('rid'),
),
);
return $schema;
}

187
modules/user/user.js Normal file
View file

@ -0,0 +1,187 @@
/**
* Attach handlers to evaluate the strength of any password fields and to check
* that its confirmation is correct.
*/
Drupal.behaviors.password = function(context) {
var translate = Drupal.settings.password;
$("input.password-field:not(.password-processed)", context).each(function() {
var passwordInput = $(this).addClass('password-processed');
var parent = $(this).parent();
// Wait this number of milliseconds before checking password.
var monitorDelay = 700;
// Add the password strength layers.
$(this).after('<span class="password-strength"><span class="password-title">'+ translate.strengthTitle +'</span> <span class="password-result"></span></span>').parent();
var passwordStrength = $("span.password-strength", parent);
var passwordResult = $("span.password-result", passwordStrength);
parent.addClass("password-parent");
// Add the password confirmation layer.
var outerItem = $(this).parent().parent();
$("input.password-confirm", outerItem).after('<span class="password-confirm">'+ translate["confirmTitle"] +' <span></span></span>').parent().addClass("confirm-parent");
var confirmInput = $("input.password-confirm", outerItem);
var confirmResult = $("span.password-confirm", outerItem);
var confirmChild = $("span", confirmResult);
// Add the description box at the end.
$(confirmInput).parent().after('<div class="password-description"></div>');
var passwordDescription = $("div.password-description", $(this).parent().parent()).hide();
// Check the password fields.
var passwordCheck = function () {
// Remove timers for a delayed check if they exist.
if (this.timer) {
clearTimeout(this.timer);
}
// Verify that there is a password to check.
if (!passwordInput.val()) {
passwordStrength.css({ visibility: "hidden" });
passwordDescription.hide();
return;
}
// Evaluate password strength.
var result = Drupal.evaluatePasswordStrength(passwordInput.val());
passwordResult.html(result.strength == "" ? "" : translate[result.strength +"Strength"]);
// Map the password strength to the relevant drupal CSS class.
var classMap = { low: "error", medium: "warning", high: "ok" };
var newClass = classMap[result.strength] || "";
// Remove the previous styling if any exists; add the new class.
if (this.passwordClass) {
passwordResult.removeClass(this.passwordClass);
passwordDescription.removeClass(this.passwordClass);
}
passwordDescription.html(result.message);
passwordResult.addClass(newClass);
if (result.strength == "high") {
passwordDescription.hide();
}
else {
passwordDescription.addClass(newClass);
}
this.passwordClass = newClass;
// Check that password and confirmation match.
// Hide the result layer if confirmation is empty, otherwise show the layer.
confirmResult.css({ visibility: (confirmInput.val() == "" ? "hidden" : "visible") });
var success = passwordInput.val() == confirmInput.val();
// Remove the previous styling if any exists.
if (this.confirmClass) {
confirmChild.removeClass(this.confirmClass);
}
// Fill in the correct message and set the class accordingly.
var confirmClass = success ? "ok" : "error";
confirmChild.html(translate["confirm"+ (success ? "Success" : "Failure")]).addClass(confirmClass);
this.confirmClass = confirmClass;
// Show the indicator and tips.
passwordStrength.css({ visibility: "visible" });
passwordDescription.show();
};
// Do a delayed check on the password fields.
var passwordDelayedCheck = function() {
// Postpone the check since the user is most likely still typing.
if (this.timer) {
clearTimeout(this.timer);
}
// When the user clears the field, hide the tips immediately.
if (!passwordInput.val()) {
passwordStrength.css({ visibility: "hidden" });
passwordDescription.hide();
return;
}
// Schedule the actual check.
this.timer = setTimeout(passwordCheck, monitorDelay);
};
// Monitor keyup and blur events.
// Blur must be used because a mouse paste does not trigger keyup.
passwordInput.keyup(passwordDelayedCheck).blur(passwordCheck);
confirmInput.keyup(passwordDelayedCheck).blur(passwordCheck);
});
};
/**
* Evaluate the strength of a user's password.
*
* Returns the estimated strength and the relevant output message.
*/
Drupal.evaluatePasswordStrength = function(value) {
var strength = "", msg = "", translate = Drupal.settings.password;
var hasLetters = value.match(/[a-zA-Z]+/);
var hasNumbers = value.match(/[0-9]+/);
var hasPunctuation = value.match(/[^a-zA-Z0-9]+/);
var hasCasing = value.match(/[a-z]+.*[A-Z]+|[A-Z]+.*[a-z]+/);
// Check if the password is blank.
if (!value.length) {
strength = "";
msg = "";
}
// Check if length is less than 6 characters.
else if (value.length < 6) {
strength = "low";
msg = translate.tooShort;
}
// Check if password is the same as the username (convert both to lowercase).
else if (value.toLowerCase() == translate.username.toLowerCase()) {
strength = "low";
msg = translate.sameAsUsername;
}
// Check if it contains letters, numbers, punctuation, and upper/lower case.
else if (hasLetters && hasNumbers && hasPunctuation && hasCasing) {
strength = "high";
}
// Password is not secure enough so construct the medium-strength message.
else {
// Extremely bad passwords still count as low.
var count = (hasLetters ? 1 : 0) + (hasNumbers ? 1 : 0) + (hasPunctuation ? 1 : 0) + (hasCasing ? 1 : 0);
strength = count > 1 ? "medium" : "low";
msg = [];
if (!hasLetters || !hasCasing) {
msg.push(translate.addLetters);
}
if (!hasNumbers) {
msg.push(translate.addNumbers);
}
if (!hasPunctuation) {
msg.push(translate.addPunctuation);
}
msg = translate.needsMoreVariation +"<ul><li>"+ msg.join("</li><li>") +"</li></ul>";
}
return { strength: strength, message: msg };
};
/**
* Set the client's system timezone as default values of form fields.
*/
Drupal.setDefaultTimezone = function() {
var offset = new Date().getTimezoneOffset() * -60;
$("#edit-date-default-timezone, #edit-user-register-timezone").val(offset);
};
/**
* On the admin/user/settings page, conditionally show all of the
* picture-related form elements depending on the current value of the
* "Picture support" radio buttons.
*/
Drupal.behaviors.userSettings = function (context) {
$('div.user-admin-picture-radios input[type=radio]:not(.userSettings-processed)', context).addClass('userSettings-processed').click(function () {
$('div.user-admin-picture-settings', context)[['hide', 'show'][this.value]]();
});
};

2607
modules/user/user.module Normal file
View file

File diff suppressed because it is too large Load diff

381
modules/user/user.pages.inc Normal file
View file

@ -0,0 +1,381 @@
<?php
/**
* @file
* User page callback file for the user module.
*/
/**
* Menu callback; Retrieve a JSON object containing autocomplete suggestions for existing users.
*/
function user_autocomplete($string = '') {
$matches = array();
if ($string) {
$result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER('%s%%')", $string, 0, 10);
while ($user = db_fetch_object($result)) {
$matches[$user->name] = check_plain($user->name);
}
}
drupal_json($matches);
}
/**
* Form builder; Request a password reset.
*
* @ingroup forms
* @see user_pass_validate()
* @see user_pass_submit()
*/
function user_pass() {
$form['name'] = array(
'#type' => 'textfield',
'#title' => t('Username or e-mail address'),
'#size' => 60,
'#maxlength' => max(USERNAME_MAX_LENGTH, EMAIL_MAX_LENGTH),
'#required' => TRUE,
);
$form['submit'] = array('#type' => 'submit', '#value' => t('E-mail new password'));
return $form;
}
function user_pass_validate($form, &$form_state) {
$name = trim($form_state['values']['name']);
// Try to load by email.
$account = user_load(array('mail' => $name, 'status' => 1));
if (!$account) {
// No success, try to load by name.
$account = user_load(array('name' => $name, 'status' => 1));
}
if ($account) {
// Blocked accounts cannot request a new password,
// check provided username and email against access rules.
if (drupal_is_denied('user', $account->name) || drupal_is_denied('mail', $account->mail)) {
form_set_error('name', t('%name is not allowed to request a new password.', array('%name' => $name)));
}
}
if (isset($account->uid)) {
form_set_value(array('#parents' => array('account')), $account, $form_state);
}
else {
form_set_error('name', t('Sorry, %name is not recognized as a user name or an e-mail address.', array('%name' => $name)));
}
}
function user_pass_submit($form, &$form_state) {
global $language;
$account = $form_state['values']['account'];
// Mail one time login URL and instructions using current language.
_user_mail_notify('password_reset', $account, $language);
watchdog('user', 'Password reset instructions mailed to %name at %email.', array('%name' => $account->name, '%email' => $account->mail));
drupal_set_message(t('Further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = 'user';
return;
}
/**
* Menu callback; process one time login link and redirects to the user page on success.
*/
function user_pass_reset(&$form_state, $uid, $timestamp, $hashed_pass, $action = NULL) {
global $user;
// Check if the user is already logged in. The back button is often the culprit here.
if ($user->uid) {
drupal_set_message(t('You have already used this one-time login link. It is not necessary to use this link to login anymore. You are already logged in.'));
drupal_goto();
}
else {
// Time out, in seconds, until login URL expires. 24 hours = 86400 seconds.
$timeout = 86400;
$current = time();
// Some redundant checks for extra security ?
if ($timestamp < $current && $account = user_load(array('uid' => $uid, 'status' => 1)) ) {
// Deny one-time login to blocked accounts.
if (drupal_is_denied('user', $account->name) || drupal_is_denied('mail', $account->mail)) {
drupal_set_message(t('You have tried to use a one-time login for an account which has been blocked.'), 'error');
drupal_goto();
}
// No time out for first time login.
if ($account->login && $current - $timestamp > $timeout) {
drupal_set_message(t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'));
drupal_goto('user/password');
}
else if ($account->uid && $timestamp > $account->login && $timestamp < $current && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid)) {
// First stage is a confirmation form, then login
if ($action == 'login') {
watchdog('user', 'User %name used one-time login link at time %timestamp.', array('%name' => $account->name, '%timestamp' => $timestamp));
// Set the new user.
$user = $account;
// user_authenticate_finalize() also updates the login timestamp of the
// user, which invalidates further use of the one-time login link.
user_authenticate_finalize($form_state['values']);
drupal_set_message(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.'));
drupal_goto('user/'. $user->uid .'/edit');
}
else {
$form['message'] = array('#value' => t('<p>This is a one-time login for %user_name and will expire on %expiration_date.</p><p>Click on this button to login to the site and change your password.</p>', array('%user_name' => $account->name, '%expiration_date' => format_date($timestamp + $timeout))));
$form['help'] = array('#value' => '<p>'. t('This login can be used only once.') .'</p>');
$form['submit'] = array('#type' => 'submit', '#value' => t('Log in'));
$form['#action'] = url("user/reset/$uid/$timestamp/$hashed_pass/login");
return $form;
}
}
else {
drupal_set_message(t('You have tried to use a one-time login link which has either been used or is no longer valid. Please request a new one using the form below.'));
drupal_goto('user/password');
}
}
else {
// Deny access, no more clues.
// Everything will be in the watchdog's URL for the administrator to check.
drupal_access_denied();
}
}
}
/**
* Menu callback; logs the current user out, and redirects to the home page.
*/
function user_logout() {
global $user;
watchdog('user', 'Session closed for %name.', array('%name' => $user->name));
// Destroy the current session:
session_destroy();
// Only variables can be passed by reference workaround.
$null = NULL;
user_module_invoke('logout', $null, $user);
// Load the anonymous user
$user = drupal_anonymous_user();
drupal_goto();
}
/**
* Menu callback; Displays a user or user profile page.
*/
function user_view($account) {
drupal_set_title(check_plain($account->name));
// Retrieve all profile fields and attach to $account->content.
user_build_content($account);
// To theme user profiles, copy modules/user/user_profile.tpl.php
// to your theme directory, and edit it as instructed in that file's comments.
return theme('user_profile', $account);
}
/**
* Process variables for user-profile.tpl.php.
*
* The $variables array contains the following arguments:
* - $account
*
* @see user-picture.tpl.php
*/
function template_preprocess_user_profile(&$variables) {
$variables['profile'] = array();
// Sort sections by weight
uasort($variables['account']->content, 'element_sort');
// Provide keyed variables so themers can print each section independantly.
foreach (element_children($variables['account']->content) as $key) {
$variables['profile'][$key] = drupal_render($variables['account']->content[$key]);
}
// Collect all profiles to make it easier to print all items at once.
$variables['user_profile'] = implode($variables['profile']);
}
/**
* Process variables for user-profile-item.tpl.php.
*
* The $variables array contains the following arguments:
* - $element
*
* @see user-profile-item.tpl.php
*/
function template_preprocess_user_profile_item(&$variables) {
$variables['title'] = $variables['element']['#title'];
$variables['value'] = $variables['element']['#value'];
$variables['attributes'] = '';
if (isset($variables['element']['#attributes'])) {
$variables['attributes'] = drupal_attributes($variables['element']['#attributes']);
}
}
/**
* Process variables for user-profile-category.tpl.php.
*
* The $variables array contains the following arguments:
* - $element
*
* @see user-profile-category.tpl.php
*/
function template_preprocess_user_profile_category(&$variables) {
$variables['title'] = check_plain($variables['element']['#title']);
$variables['profile_items'] = $variables['element']['#children'];
$variables['attributes'] = '';
if (isset($variables['element']['#attributes'])) {
$variables['attributes'] = drupal_attributes($variables['element']['#attributes']);
}
}
/**
* Form builder; Present the form to edit a given user or profile category.
*
* @ingroup forms
* @see user_edit_validate()
* @see user_edit_submit()
*/
function user_edit($account, $category = 'account') {
drupal_set_title(check_plain($account->name));
return drupal_get_form('user_profile_form', $account, $category);
}
/**
* Form builder; edit a user account or one of their profile categories.
*
* @ingroup forms
* @see user_profile_form_validate()
* @see user_profile_form_submit()
* @see user_edit_delete_submit()
*/
function user_profile_form($form_state, $account, $category = 'account') {
$edit = (empty($form_state['values'])) ? (array)$account : $form_state['values'];
$form = _user_forms($edit, $account, $category);
$form['_category'] = array('#type' => 'value', '#value' => $category);
$form['_account'] = array('#type' => 'value', '#value' => $account);
$form['submit'] = array('#type' => 'submit', '#value' => t('Save'), '#weight' => 30);
if (user_access('administer users')) {
$form['delete'] = array(
'#type' => 'submit',
'#value' => t('Delete'),
'#weight' => 31,
'#submit' => array('user_edit_delete_submit'),
);
}
$form['#attributes']['enctype'] = 'multipart/form-data';
return $form;
}
/**
* Validation function for the user account and profile editing form.
*/
function user_profile_form_validate($form, &$form_state) {
user_module_invoke('validate', $form_state['values'], $form_state['values']['_account'], $form_state['values']['_category']);
// Validate input to ensure that non-privileged users can't alter protected data.
if ((!user_access('administer users') && array_intersect(array_keys($form_state['values']), array('uid', 'init', 'session'))) || (!user_access('administer permissions') && isset($form_state['values']['roles']))) {
watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
// set this to a value type field
form_set_error('category', t('Detected malicious attempt to alter protected user fields.'));
}
}
/**
* Submit function for the user account and profile editing form.
*/
function user_profile_form_submit($form, &$form_state) {
$account = $form_state['values']['_account'];
$category = $form_state['values']['_category'];
unset($form_state['values']['_account'], $form_state['values']['op'], $form_state['values']['submit'], $form_state['values']['delete'], $form_state['values']['form_token'], $form_state['values']['form_id'], $form_state['values']['_category']);
user_module_invoke('submit', $form_state['values'], $account, $category);
user_save($account, $form_state['values'], $category);
// Clear the page cache because pages can contain usernames and/or profile information:
cache_clear_all();
drupal_set_message(t('The changes have been saved.'));
return;
}
/**
* Submit function for the 'Delete' button on the user edit form.
*/
function user_edit_delete_submit($form, &$form_state) {
$destination = '';
if (isset($_REQUEST['destination'])) {
$destination = drupal_get_destination();
unset($_REQUEST['destination']);
}
// Note: We redirect from user/uid/edit to user/uid/delete to make the tabs disappear.
$form_state['redirect'] = array("user/". $form_state['values']['_account']->uid ."/delete", $destination);
}
/**
* Form builder; confirm form for user deletion.
*
* @ingroup forms
* @see user_confirm_delete_submit()
*/
function user_confirm_delete(&$form_state, $account) {
$form['_account'] = array('#type' => 'value', '#value' => $account);
return confirm_form($form,
t('Are you sure you want to delete the account %name?', array('%name' => $account->name)),
'user/'. $account->uid,
t('All submissions made by this user will be attributed to the anonymous account. This action cannot be undone.'),
t('Delete'), t('Cancel'));
}
/**
* Submit function for the confirm form for user deletion.
*/
function user_confirm_delete_submit($form, &$form_state) {
user_delete($form_state['values'], $form_state['values']['_account']->uid);
drupal_set_message(t('%name has been deleted.', array('%name' => $form_state['values']['_account']->name)));
if (!isset($_REQUEST['destination'])) {
$form_state['redirect'] = 'admin/user/user';
}
}
function user_edit_validate($form, &$form_state) {
user_module_invoke('validate', $form_state['values'], $form_state['values']['_account'], $form_state['values']['_category']);
// Validate input to ensure that non-privileged users can't alter protected data.
if ((!user_access('administer users') && array_intersect(array_keys($form_state['values']), array('uid', 'init', 'session'))) || (!user_access('administer permissions') && isset($form_state['values']['roles']))) {
watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
// set this to a value type field
form_set_error('category', t('Detected malicious attempt to alter protected user fields.'));
}
}
function user_edit_submit($form, &$form_state) {
$account = $form_state['values']['_account'];
$category = $form_state['values']['_category'];
unset($form_state['values']['_account'], $form_state['values']['op'], $form_state['values']['submit'], $form_state['values']['delete'], $form_state['values']['form_token'], $form_state['values']['form_id'], $form_state['values']['_category']);
user_module_invoke('submit', $form_state['values'], $account, $category);
user_save($account, $form_state['values'], $category);
// Clear the page cache because pages can contain usernames and/or profile information:
cache_clear_all();
drupal_set_message(t('The changes have been saved.'));
return;
}
/**
* Access callback for path /user.
*
* Displays user profile if user is logged in, or login form for anonymous
* users.
*/
function user_page() {
global $user;
if ($user->uid) {
menu_set_active_item('user/'. $user->uid);
return menu_execute_active_handler();
}
else {
return drupal_get_form('user_login');
}
}