From 3b8c99d91e3733427e9f821ed385f097d18e8ffa Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 11 Jun 2003 18:16:32 +0000
Subject: [PATCH] - Bugfix: fixed the CREATE FUNCTION in database.mssql as it
needs to be prefixed with GO for some obscure reason. Patch by Kjartan.
- Bugfix: fixed the defaults for blocks in database.mssql so the NOT NULL fields get values. Patch by Kjartan.
- Bugfix: changed check_form() to use htmlspecialchars() instead of drupal_specialchars() as this caused Drupal to emit incorrect form items in presence of quotes. Example:
<input type="submit" class="form-submit" name="op" value="Submit "top nodes" block changes" />
IMO, drupal_specialchars() is better called xmlspecialchars() to avoid confusion.
- Bugfix: when an anonymous user visits a site, they shouldn't see any content (except the login block, if it is enabled) unless they have the "access content" permissions. Patch by Matt Westgate.
- Improvement: improved the error checking and the error messages in the profile module. Updated the code to match the Drupal coding conventions. Modified patch from Matt Westgate.
- Improvement: don't generate the <base href=""> tag in the base theme; it is already emitted by theme_head(). Patch by Kristjan.
- Improvement: don't execute any SQL queries when checking the permissions of user #1. Patch by Kjartan.
- Improvement: made a scalable layout form that works in IE and that behaves better with narrow themes. Part of patch #51 by Al.
- Improvement: removed some redundant print statements from the comment module. Modified patch from Craig Courtney.
---
database/database.mssql | 11 ++-
includes/common.inc | 2 +-
includes/theme.inc | 1 -
misc/admin.css | 19 -----
misc/drupal.css | 21 ++++-
modules/comment.module | 4 +-
modules/comment/comment.module | 4 +-
modules/locale.module | 2 +-
modules/locale/locale.module | 2 +-
modules/poll.module | 30 ++++----
modules/poll/poll.module | 30 ++++----
modules/profile.module | 40 +++++-----
modules/profile/profile.module | 40 +++++-----
modules/statistics.module | 110 ++++++++++++++-------------
modules/statistics/statistics.module | 110 ++++++++++++++-------------
modules/user.module | 13 ++--
modules/user/user.module | 13 ++--
17 files changed, 232 insertions(+), 220 deletions(-)
diff --git a/database/database.mssql b/database/database.mssql
index 9ba7ea501daa..f4b60db6960a 100644
--- a/database/database.mssql
+++ b/database/database.mssql
@@ -1,3 +1,7 @@
+---
+--- Table definitions
+---
+
CREATE TABLE [dbo].[access] (
[aid] [smallint] NULL ,
[mask] [varchar] (255) NOT NULL ,
@@ -460,13 +464,15 @@ INSERT INTO system VALUES ('themes/marvin/marvin.theme','marvin','theme','Intern
INSERT INTO variable(name,value) VALUES('update_start', 's:10:"2002-05-15";');
INSERT INTO variable(name,value) VALUES('theme_default','s:6:"marvin";');
-INSERT INTO blocks(module,delta,status) VALUES('user', '0', '1');
-INSERT INTO blocks(module,delta,status) VALUES('user', '1', '1');
+INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 0, 1, 0, 1, 0, '');
+INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 1, 1, 0, 1, 0, '');
+
---
--- Functions. Functions first available in SQL Server 2000. GREATEST() used by forum.module, tracker.module at the moment.
---
+GO
CREATE FUNCTION GREATEST (@a int, @b int)
RETURNS int AS
BEGIN
@@ -476,4 +482,3 @@ BEGIN
END
RETURN @b;
END
-
diff --git a/includes/common.inc b/includes/common.inc
index 3b30032d0820..80ab6ee4c8c9 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -489,7 +489,7 @@ function check_url($uri) {
}
function check_form($text) {
- return drupal_specialchars($text);
+ return htmlspecialchars($text);
}
function check_query($text) {
diff --git a/includes/theme.inc b/includes/theme.inc
index 643e3932328d..2e60b37a3c6a 100644
--- a/includes/theme.inc
+++ b/includes/theme.inc
@@ -23,7 +23,6 @@ function header($title = "") {
$output = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"DTD/xhtml1-transitional.dtd\">\n";
$output .= "<html><head><title>". $title ? $title : variable_get(site_name, "drupal") ."</title>";
- $output .= "<base href=\"$base_url/\" />";
$output .= theme_head($main);
$output .= "</head><body bgcolor=\"$this->background\" text=\"$this->foreground". theme_onload_attribute(). "\">";
$output .= "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"><tr><td valign=\"top\" width=\"170\">";
diff --git a/misc/admin.css b/misc/admin.css
index 6b68a2aae8a2..14f9b3466891 100644
--- a/misc/admin.css
+++ b/misc/admin.css
@@ -127,22 +127,3 @@ dd {
#update {
padding: 1em 1em 1em 1em;
}
-.node-form .admin {
- float: none; width: auto; margin-top: 0;
-}
-.node-form .standard {
- margin-right: 0;
- clear: both;
-}
-.node-form .admin .form-item .title {
- margin-top: 0;
-}
-.node-form .admin .authored .form-item {
- margin-bottom: 1.1em;
-}
-.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra {
- float: left; margin-right: 2em; margin-bottom: 1em;
-}
-.node-form .admin .form-item .form-text {
- width: auto;
-}
diff --git a/misc/drupal.css b/misc/drupal.css
index 7f2a217a7064..96065b78cdf4 100644
--- a/misc/drupal.css
+++ b/misc/drupal.css
@@ -48,10 +48,23 @@ th {
.poll .vote-form .choices { text-align: left; margin: 0 auto; display: table; }
-.node-form .admin { float: right; width: 15em; margin-top: -1.1em; }
-.node-form .standard { margin-right: 15em; }
-.node-form .form-text { display: block; }
-.node-form textarea { display: block; }
+.node-form .form-text { display: block; width: 95%; }
+.node-form textarea { display: block; width: 95%; }
+
+.node-form .standard {
+ clear: both;
+}
+.node-form .admin .form-item .title {
+ margin-top: 0;
+}
+.node-form .admin .authored .form-item {
+ margin-bottom: 1.1em;
+}
+.node-form .admin .authored .form-text { width: auto; }
+
+.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra {
+ float: left; margin-right: 2em; margin-bottom: 1em;
+}
.marker { color: #f00; }
.error { color: #f00; }
diff --git a/modules/comment.module b/modules/comment.module
index bca28f425dfc..1b965e711acd 100644
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -1197,7 +1197,7 @@ function comment_folded($comment) {
function comment_flat_collapsed($comments, $threshold) {
foreach ($comments as $comment) {
if (comment_visible($comment, $threshold)) {
- print comment_view($comment, "", 0);
+ comment_view($comment, "", 0);
}
}
}
@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) {
#$comment = $comments[$n];
if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) {
print "<ul>";
- print comment_view($comment, "", 0);
+ comment_view($comment, "", 0);
comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>";
}
diff --git a/modules/comment/comment.module b/modules/comment/comment.module
index bca28f425dfc..1b965e711acd 100644
--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -1197,7 +1197,7 @@ function comment_folded($comment) {
function comment_flat_collapsed($comments, $threshold) {
foreach ($comments as $comment) {
if (comment_visible($comment, $threshold)) {
- print comment_view($comment, "", 0);
+ comment_view($comment, "", 0);
}
}
}
@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) {
#$comment = $comments[$n];
if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) {
print "<ul>";
- print comment_view($comment, "", 0);
+ comment_view($comment, "", 0);
comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>";
}
diff --git a/modules/locale.module b/modules/locale.module
index 38c0ee681270..99f374d36aa7 100644
--- a/modules/locale.module
+++ b/modules/locale.module
@@ -103,7 +103,7 @@ function locale_edit($lid) {
$result = db_query("SELECT * FROM locales WHERE lid = '$lid'");
if ($translation = db_fetch_object($result)) {
- $form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string)));
+ $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string)));
foreach ($languages as $code=>$language) {
$form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128);
diff --git a/modules/locale/locale.module b/modules/locale/locale.module
index 38c0ee681270..99f374d36aa7 100644
--- a/modules/locale/locale.module
+++ b/modules/locale/locale.module
@@ -103,7 +103,7 @@ function locale_edit($lid) {
$result = db_query("SELECT * FROM locales WHERE lid = '$lid'");
if ($translation = db_fetch_object($result)) {
- $form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string)));
+ $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string)));
foreach ($languages as $code=>$language) {
$form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128);
diff --git a/modules/poll.module b/modules/poll.module
index 2dcb835ee22e..f799bf5e1d02 100644
--- a/modules/poll.module
+++ b/modules/poll.module
@@ -43,22 +43,24 @@ function poll_access($op, $node) {
}
function poll_block($op = "list", $delta = 0) {
- if ($op == "list") {
- $blocks[0]["info"] = t("Most recent poll");
- return $blocks;
- }
- else {
- $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
- if ($timestamp) {
- $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
- if ($poll->nid) {
- // Poll_view dumps the output into $poll->body
- poll_view($poll, 1, 1);
+ if (user_access("access content")) {
+ if ($op == "list") {
+ $blocks[0]["info"] = t("Most recent poll");
+ return $blocks;
+ }
+ else {
+ $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
+ if ($timestamp) {
+ $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
+ if ($poll->nid) {
+ // Poll_view dumps the output into $poll->body
+ poll_view($poll, 1, 1);
+ }
}
+ $block["subject"] = t("Poll: %t", array("%t" => $poll->title));
+ $block["content"] = $poll->body;
+ return $block;
}
- $block["subject"] = t("Poll: %t", array("%t" => $poll->title));
- $block["content"] = $poll->body;
- return $block;
}
}
diff --git a/modules/poll/poll.module b/modules/poll/poll.module
index 2dcb835ee22e..f799bf5e1d02 100644
--- a/modules/poll/poll.module
+++ b/modules/poll/poll.module
@@ -43,22 +43,24 @@ function poll_access($op, $node) {
}
function poll_block($op = "list", $delta = 0) {
- if ($op == "list") {
- $blocks[0]["info"] = t("Most recent poll");
- return $blocks;
- }
- else {
- $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
- if ($timestamp) {
- $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
- if ($poll->nid) {
- // Poll_view dumps the output into $poll->body
- poll_view($poll, 1, 1);
+ if (user_access("access content")) {
+ if ($op == "list") {
+ $blocks[0]["info"] = t("Most recent poll");
+ return $blocks;
+ }
+ else {
+ $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
+ if ($timestamp) {
+ $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
+ if ($poll->nid) {
+ // Poll_view dumps the output into $poll->body
+ poll_view($poll, 1, 1);
+ }
}
+ $block["subject"] = t("Poll: %t", array("%t" => $poll->title));
+ $block["content"] = $poll->body;
+ return $block;
}
- $block["subject"] = t("Poll: %t", array("%t" => $poll->title));
- $block["content"] = $poll->body;
- return $block;
}
}
diff --git a/modules/profile.module b/modules/profile.module
index 26a4c9145c72..a8acb7ca107b 100644
--- a/modules/profile.module
+++ b/modules/profile.module
@@ -36,7 +36,7 @@ function _profile_init() {
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
}
-function profile_system($field){
+function profile_system($field) {
$system["description"] = t("Support for configurable user profiles.");
$system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>");
return $system[$field];
@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) {
foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) {
- $f = "form_".$field[0];
- $t = "profile_".$name;
+ $f = "form_". $field[0];
+ $t = "profile_". $name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
}
}
@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) {
$enabled_fields = _profile_active_fields($mode);
if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) {
- $error .= $birth_error."<br />";
+ $error .= $birth_error ."<br />";
}
if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) {
- $error .= $avatar_error."<br />";
+ $error .= $avatar_error ."<br />";
}
foreach (array_keys($profile_fields) as $field) {
@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) {
}
// now check for required fields
- foreach(_profile_active_fields("required") as $required) {
+ foreach (_profile_active_fields("required") as $required) {
if ($required != "0" && in_array($required, $enabled_fields)) {
- if (!$edit["profile_".$required]) {
- $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />";
+ if (!$edit["profile_". $required]) {
+ $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />";
}
}
}
@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) {
foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name];
- $t = "profile_".$name;
+ $t = "profile_". $name;
if (!empty($user->$t)) {
switch ($field[0]) {
case "textfield":
case "textarea":
case "checkbox":
- $value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t);
+ $value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t);
$output .= form_item($field[1], $value);
break;
case "select":
@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) {
$extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85"));
- if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
- $error = t("the uploaded file was not an image.");
+ if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
+ $error = t("The uploaded file was not an image.");
}
- else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) {
- $error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
+ else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) {
+ $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
}
else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
- $error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
+ $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
+ }
+ else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) {
+ $error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
+ }
+ else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) {
+ $error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
- $error = t("error in file upload");
+ $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else {
$edit["profile_avatar"] = $extension;
@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) {
return;
}
else {
- return t("The specified birthday is not valid.")."<br />";
+ return t("The specified birthday is not valid.") ."<br />";
}
}
diff --git a/modules/profile/profile.module b/modules/profile/profile.module
index 26a4c9145c72..a8acb7ca107b 100644
--- a/modules/profile/profile.module
+++ b/modules/profile/profile.module
@@ -36,7 +36,7 @@ function _profile_init() {
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
}
-function profile_system($field){
+function profile_system($field) {
$system["description"] = t("Support for configurable user profiles.");
$system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>");
return $system[$field];
@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) {
foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) {
- $f = "form_".$field[0];
- $t = "profile_".$name;
+ $f = "form_". $field[0];
+ $t = "profile_". $name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
}
}
@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) {
$enabled_fields = _profile_active_fields($mode);
if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) {
- $error .= $birth_error."<br />";
+ $error .= $birth_error ."<br />";
}
if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) {
- $error .= $avatar_error."<br />";
+ $error .= $avatar_error ."<br />";
}
foreach (array_keys($profile_fields) as $field) {
@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) {
}
// now check for required fields
- foreach(_profile_active_fields("required") as $required) {
+ foreach (_profile_active_fields("required") as $required) {
if ($required != "0" && in_array($required, $enabled_fields)) {
- if (!$edit["profile_".$required]) {
- $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />";
+ if (!$edit["profile_". $required]) {
+ $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />";
}
}
}
@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) {
foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name];
- $t = "profile_".$name;
+ $t = "profile_". $name;
if (!empty($user->$t)) {
switch ($field[0]) {
case "textfield":
case "textarea":
case "checkbox":
- $value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t);
+ $value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t);
$output .= form_item($field[1], $value);
break;
case "select":
@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) {
$extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85"));
- if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
- $error = t("the uploaded file was not an image.");
+ if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
+ $error = t("The uploaded file was not an image.");
}
- else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) {
- $error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
+ else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) {
+ $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
}
else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
- $error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
+ $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
+ }
+ else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) {
+ $error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
+ }
+ else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) {
+ $error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
- $error = t("error in file upload");
+ $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else {
$edit["profile_avatar"] = $extension;
@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) {
return;
}
else {
- return t("The specified birthday is not valid.")."<br />";
+ return t("The specified birthday is not valid.") ."<br />";
}
}
diff --git a/modules/statistics.module b/modules/statistics.module
index 294b67135d24..9618a31c91fc 100644
--- a/modules/statistics.module
+++ b/modules/statistics.module
@@ -613,67 +613,69 @@ function statistics_display_topnodes_block() {
function statistics_display_online_block() {
global $id, $recent_activity;
- $throttle = throttle_status();
- $multiplier = variable_get("statistics_throttle_multiplier", 60);
+ if (user_access("access content")) {
+ $throttle = throttle_status();
+ $multiplier = variable_get("statistics_throttle_multiplier", 60);
- /* don't do any database lookups if on maximum throttle */
- if ($throttle < 5) {
- /* count users with activity in the past defined period */
- $time_period = variable_get("statistics_block_online_time", 2700);
+ /* don't do any database lookups if on maximum throttle */
+ if ($throttle < 5) {
+ /* count users with activity in the past defined period */
+ $time_period = variable_get("statistics_block_online_time", 2700);
- /*
- ** This call gathers all the info we need on users/guests in a single
- ** database call, thus is quite efficient.
- */
- $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
-
- $users = $guests = 0;
- /* Count number of users & guests currently online based on db query */
- while ($users_online = db_fetch_array($result)) {
- if ($users_online["uid"]) {
- /* Has uid, so is a registered user */
- $user_list[$users] = $users_online[uid];
- $users++;
- }
- else {
- /*
- ** There's only going to be one return with a uid of 0, and that's
- ** the guest(s). Hence, the count of this field is the total number
- ** of guests currently online.
- */
- $guests = $users_online["count"];
+ /*
+ ** This call gathers all the info we need on users/guests in a single
+ ** database call, thus is quite efficient.
+ */
+ $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
+
+ $users = $guests = 0;
+ /* Count number of users & guests currently online based on db query */
+ while ($users_online = db_fetch_array($result)) {
+ if ($users_online["uid"]) {
+ /* Has uid, so is a registered user */
+ $user_list[$users] = $users_online[uid];
+ $users++;
+ }
+ else {
+ /*
+ ** There's only going to be one return with a uid of 0, and that's
+ ** the guest(s). Hence, the count of this field is the total number
+ ** of guests currently online.
+ */
+ $guests = $users_online["count"];
+ }
}
- }
- /* format the output with proper grammar */
- $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
-
- if (user_access("access userlist") && $users) {
- /* Display a list of currently online users */
- $max_users = variable_get("statistics_block_online_max_cnt", 10);
- $max_name_len = variable_get("statistics_block_online_max_len", 15);
- $uid = reset($user_list);
- while (($uid) && ($max_users)) {
- $user = user_load(array("uid" => $uid));
- /* When displaying name, be sure it's not more than defined max length */
- $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
- $uid = next($user_list);
- /*
- ** When $max_users reaches zero, we break out even if there are
- ** more online (as defined by the admin)
- */
- $max_users--;
+ /* format the output with proper grammar */
+ $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
+
+ if (user_access("access userlist") && $users) {
+ /* Display a list of currently online users */
+ $max_users = variable_get("statistics_block_online_max_cnt", 10);
+ $max_name_len = variable_get("statistics_block_online_max_len", 15);
+ $uid = reset($user_list);
+ while (($uid) && ($max_users)) {
+ $user = user_load(array("uid" => $uid));
+ /* When displaying name, be sure it's not more than defined max length */
+ $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
+ $uid = next($user_list);
+ /*
+ ** When $max_users reaches zero, we break out even if there are
+ ** more online (as defined by the admin)
+ */
+ $max_users--;
+ }
+
+ $output .= "<br /><br />";
+ $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
-
- $output .= "<br /><br />";
- $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
+ else {
+ /* default message when fully throttled */
+ $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
+ }
+ return $output;
}
- else {
- /* default message when fully throttled */
- $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
- }
- return $output;
}
diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module
index 294b67135d24..9618a31c91fc 100644
--- a/modules/statistics/statistics.module
+++ b/modules/statistics/statistics.module
@@ -613,67 +613,69 @@ function statistics_display_topnodes_block() {
function statistics_display_online_block() {
global $id, $recent_activity;
- $throttle = throttle_status();
- $multiplier = variable_get("statistics_throttle_multiplier", 60);
+ if (user_access("access content")) {
+ $throttle = throttle_status();
+ $multiplier = variable_get("statistics_throttle_multiplier", 60);
- /* don't do any database lookups if on maximum throttle */
- if ($throttle < 5) {
- /* count users with activity in the past defined period */
- $time_period = variable_get("statistics_block_online_time", 2700);
+ /* don't do any database lookups if on maximum throttle */
+ if ($throttle < 5) {
+ /* count users with activity in the past defined period */
+ $time_period = variable_get("statistics_block_online_time", 2700);
- /*
- ** This call gathers all the info we need on users/guests in a single
- ** database call, thus is quite efficient.
- */
- $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
-
- $users = $guests = 0;
- /* Count number of users & guests currently online based on db query */
- while ($users_online = db_fetch_array($result)) {
- if ($users_online["uid"]) {
- /* Has uid, so is a registered user */
- $user_list[$users] = $users_online[uid];
- $users++;
- }
- else {
- /*
- ** There's only going to be one return with a uid of 0, and that's
- ** the guest(s). Hence, the count of this field is the total number
- ** of guests currently online.
- */
- $guests = $users_online["count"];
+ /*
+ ** This call gathers all the info we need on users/guests in a single
+ ** database call, thus is quite efficient.
+ */
+ $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
+
+ $users = $guests = 0;
+ /* Count number of users & guests currently online based on db query */
+ while ($users_online = db_fetch_array($result)) {
+ if ($users_online["uid"]) {
+ /* Has uid, so is a registered user */
+ $user_list[$users] = $users_online[uid];
+ $users++;
+ }
+ else {
+ /*
+ ** There's only going to be one return with a uid of 0, and that's
+ ** the guest(s). Hence, the count of this field is the total number
+ ** of guests currently online.
+ */
+ $guests = $users_online["count"];
+ }
}
- }
- /* format the output with proper grammar */
- $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
-
- if (user_access("access userlist") && $users) {
- /* Display a list of currently online users */
- $max_users = variable_get("statistics_block_online_max_cnt", 10);
- $max_name_len = variable_get("statistics_block_online_max_len", 15);
- $uid = reset($user_list);
- while (($uid) && ($max_users)) {
- $user = user_load(array("uid" => $uid));
- /* When displaying name, be sure it's not more than defined max length */
- $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
- $uid = next($user_list);
- /*
- ** When $max_users reaches zero, we break out even if there are
- ** more online (as defined by the admin)
- */
- $max_users--;
+ /* format the output with proper grammar */
+ $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
+
+ if (user_access("access userlist") && $users) {
+ /* Display a list of currently online users */
+ $max_users = variable_get("statistics_block_online_max_cnt", 10);
+ $max_name_len = variable_get("statistics_block_online_max_len", 15);
+ $uid = reset($user_list);
+ while (($uid) && ($max_users)) {
+ $user = user_load(array("uid" => $uid));
+ /* When displaying name, be sure it's not more than defined max length */
+ $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
+ $uid = next($user_list);
+ /*
+ ** When $max_users reaches zero, we break out even if there are
+ ** more online (as defined by the admin)
+ */
+ $max_users--;
+ }
+
+ $output .= "<br /><br />";
+ $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
-
- $output .= "<br /><br />";
- $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
+ else {
+ /* default message when fully throttled */
+ $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
+ }
+ return $output;
}
- else {
- /* default message when fully throttled */
- $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
- }
- return $output;
}
diff --git a/modules/user.module b/modules/user.module
index 3c307043f349..6a6c1d91d62b 100644
--- a/modules/user.module
+++ b/modules/user.module
@@ -211,6 +211,10 @@ function user_access($string) {
global $user;
static $perm;
+ if ($user->uid == 1) {
+ return 1;
+ }
+
/*
** To reduce the number of SQL queries, we cache the user's permissions
** in a static variable.
@@ -225,13 +229,7 @@ function user_access($string) {
}
}
- if ($user->uid == 1) {
- return 1;
- }
- else {
- return strstr($perm, $string);
- }
-
+ return strstr($perm, $string);
}
function user_mail($mail, $subject, $message, $header) {
@@ -366,7 +364,6 @@ function user_block($op = "list", $delta = 0) {
}
break;
case 2:
-
$result = db_query_range("SELECT uid, name FROM users WHERE status != '0' ORDER BY uid DESC", 0, 5);
while ($account = db_fetch_object($result)) {
$items[] = l((strlen($account->name) > 15 ? substr($account->name, 0, 15) . '...' : $account->name), "user/view/$account->uid");
diff --git a/modules/user/user.module b/modules/user/user.module
index 3c307043f349..6a6c1d91d62b 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -211,6 +211,10 @@ function user_access($string) {
global $user;
static $perm;
+ if ($user->uid == 1) {
+ return 1;
+ }
+
/*
** To reduce the number of SQL queries, we cache the user's permissions
** in a static variable.
@@ -225,13 +229,7 @@ function user_access($string) {
}
}
- if ($user->uid == 1) {
- return 1;
- }
- else {
- return strstr($perm, $string);
- }
-
+ return strstr($perm, $string);
}
function user_mail($mail, $subject, $message, $header) {
@@ -366,7 +364,6 @@ function user_block($op = "list", $delta = 0) {
}
break;
case 2:
-
$result = db_query_range("SELECT uid, name FROM users WHERE status != '0' ORDER BY uid DESC", 0, 5);
while ($account = db_fetch_object($result)) {
$items[] = l((strlen($account->name) > 15 ? substr($account->name, 0, 15) . '...' : $account->name), "user/view/$account->uid");
--
GitLab