Commit 29e0e0fc authored by Dries's avatar Dries

- Made it so that usernames can contain spaces.  Like that, people can
  use their full name as their username.
parent 8367d662
......@@ -26,8 +26,8 @@ function account_create($error = "") {
global $theme;
if ($error) {
$output .= "<P><FONT COLOR=\"red\">". t("Failed to create account") .": ". check_output($error) .".</FONT></P>\n";
watchdog("account", "failed to create account: $error.");
$output .= "<P><FONT COLOR=\"red\">". t("Failed to create account") .": ". check_output($error) ."</FONT></P>\n";
watchdog("account", "failed to create account: $error");
}
else {
$output .= "<P>". t("Registering allows you to comment, to moderate comments and pending submissions, to customize the look and feel of the site and generally helps you interact with the site more efficiently.") ."</P><P>". t("To create an account, simply fill out this form an click the 'Create account' button below. An e-mail will then be sent to you with instructions on how to validate your account.") ."</P>\n";
......@@ -228,7 +228,7 @@ function account_email_submit($userid, $email) {
$result = db_query("SELECT id FROM users WHERE userid = '$userid' AND real_email = '$email'");
if ($account = db_fetch_object($result)) {
$passwd = account_password();
$passwd = user_password();
$hash = substr(md5("$userid. ". time() .""), 0, 12);
$status = 1;
......@@ -257,16 +257,16 @@ function account_email_submit($userid, $email) {
function account_create_submit($userid, $email) {
global $theme, $HTTP_HOST, $REQUEST_URI;
$new[userid] = trim($userid);
$new[real_email] = trim($email);
$new[userid] = $userid;
$new[real_email] = $email;
if ($error = account_validate($new)) {
if ($error = user_validate($new)) {
$theme->header();
$theme->box(t("Create user account"), account_create($error));
$theme->footer();
}
else {
$new[passwd] = account_password();
$new[passwd] = user_password();
$new[hash] = substr(md5("$new[userid]. ". time()), 0, 12);
$user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "status" => 1, "hash" => $new[hash]));
......
<?php
<?
$na = "<I>na</I>";
......@@ -66,14 +66,6 @@ function check_code($text) {
return $text;
}
function check_mail($mail) {
return eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail) ? 1 : 0;
}
function check_name($name) {
return ereg("[^a-zA-Z0-9_-]", $name) ? 0 : 1;
}
function check_preview($text) {
return check_output(check_input($text));
}
......@@ -144,7 +136,7 @@ function format_date($timestamp, $type = "medium", $format = "") {
function format_username($username) {
global $user;
if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=$username\">$username</A>" : "<A HREF=\"account.php?op=view&name=$username\">$username</A>");
if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>");
else return variable_get(anonymous, "Anonymous");
}
......
......@@ -63,28 +63,41 @@ function user_ban($mask, $type) {
return db_fetch_object($result);
}
function account_password($min_length=6) {
function user_password($min_length=6) {
mt_srand((double)microtime() * 1000000);
$words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
while (strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
return $password;
}
function account_validate($user) {
// Verify username and e-mail address:
if (empty($user[real_email]) || (!check_mail($user[real_email]))) $error = t("the e-mail address '$user[real_email]' is not valid");
if (empty($user[userid]) || (!check_name($user[userid]))) $error = t("the username '$user[userid]' is not valid");
if (strlen($user[userid]) > 15) $error = t("the username '$user[userid]' is too long: it must be less than 15 characters");
function user_validate_name($name) {
if (!$name) return t("you must enter a username.");
if (eregi("^ ", $name)) return t("the username can not begin with a space.");
if (eregi(" \$", $name)) return t("the username can not end with a space.");
if (eregi(" ", $name)) return t("the username can not contain multiple spaces in a row.");
if (eregi("[^a-zA-Z0-9 ]", $name)) return t("the username contains an illegal character.");
if (strlen($name) > 15) return t("the username '$name' is too long: it must be less than 15 characters.");
}
function user_validate_mail($mail) {
if (!$mail) return t("your must enter an e-mail address.");
if (!eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail)) return t("the e-mail address '$email' is not valid.");
}
function user_validate($user) {
// Verify username:
if ($error = user_validate_name($user[userid])) return $error;
// Verify e-mail address:
if ($error = user_validate_mail($user[real_email])) return $error;
// Check to see whether the username or e-mail address are banned:
if ($ban = user_ban($user[userid], "username")) $error = t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>";
if ($ban = user_ban($user[real_email], "e-mail address")) $error = t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>";
if ($ban = user_ban($user[userid], "username")) return t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>.";
if ($ban = user_ban($user[real_email], "e-mail address")) return t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>.";
// Verify whether username and e-mail address are unique:
if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the username '$user[userid]' is already taken");
if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the e-mail address '$user[real_email]' is already in use by another account");
return $error;
if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) return t("the username '$user[userid]' is already taken.");
if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) return t("the e-mail address '$user[real_email]' is already in use by another account.");
}
?>
\ No newline at end of file
......@@ -41,7 +41,7 @@ function account_search($keys) {
global $user;
$result = db_query("SELECT * FROM users WHERE userid LIKE '%$keys%' LIMIT 20");
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->userid, "link" => (user_access($user, "account") ? "admin.php?mod=account&op=view&name=$account->userid" : "account.php?op=view&name=$account->userid"), "user" => $account->userid);
$find[$i++] = array("title" => $account->userid, "link" => (user_access($user, "account") ? "admin.php?mod=account&op=view&name=". urlencode($account->userid) : "account.php?op=view&name=". urlencode($account->userid)), "user" => $account->userid);
}
return $find;
}
......@@ -92,7 +92,7 @@ function account_overview($query = array()) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>username</TH><TH>last access</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
while ($account = db_fetch_object($result)) {
$output .= " <TR><TD>". format_username($account->userid) ."</TD><TD>". format_date($account->last_access) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account->userid\">view account</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=$account->userid\">edit account</A></TD></TR>\n";
$output .= " <TR><TD>". format_username($account->userid) ."</TD><TD>". format_date($account->last_access) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=". urlencode($account->userid) ."\">view account</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=". urlencode($account->userid) ."\">edit account</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
......@@ -150,12 +150,12 @@ function access($name) {
if (module_hook($name, "admin")) $access[$name] = $name;
}
module_iterate("access");
$account->access = explode(",", $account->access);
foreach ($account->access as $key=>$value) {
$account->access[$key] = substr($value, 0, -2);
}
$form .= $account->id ? form_item("ID", $account->id) . form_hidden("id", $account->id) : "";
$form .= $account->userid ? form_item(t("Username"), check_output($account->userid)) . form_hidden("userid", $account->userid) : form_textfield(t("Username"), "userid", $account->userid, 15, 15);
$form .= form_select(t("Status"), "status", ($account->status ? $account->status : 1), array("blocked", "not confirmed", "open"));
......@@ -190,22 +190,22 @@ function account_save($edit) {
}
}
$query .= "access = '$access'";
db_query("UPDATE users SET $query WHERE id = $edit[id]");
watchdog("account", "account: modified user '$edit[userid]'");
return $edit[userid];
}
else {
// Adding new account
$edit[userid] = trim($edit[userid]);
$edit[real_email] = trim($edit[real_email]);
$edit[userid] = $edit[userid];
$edit[real_email] = $edit[real_email];
if ($error = account_validate($edit)) {
if ($error = user_validate($edit)) {
print status($error);
return 0;
}
else {
$edit[passwd] = account_password();
$edit[passwd] = user_password();
$edit[hash] = substr(md5("$edit[userid]. ". time()), 0, 12);
if ($edit[access]) {
......@@ -217,7 +217,7 @@ function account_save($edit) {
$user = user_save("", array("userid" => $edit[userid], "access" => $edit[access], "real_email" => $edit[real_email], "passwd" => $edit[passwd], "status" => $edit[status], "hash" => $edit[hash]));
$link = path_uri() ."account.php?op=confirm&name=$edit[userid]&hash=$edit[hash]";
$link = path_uri() ."account.php?op=confirm&name=". urlencode($edit[userid]) ."&hash=$edit[hash]";
$subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
$message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $edit[userid], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $edit[passwd]));
......@@ -331,13 +331,13 @@ function account_admin() {
break;
case "Save account":
$name = account_save($edit);
if ($name)
if ($name)
print account_view($name);
else {
foreach ($edit as $key=>$value) {
$account->$key = $value;
}
print account_form($account);
print account_form($account);
}
break;
case "View account":
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment