Skip to content

GitLab

Commit 2d1e9126 authored by Dries's avatar Dries
Browse files 

- Added the new user module!
parent f358893b
Expand all Hide whitespace changes
Inline Side-by-side
account.php deleted 100644 → 0
View file @ f358893b
This diff is collapsed.
includes/comment.inc
View file @ 2d1e9126
......@@ -10,13 +10,13 @@
$corder = array(1 => "Date - new", 2 => "Date - old", 3 => "Rate - high", 4 => "Rate - low");
class Comment {
function Comment($name, $subject, $comment, $timestamp, $url, $fake_email, $score, $votes, $cid, $lid) {
function Comment($uid, $name, $subject, $comment, $timestamp, $url, $score, $votes, $cid, $lid) {
$this->uid = $uid;
$this->name = $name;
$this->subject = $subject;
$this->comment = $comment;
$this->timestamp = $timestamp;
$this->url = $url;
$this->fake_email = $fake_email;
$this->score = $score;
$this->votes = $votes;
$this->cid = $cid;
......@@ -27,7 +27,7 @@ function Comment($name, $subject, $comment, $timestamp, $url, $fake_email, $scor
function comment_moderate($moderate) {
global $user, $comment_votes;
if ($user->id && $moderate) {
if ($user->uid && $moderate) {
$none = $comment_votes[key($comment_votes)];
foreach ($moderate as $id=>$vote) {
......@@ -35,8 +35,8 @@ function comment_moderate($moderate) {
$id = check_output($id);
$vote = check_output($vote);
$comment = db_fetch_object(db_query("SELECT * FROM comments WHERE cid = '$id'"));
if ($comment && !field_get($comment->users, $user->id)) {
$result = db_query("UPDATE comments SET score = score $vote, votes = votes + 1, users = '". field_set($comment->users, $user->id, $vote) ."' WHERE cid = '$id'");
if ($comment && !field_get($comment->users, $user->uid)) {
$result = db_query("UPDATE comments SET score = score $vote, votes = votes + 1, users = '". field_set($comment->users, $user->uid, $vote) ."' WHERE cid = '$id'");
}
}
}
......@@ -45,14 +45,14 @@ function comment_moderate($moderate) {
function comment_settings($mode, $order, $threshold) {
global $user;
if ($user->id) $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
if ($user->uid) $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
}
function comment_form($edit) {
global $REQUEST_URI, $user;
// name field:
$form .= form_item(t("Your name"), format_name($user->name));
$form .= form_item(t("Your name"), format_name($user));
// subject field:
$form .= form_textfield(t("Subject"), "subject", $edit[subject], 50, 64);
......@@ -79,8 +79,8 @@ function comment_reply($pid, $id) {
global $theme;
if ($pid) {
$item = db_fetch_object(db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = '$pid'"));
comment_view(new Comment($item->name, $item->subject, $item->comment, $item->timestamp, $item->url, $item->fake_email, comment_score($comment), $comment->votes, $item->cid, $item->lid), t("reply to this comment"));
$item = db_fetch_object(db_query("SELECT c.*, u.name FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.cid = '$pid'"));
comment_view(new Comment($item->uid, $item->name, $item->subject, $item->comment, $item->timestamp, $item->url, comment_score($comment), $comment->votes, $item->cid, $item->lid), t("reply to this comment"));
}
else {
node_view(node_get_object(array("nid" => $id)));
......@@ -99,7 +99,7 @@ function comment_preview($edit) {
global $REQUEST_URI, $theme, $user;
// Preview comment:
comment_view(new Comment($user->name, check_preview($edit[subject]), check_preview($edit[comment]), time(), check_preview($user->url), check_preview($user->fake_email), 0, 0, 0, 0), t("reply to this comment"));
comment_view(new Comment($user->uid, $user->name, check_preview($edit[subject]), check_preview($edit[comment]), time(), check_preview($user->homepage), 0, 0, 0, 0), t("reply to this comment"));
$theme->box(t("Reply"), comment_form($edit));
}
......@@ -125,7 +125,7 @@ function comment_post($edit) {
watchdog("special", "comment: added '$edit[subject]'");
// add comment to database:
db_query("INSERT INTO comments (lid, pid, author, subject, comment, hostname, timestamp, score) VALUES ('". check_input($edit[id]) ."', '". check_input($edit[pid]) ."', '$user->id', '". check_input($edit[subject]) ."', '". check_input($edit[comment]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."', '". ($user->name ? 1 : 0) ."')");
db_query("INSERT INTO comments (lid, pid, author, subject, comment, hostname, timestamp, score) VALUES ('". check_input($edit[id]) ."', '". check_input($edit[pid]) ."', '$user->uid', '". check_input($edit[subject]) ."', '". check_input($edit[comment]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."', '". ($user->name ? 1 : 0) ."')");
// clear cache:
cache_clear();
......@@ -150,7 +150,7 @@ function comment_moderation($comment) {
// preview comment:
$output .= " ";
}
else if ($user->id && $user->name != $comment->name && !field_get($comment->users, $user->id)) {
else if ($user->uid && $user->name != $comment->name && !field_get($comment->users, $user->uid)) {
// comment hasn't been moderated yet:
foreach ($comment_votes as $key=>$value) $options .= " <OPTION VALUE=\"$value\">$key</OPTION>\n";
$output .= "<SELECT NAME=\"moderate[$comment->cid]\">$options</SELECT>\n";
......@@ -181,7 +181,7 @@ function comment_order($order) {
}
function comment_query($lid, $order, $pid = -1) {
$query .= "SELECT c.*, u.* FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.lid = '$lid'";
$query .= "SELECT c.*, u.* FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.lid = '$lid'";
if ($pid >= 0) $query .= " AND pid = '$pid'";
if ($order == 1) $query .= " ORDER BY c.timestamp DESC";
else if ($order == 2) $query .= " ORDER BY c.timestamp";
......@@ -216,13 +216,13 @@ function comment_view($comment, $folded = 0) {
// display comment:
if ($folded) $theme->comment($comment, $folded);
else print "<A HREF=\"". comment_uri("id=$comment->lid&cid=$comment->cid#$comment->cid") ."\">". check_output($comment->subject) ."</A> by ". format_name($comment->name) ." <SMALL>($comment->score)</SMALL><P>";
else print "<A HREF=\"". comment_uri("id=$comment->lid&cid=$comment->cid#$comment->cid") ."\">". check_output($comment->subject) ."</A> by ". format_name($comment) ." <SMALL>($comment->score)</SMALL><P>";
}
function comment_thread_min($cid, $threshold) {
global $user;
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.pid = '$cid' ORDER BY c.timestamp, c.cid");
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.pid = '$cid' ORDER BY c.timestamp, c.cid");
while ($comment = db_fetch_object($result)) {
print "<ul>";
......@@ -244,7 +244,7 @@ function comment_thread_max($cid, $mode, $threshold, $level = 0, $dummy = 0) {
** terms of speed and size.
*/
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.pid = '$cid' ORDER BY c.timestamp, c.cid");
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.pid = '$cid' ORDER BY c.timestamp, c.cid");
while ($comment = db_fetch_object($result)) {
print "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr><td width=\"". ($level * 25) ."\">&nbsp;</td><td>\n";
......@@ -264,11 +264,11 @@ function comment_render($lid, $cid) {
// Pre-process variables:
$lid = empty($lid) ? 0 : $lid;
$cid = empty($cid) ? 0 : $cid;
$mode = ($user->id) ? $user->mode : variable_get(default_comment_mode, 4);
$order = ($user->id) ? $user->sort : variable_get(default_comment_order, 1);
$threshold = ($user->id) ? $user->threshold : variable_get(default_comment_threshold, 3);
$mode = ($user->uid) ? $user->mode : variable_get(default_comment_mode, 4);
$order = ($user->uid) ? $user->sort : variable_get(default_comment_order, 1);
$threshold = ($user->uid) ? $user->threshold : variable_get(default_comment_threshold, 3);
if ($user->id) {
if ($user->uid) {
// Comment control:
$theme->box(t("Comment control"), $theme->comment_controls($threshold, $mode, $order));
......@@ -277,7 +277,7 @@ function comment_render($lid, $cid) {
}
if ($cid > 0) {
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN users u ON c.author = u.id WHERE cid = '$cid'");
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE cid = '$cid'");
if ($comment = db_fetch_object($result)) {
comment_view($comment, comment_links($comment));
}
......@@ -289,7 +289,7 @@ function comment_render($lid, $cid) {
print " <TR><TH>Subject</TH><TH>Author</TH><TH>Date</TH><TH>Score</TH></TR>\n";
while ($comment = db_fetch_object($result)) {
if (comment_visible($comment, $threshold)) {
print " <TR><TD><A HREF=\"". comment_uri("id=$comment->lid&cid=$comment->cid#$comment->cid") ."\">". check_output($comment->subject) ."</A></TD><TD>". format_name($comment->name) ."</TD><TD>". format_date($comment->timestamp, "small") ."</TD><TD>". comment_score($comment) ."</TD></TR>\n";
print " <TR><TD><A HREF=\"". comment_uri("id=$comment->lid&cid=$comment->cid#$comment->cid") ."\">". check_output($comment->subject) ."</A></TD><TD>". format_name($comment) ."</TD><TD>". format_date($comment->timestamp, "small") ."</TD><TD>". comment_score($comment) ."</TD></TR>\n";
}
}
print "</TABLE>\n";
......@@ -316,7 +316,7 @@ function comment_render($lid, $cid) {
}
}
if ($user->id) {
if ($user->uid) {
// Print moderation form:
print " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$lid\">\n";
print " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Moderate comments") ."\">\n";
......
includes/common.inc
View file @ 2d1e9126
......@@ -34,7 +34,7 @@ function error_handler($errno, $message, $filename, $line, $variables) {
function watchdog($type, $message) {
global $user;
db_query("INSERT INTO watchdog (user, type, message, location, hostname, timestamp) VALUES ('$user->id', '". check_input($type) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."', '". time() ."')");
db_query("INSERT INTO watchdog (user, type, message, location, hostname, timestamp) VALUES ('$user->uid', '". check_input($type) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."', '". time() ."')");
}
function throttle($type, $rate) {
......@@ -152,7 +152,7 @@ function cache_clear($interval = 0) {
function cache_get() {
global $user, $REQUEST_URI, $REQUEST_METHOD;
if (!$user->id && $REQUEST_METHOD == "GET") {
if (!$user->uid && $REQUEST_METHOD == "GET") {
if ($cache = db_fetch_object(db_query("SELECT * FROM cache WHERE url = '". check_input($REQUEST_URI) ."'"))) {
cache_clear(variable_get("cache_clear", 30));
}
......@@ -167,7 +167,7 @@ function cache_get() {
function cache_set() {
global $user, $REQUEST_URI, $REQUEST_METHOD;
if (!$user->id && $REQUEST_METHOD == "GET") {
if (!$user->uid && $REQUEST_METHOD == "GET") {
if ($data = ob_get_contents()) {
db_query("INSERT INTO cache (url, data, timestamp) VALUES('". addslashes($REQUEST_URI) ."', '". addslashes($data) ."', '". time() ."')");
}
......@@ -220,13 +220,14 @@ function format_date($timestamp, $type = "medium", $format = "") {
return $date;
}
function format_name($username, $realname = "") {
if ($realname) {
watchdog("special", "format_name - FIX ME");
return "<font color=\"red\">FIX ME</font>\n";
function format_name($object) {
if ($object->uid && $object->name) {
return "<a href=\"module.php?mod=user&op=view&id=$object->uid\">$object->name</a>";
}
else if ($username) {
return (user_access("administer users") ? "<a href=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">". $username ."</a>" : "<a href=\"account.php?op=view&name=". urlencode($username) ."\">$username</a>");
else if (!is_object($object)) {
watchdog("error", "format_name(): missing name ($object->name) or uid ($object->uid)");
return "<font color=\"red\">FIX ME</font>";
}
else {
return variable_get(anonymous, "Anonymous");
......@@ -308,7 +309,6 @@ function link_page() {
$links[] = "<a href=\"index.php\">". t("home") ."</a>";
$links[] = "<a href=\"submit.php\">". t("submit") ."</a>";
$links[] = "<a href=\"account.php\">". t("account") ."</a>";
foreach (module_list() as $name) {
if (module_hook($name, "link")) {
......@@ -343,8 +343,6 @@ function timer_print() {
}
function page_header() {
global $user;
if (variable_get("dev_timer", 0)) {
timer_start();
}
......@@ -373,19 +371,16 @@ function page_footer() {
include_once "includes/database.inc";
include_once "includes/variable.inc";
include_once "includes/comment.inc";
include_once "includes/xmlrpc.inc";
include_once "includes/module.inc";
include_once "includes/locale.inc";
include_once "includes/search.inc";
include_once "includes/theme.inc";
include_once "includes/user.inc";
include_once "includes/node.inc";
// initialize configuration variables:
$conf = variable_init();
// initialize user session:
user_init();
// initialize installed modules:
module_init();
......
includes/conf.php
View file @ 2d1e9126
......@@ -4,9 +4,9 @@
# Database settings:
#
$db_host = "localhost";
$db_user = "username";
$db_pass = "password";
$db_name = "database";
$db_user = "drop"; // username
$db_pass = "drop"; // password
$db_name = "database"; // database
#
# Comment votes:
......
includes/locale.inc
View file @ 2d1e9126
......@@ -2,7 +2,7 @@
function locale_init() {
global $languages, $user;
return ($languages ? (($user->id && $user->language) ? $user->language : key($languages)) : 0);
return ($languages ? (($user->uid && $user->language) ? $user->language : key($languages)) : 0);
}
function t($string) {
......
includes/node.inc
View file @ 2d1e9126
......@@ -16,7 +16,7 @@ function _node_get($conditions) {
}
if ($type) {
return db_query("SELECT n.*, l.*, u.name FROM node n LEFT JOIN $type l ON n.lid = l.lid AND n.nid = l.nid LEFT JOIN users u ON n.author = u.id WHERE $where ORDER BY n.timestamp DESC");
return db_query("SELECT n.*, l.*, u.uid, u.name FROM node n LEFT JOIN $type l ON n.lid = l.lid AND n.nid = l.nid LEFT JOIN user u ON n.author = u.uid WHERE $where ORDER BY n.timestamp DESC");
}
}
......@@ -190,7 +190,7 @@ function visit(site) {
</SCRIPT>
<?php
if ($user->id) {
if ($user->uid) {
$choices = array("node.php?id=$node->nid" => t("view node"), "submit.php?mod=$node->type" => t("add node"), "submit.php?mod=$node->type&op=update&id=$node->nid" => t("update node"), "node.php?op=history&id=$node->nid" => t("view history"));
}
else {
......@@ -236,7 +236,7 @@ function node_index($node) {
function node_access($node) {
global $user, $status;
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access("administer nodes");
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->uid) || user_access("administer nodes");
}
......
includes/search.inc
View file @ 2d1e9126
......@@ -14,7 +14,7 @@ function search_data($keys, $type) {
foreach ($result as $entry) {
$output .= "<p>\n";
$output .= " <b><u><a href=\"$entry[link]\">$entry[title]</a></u></b><br />";
$output .= " <small>$entry[link]". ($entry[user] ? " - ". format_name($entry[user], $entry[name]) : "") ."". ($entry[date] ? " - ". format_date($entry[date], "small") : "") ."</small>";
$output .= " <small>$entry[link]". ($entry[user] ? " - $entry[user]" : "") ."". ($entry[date] ? " - ". format_date($entry[date], "small") : "") ."</small>";
$output .= "</p>\n";
}
}
......
includes/theme.inc
View file @ 2d1e9126
......@@ -13,9 +13,9 @@ function comment_controls($threshold = 1, $mode = 3, $order = 1) {
global $REQUEST_URI, $user;
$output .= "<DIV ALIGN=\"CENTER\">\n";
$output .= "<FORM METHOD=\"post\" ACTION=\"$REQUEST_URI\">\n";
$output .= comment_mode(($user->id ? $user->mode : $mode));
$output .= comment_order(($user->id ? $user->sort : $order));
$output .= comment_threshold(($user->id ? $user->threshold : $threshold));
$output .= comment_mode(($user->uid ? $user->mode : $mode));
$output .= comment_order(($user->uid ? $user->sort : $order));
$output .= comment_threshold(($user->uid ? $user->threshold : $threshold));
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Update settings") ."\">\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Add comment") ."\">\n";
$output .= "</FORM>\n";
......@@ -40,21 +40,9 @@ function theme_init() {
function theme_account($region, $theme) {
global $user;
if ($user->id) {
if ($user->uid) {
// Display account settings:
$content .= "<table><tr><td nowrap=\"nowrap\">\n";
$content .= "<a href=\"account.php?op=edit&type=information\">". t("your information") ."</a><BR>\n";
$content .= "<a href=\"account.php?op=edit&type=settings\">". t("your settings") ."</a><BR>\n";
$content .= "<a href=\"account.php?op=edit&type=blocks\">". t("your blocks") ."</a><BR>\n";
$content .= "<a href=\"account.php?op=view&type=comments\">". t("your comments") ."</a><BR>\n";
$content .= "<a href=\"account.php?op=view&type=contributions\">". t("your submissions") ."</a><BR>\n";
$content .= "<a href=\"account.php?op=view&type=site\">". strtr(t("your %a"), array("%a" => variable_get("site_name", "drupal"))) ."</a><BR>\n";
$content .= "<p />\n";
if (user_access("access administration pages")) {
$content .= "<a href=\"admin.php\">". strtr(t("administer %a"), array("%a" => variable_get("site_name", "drupal"))) ."</a><BR>\n";
$content .= "<p />\n";
}
foreach (module_list() as $name) {
if (module_hook($name, "link")) {
......@@ -62,40 +50,30 @@ function theme_account($region, $theme) {
foreach ($links as $link) $content .= "$link<br />\n";
}
}
if ($link) $content .= "<p />\n";
$content .= "<a href=\"account.php?op=logout\">". t("logout") ."</a>\n";
if (user_access("access administration pages")) {
$content .= "<p />\n";
$content .= "<a href=\"admin.php\">". strtr(t("administer %a"), array("%a" => variable_get("site_name", "drupal"))) ."</a><BR>\n";
}
$content .= "</td></tr></table>\n";
$theme->box($user->name, $content, $region);
}
else {
$output .= "<div align=\"center\">\n";
$output .= " <form action=\"account.php?op=login\" method=\"post\">\n";
$output .= " <b>". t("Username") .":</b><br /><input name=\"userid\" size=\"15\"><p />\n";
$output .= " <b>". t("Password") .":</b><br /><input name=\"passwd\" size=\"15\" TYPE=\"password\"><br />\n";
$output .= " <input type=\"submit\" value=\"". t("Login") ."\"><br />\n";
if (variable_get("account_register", 1)) $output .= " <a href=\"account.php\">". t("REGISTER") ."</a>\n";
$output .= " </form>\n";
$output .= "</div>\n";
$theme->box(t("Login"), $output, $region);
}
}
function theme_blocks($region, $theme) {
global $id, $PHP_SELF, $status, $user;
switch (strrchr($PHP_SELF, "/")) {
case "/node.php":
if ($region != "left") {
if ($user->id) $node = db_fetch_object(db_query("SELECT * FROM node WHERE nid = '$id'"));
if ($user->uid) $node = db_fetch_object(db_query("SELECT * FROM node WHERE nid = '$id'"));
if ($node->status == $status[queued]) theme_moderation_results($theme, $node, $region);
}
break;
case "/index.php":
if ($user->id) $result = db_query("SELECT * FROM blocks b LEFT JOIN layout l ON b.name = l.block WHERE (b.status = 2 OR (b.status = 1 AND l.user = '$user->id'))". (($region == "left" || $region == "right") ? ($region == "left" ? " AND b.region = 0" : " AND b.region = 1") : "") ." ORDER BY weight");
if ($user->uid) $result = db_query("SELECT * FROM blocks b LEFT JOIN layout l ON b.name = l.block WHERE (b.status = 2 OR (b.status = 1 AND l.user = '$user->uid'))". (($region == "left" || $region == "right") ? ($region == "left" ? " AND b.region = 0" : " AND b.region = 1") : "") ." ORDER BY weight");
else $result = db_query("SELECT * FROM blocks WHERE status = 2". (($region == "left" || $region == "right") ? ($region == "left" ? " AND region = 0" : " AND region = 1") : "") ." ORDER BY weight");
while ($block = db_fetch_object($result)) {
$blocks = module_invoke($block->module, "block");
......@@ -109,8 +87,8 @@ function theme_moderation_results($theme, $node, $region) {
foreach (explode(",", $node->users) as $vote) {
if ($vote) {
$data = explode("=", $vote);
$account = user_get($data[0]);
$output .= format_name($account->name) ." voted '$data[1]'.<br />";
$account = user_load(array("uid" => $data[0]));
$output .= format_name($account) ." voted '$data[1]'.<br />";
}
}
......
includes/user.inc deleted 100644 → 0
View file @ f358893b
<?php
class User {
function User($userid, $passwd = 0) {
if ($passwd) {
$result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE (LOWER(u.userid) = LOWER('$userid') OR LOWER(u.name) = LOWER('$userid')) AND u.passwd = PASSWORD('$passwd') AND u.status = 2");
if (db_num_rows($result) == 1) {
foreach (db_fetch_row($result) as $key=>$value) { $field = mysql_field_name($result, $key); $this->$field = stripslashes($value); $this->field[] = $field; }
db_query("UPDATE users SET last_access = '". time() ."', last_host = '$GLOBALS[REMOTE_ADDR]' WHERE id = $this->id");
}
}
else {
$result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE u.userid = '$userid' AND u.status = 2");
if (db_num_rows($result) == 1) {
foreach (db_fetch_row($result) as $key=>$value) { $field = mysql_field_name($result, $key); $this->$field = stripslashes($value); $this->field[] = $field; }
db_query("UPDATE users SET last_access = '". time() ."', last_host = '$GLOBALS[REMOTE_ADDR]' WHERE id = $this->id");
}
}
}
}
function user_get($uid) {
return db_fetch_object(db_query("SELECT * FROM users WHERE id = '". check_output($uid) ."'"));
}
function user_init() {
global $db_name;
session_name($db_name);
session_start();
}
function user_load($username) {
return new User($username);
}
function user_rehash() {
global $user;
if ($user->id) {
$user = new User($user->userid);
session_register("user");
}
}
function user_save($account, $array) {
// dynamically compose query:
foreach ($array as $key=>$value) {
if ($key == "passwd") $query .= "$key = PASSWORD('". addslashes($value) ."'), ";
else $query .= "$key = '". addslashes($value) ."', ";
}
// update or instert account:
if ($account->id) db_query("UPDATE users SET $query last_access = '". time() ."', last_host = '$GLOBALS[REMOTE_ADDR]' WHERE id = '$account->id'");
else db_query("INSERT INTO users SET $query last_access = '". time() ."', last_host = '$GLOBALS[REMOTE_ADDR]'");
// return account:
return user_load($array[userid] ? $array[userid] : $account->userid);
}
function user_access($perm) {
global $user;
if ($user->id == 1) {
return 1;
}
else if ($user->perm) {
return strstr($user->perm, $perm);
}
else {
return db_fetch_object(db_query("SELECT * FROM role WHERE name = 'anonymous user' AND perm LIKE '%$perm%'"));
}
}
function user_ban($mask, $type) {
$result = db_query("SELECT * FROM access WHERE type = '$type' AND '$mask' REGEXP mask");
return db_fetch_object($result);
}
function user_password($min_length=6) {
mt_srand((double)microtime() * 1000000);
$words = explode(",", variable_get("account_words", "foo,bar,guy,neo,tux,moo,sun,asm,dot,god,axe,geek,nerd,fish,hack,star,mice,warp,moon,hero,cola,girl,fish,java,perl,boss,dark,sith,jedi,drop,mojo"));
while (strlen($password) < $min_length) $password .= trim($words[mt_rand(0, count($words))]);
return $password;
}
function user_validate_name($name) {
if (!$name) return t("you must enter a username.");
if (eregi("^ ", $name)) return t("the username can not begin with a space.");
if (eregi(" \$", $name)) return t("the username can not end with a space.");
if (eregi(" ", $name)) return t("the username can not contain multiple spaces in a row.");
if (eregi("[^a-zA-Z0-9 ]", $name)) return t("the username contains an illegal character.");
if (strlen($name) > 32) return t("the username '$name' is too long: it must be less than 32 characters.");
}
function user_validate_mail($mail) {
if (!$mail) return t("your must enter an e-mail address.");
if (!eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail)) return t("the e-mail address '$email' is not valid.");
}
?>
\ No newline at end of file
modules/access.module deleted 100644 → 0
View file @ f358893b
<?php
function access_help() {
?>
<H3>Roles</H3>
<P>Users have roles that define what kinds of actions they can take. Roles define classes of users such as <I>anonymous user</I>, <I>authenticated user</I>, <I>moderator</I>, <I>administrator</I> and so on. Every user can have one role.</P>
<P>Roles make it easier for you to manage security. Instead of defining what every single user can do, you can simply set a couple different permissions for different user roles.</P>
<P>Drupal comes with three built-in roles:</P>
<UL>
<LI>Anonymous user: this role is used for users that don't have a user account or that are not authenticated.</LI>
<LI>Registered user: this role is assigned automatically to authenticated users. Most users will belong to this user role unless specified otherwise.</LI>
</UL>
<P>For basic Drupal sites you can get by with <I>anonymous user</I> and <I>authenticated user</I> but for more complex sites where you want other users to be able to perform maintainance or administrative duties, you may want to create your own roles to classify your users into different groups.</P>
<H3>Permissions</H3>
<P>Each Drupal's permission describes a fine-grained logical operation such as <I>access administration pages</I> or <I>add and modify user accounts</I>. You could say a permission represents access granted to a user to perform a set of operations.</P>
<H3>Access control</H3>
<P>Roles tie users to permissions. The combination of roles and permissions represent a way to tie user authorization to the performance of actions, which is how Drupal can determine what users can do.</P>
<?php
}
function access_perm() {
return array("access administration pages", "administer roles and permissions");
}
function access_link($type) {
if ($type == "admin" && user_access("administer roles and permissions")) {
$links[] = "<a href=\"admin.php?mod=access\">roles and permissions</a>";
}
return $links ? $links : array();
}
function access_get_role($rid) {
return db_fetch_array(db_query("SELECT * FROM role WHERE rid = '". check_input($rid) ."'"));
}
function access_get_roles() {
$result = db_query("SELECT * FROM role ORDER BY name");
while ($role = db_fetch_object($result)) {
$roles[$role->name] = $role->name;
}
return $roles;
}
function access_role_form($edit = array()) {
global $REQUEST_URI;
$form .= form_textfield("Role name", "name", $edit[name], 50, 64, "The name for this role. Example: 'moderator', 'editorial board', 'site architect'.");
$form .= form_submit("Submit");
if ($edit[rid]) {
$form .= form_submit(t("Delete"));
$form .= form_hidden("rid", $edit[rid]);
}
return form($REQUEST_URI, $form);
}
function access_role_save($edit) {
if ($edit[rid] && $edit[name]) {
db_query("UPDATE role SET name = '". check_input($edit[name]) ."' WHERE rid = '$edit[rid]'");
}
else if ($edit[rid]) {
db_query("DELETE FROM role WHERE rid = '". check_input($edit[rid]) ."'");
}
else {
db_query("INSERT INTO role (name) VALUES ('". check_input($edit[name]) ."')");
}
}
function access_role_view() {
$result = db_query("SELECT * FROM role ORDER BY name");
$output .= "<TABLE BORDER=\"1\" CELLSPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>name</TH><TH>operations</TH></TR>\n";
while ($role = db_fetch_object($result)) {
$output .= "<TR><TD>". check_output($role->name) ."</TD><TD><A HREF=\"admin.php?mod=access&op=edit&id=$role->rid\">edit role</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
return $output;
}
function access_perm_form() {
global $REQUEST_URI;
// Compile permission array: