Commit 61edf798 authored by Dries's avatar Dries

- Applied Marco's patch.  See mailing list for more information.
parent 5b502e3a
......@@ -70,6 +70,13 @@ function user_load($array = array()) {
$result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3 LIMIT 1");
$user = db_fetch_object($result);
if ($data = unserialize($user->data)) {
foreach ($data as $key => $value) {
if (!isset($user->$key)) {
$user->$key = $value;
}
}
}
return $user;
......@@ -82,14 +89,21 @@ function user_save($account, $array = array()) {
*/
if ($account->uid) {
$data = unserialize(db_result(db_query("SELECT data FROM users WHERE uid = '$account->uid'")));
foreach ($array as $key => $value) {
if ($key == "pass") {
$query .= "$key = '". md5($value) ."', ";
}
else if (substr($key, 0, 4) !== "auth") {
$query .= "$key = '". addslashes($value) ."', ";
if (in_array($key, user_fields())) {
$query .= "$key = '". check_query($value) ."', ";
}
else {
$data[$key] = $value;
}
}
}
$query .= "data = '". check_query(serialize($data)) ."', ";
db_query("UPDATE users SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'");
......@@ -104,11 +118,19 @@ function user_save($account, $array = array()) {
$values[] = "'". md5($value) ."'";
}
else if (substr($key, 0, 4) !== "auth") {
$fields[] = check_query($key);
$values[] = "'". check_query($value) ."'";
if (in_array($key, user_fields())) {
$fields[] = check_query($key);
$values[] = "'". check_query($value) ."'";
}
else {
$data[$key] = $value;
}
}
}
$fields[] = "data";
$values[] = "'". serialize($data) ."'";
db_query("INSERT INTO users (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")");
$user = user_load(array("name" => $array["name"]));
......@@ -241,6 +263,18 @@ function user_deny($type, $mask) {
}
function user_fields() {
static $fields;
if (!$fields) {
// is this ANSI? perhaps this should go in the database include...
$result = db_query("SHOW FIELDS FROM users");
while ($data = db_fetch_object($result)) {
$fields[] = $data->Field;
}
}
return $fields;
}
/*** Module hooks **********************************************************/
function user_help() {
......@@ -779,7 +813,21 @@ function user_register($edit = array()) {
$error = t("Public registrations have been disabled by the site administrator.");
}
else {
$success = 1;
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$result = module_invoke($module, "user", "register_validate", $edit, $user);
if (is_array($result)) {
$data = array_merge($data, $result);
}
elseif (is_string($result)) {
$error = $result;
break;
}
}
}
if (!$error) {
$success = 1;
}
}
}
......@@ -795,7 +843,7 @@ function user_register($edit = array()) {
** Create new user account, no administrator approval required:
*/
user_save("", array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 1));
user_save("", array_merge(array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 1), $data));
user_mail($edit["mail"], t("user account details"), sprintf(t("%s,\n\nsomoneone signed up for a user account on %s and supplied this e-mail address as their contact. If it wasn't you, just ignore this mail but if it was you, you can now login using the following username and password:\n\n username: %s\n password: %s\n\n\n-- %s team"), $edit["name"], variable_get("site_name", "drupal"), $edit["name"], $pass, variable_get("site_name", "drupal")), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from");
}
......@@ -804,7 +852,7 @@ function user_register($edit = array()) {
** Create new user account, administrator approval required:
*/
user_save("", array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 0));
user_save("", array_merge(array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 0), $data));
user_mail($edit["mail"], t("user account details"), sprintf(t("%s,\n\nsomoneone signed up for a user account on %s and supplied this e-mail address as their contact. If it wasn't you, just ignore this mail but if it was you, you can login as soon a site administrator approved your request using the following username and password:\n\n username: %s\n password: %s\n\n\n-- %s team"), $edit["name"], variable_get("site_name", "drupal"), $edit["name"], $pass, variable_get("site_name", "drupal")), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from");
}
......@@ -819,6 +867,11 @@ function user_register($edit = array()) {
$output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64, t("Your full name or your prefered username: only letters, numbers and spaces are allowed."));
$output .= form_textfield(t("E-mail address"), "mail", $edit["mail"], 30, 64, t("Your e-mail address: a password and instructions will be sent to this e-mail address so make sure it is accurate."));
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "register_form", $edit, $user);
}
}
$output .= form_submit(t("Create new account"));
return form($output);
......@@ -846,6 +899,19 @@ function user_edit($edit = array()) {
// do nothing
}
else if ($user->uid) {
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$result = module_invoke($module, "user", "edit_validate", $edit, $user);
}
if (is_array($result)) {
$data = array_merge($data, $result);
}
elseif (is_string($result)) {
$error = $result;
break;
}
}
/*
** If required, check that proposed passwords match. If so,
** add new password to $edit.
......@@ -862,17 +928,19 @@ function user_edit($edit = array()) {
unset($edit["pass1"], $edit["pass2"]);
/*
** Save user information:
*/
if (!$error) {
/*
** Save user information:
*/
$user = user_save($user, $edit);
$user = user_save($user, array_merge($edit, $data));
/*
** Redirect the user to his personal information page:
*/
/*
** Redirect the user to his personal information page:
*/
drupal_goto("module.php?mod=user&op=view");
drupal_goto("module.php?mod=user&op=view");
}
}
}
......@@ -890,6 +958,12 @@ function user_edit($edit = array()) {
}
}
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "edit_form", $edit, $user);
}
}
$output .= form_textfield(t("Homepage"), "homepage", $user->homepage, 30, 55, t("Optional") .". ". t("Make sure you enter a fully qualified URL: remember to include \"http://\"."));
foreach ($themes as $key => $value) $options .= "<option value=\"$key\"". (($user->theme == $key) ? " selected=\"selected\"" : "") .">$key - $value[1]</option>\n";
$output .= form_item(t("Theme"), "<select name=\"edit[theme]\">$options</select>", t("Selecting a different theme will change the look and feel of the site."));
......@@ -934,6 +1008,13 @@ function user_view($uid = 0) {
}
}
}
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "view_private", "", $user);
}
}
$output .= form_item(t("Homepage"), format_url($user->homepage));
$output .= form_item(t("Signature"), check_output($user->signature, 1));
......@@ -946,6 +1027,12 @@ function user_view($uid = 0) {
$output .= form_item(t("Name"), check_output($account->name));
$output .= form_item(t("Homepage"), format_url($account->homepage));
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "view_public", "", $account);
}
}
$theme->header();
$theme->box(t("View user information"), $output);
$theme->footer();
......
......@@ -70,6 +70,13 @@ function user_load($array = array()) {
$result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3 LIMIT 1");
$user = db_fetch_object($result);
if ($data = unserialize($user->data)) {
foreach ($data as $key => $value) {
if (!isset($user->$key)) {
$user->$key = $value;
}
}
}
return $user;
......@@ -82,14 +89,21 @@ function user_save($account, $array = array()) {
*/
if ($account->uid) {
$data = unserialize(db_result(db_query("SELECT data FROM users WHERE uid = '$account->uid'")));
foreach ($array as $key => $value) {
if ($key == "pass") {
$query .= "$key = '". md5($value) ."', ";
}
else if (substr($key, 0, 4) !== "auth") {
$query .= "$key = '". addslashes($value) ."', ";
if (in_array($key, user_fields())) {
$query .= "$key = '". check_query($value) ."', ";
}
else {
$data[$key] = $value;
}
}
}
$query .= "data = '". check_query(serialize($data)) ."', ";
db_query("UPDATE users SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'");
......@@ -104,11 +118,19 @@ function user_save($account, $array = array()) {
$values[] = "'". md5($value) ."'";
}
else if (substr($key, 0, 4) !== "auth") {
$fields[] = check_query($key);
$values[] = "'". check_query($value) ."'";
if (in_array($key, user_fields())) {
$fields[] = check_query($key);
$values[] = "'". check_query($value) ."'";
}
else {
$data[$key] = $value;
}
}
}
$fields[] = "data";
$values[] = "'". serialize($data) ."'";
db_query("INSERT INTO users (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")");
$user = user_load(array("name" => $array["name"]));
......@@ -241,6 +263,18 @@ function user_deny($type, $mask) {
}
function user_fields() {
static $fields;
if (!$fields) {
// is this ANSI? perhaps this should go in the database include...
$result = db_query("SHOW FIELDS FROM users");
while ($data = db_fetch_object($result)) {
$fields[] = $data->Field;
}
}
return $fields;
}
/*** Module hooks **********************************************************/
function user_help() {
......@@ -779,7 +813,21 @@ function user_register($edit = array()) {
$error = t("Public registrations have been disabled by the site administrator.");
}
else {
$success = 1;
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$result = module_invoke($module, "user", "register_validate", $edit, $user);
if (is_array($result)) {
$data = array_merge($data, $result);
}
elseif (is_string($result)) {
$error = $result;
break;
}
}
}
if (!$error) {
$success = 1;
}
}
}
......@@ -795,7 +843,7 @@ function user_register($edit = array()) {
** Create new user account, no administrator approval required:
*/
user_save("", array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 1));
user_save("", array_merge(array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 1), $data));
user_mail($edit["mail"], t("user account details"), sprintf(t("%s,\n\nsomoneone signed up for a user account on %s and supplied this e-mail address as their contact. If it wasn't you, just ignore this mail but if it was you, you can now login using the following username and password:\n\n username: %s\n password: %s\n\n\n-- %s team"), $edit["name"], variable_get("site_name", "drupal"), $edit["name"], $pass, variable_get("site_name", "drupal")), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from");
}
......@@ -804,7 +852,7 @@ function user_register($edit = array()) {
** Create new user account, administrator approval required:
*/
user_save("", array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 0));
user_save("", array_merge(array("name" => $edit["name"], "pass" => $pass, "init" => $edit["mail"], "mail" => $edit["mail"], "role" => "authenticated user", "status" => 0), $data));
user_mail($edit["mail"], t("user account details"), sprintf(t("%s,\n\nsomoneone signed up for a user account on %s and supplied this e-mail address as their contact. If it wasn't you, just ignore this mail but if it was you, you can login as soon a site administrator approved your request using the following username and password:\n\n username: %s\n password: %s\n\n\n-- %s team"), $edit["name"], variable_get("site_name", "drupal"), $edit["name"], $pass, variable_get("site_name", "drupal")), "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from");
}
......@@ -819,6 +867,11 @@ function user_register($edit = array()) {
$output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64, t("Your full name or your prefered username: only letters, numbers and spaces are allowed."));
$output .= form_textfield(t("E-mail address"), "mail", $edit["mail"], 30, 64, t("Your e-mail address: a password and instructions will be sent to this e-mail address so make sure it is accurate."));
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "register_form", $edit, $user);
}
}
$output .= form_submit(t("Create new account"));
return form($output);
......@@ -846,6 +899,19 @@ function user_edit($edit = array()) {
// do nothing
}
else if ($user->uid) {
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$result = module_invoke($module, "user", "edit_validate", $edit, $user);
}
if (is_array($result)) {
$data = array_merge($data, $result);
}
elseif (is_string($result)) {
$error = $result;
break;
}
}
/*
** If required, check that proposed passwords match. If so,
** add new password to $edit.
......@@ -862,17 +928,19 @@ function user_edit($edit = array()) {
unset($edit["pass1"], $edit["pass2"]);
/*
** Save user information:
*/
if (!$error) {
/*
** Save user information:
*/
$user = user_save($user, $edit);
$user = user_save($user, array_merge($edit, $data));
/*
** Redirect the user to his personal information page:
*/
/*
** Redirect the user to his personal information page:
*/
drupal_goto("module.php?mod=user&op=view");
drupal_goto("module.php?mod=user&op=view");
}
}
}
......@@ -890,6 +958,12 @@ function user_edit($edit = array()) {
}
}
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "edit_form", $edit, $user);
}
}
$output .= form_textfield(t("Homepage"), "homepage", $user->homepage, 30, 55, t("Optional") .". ". t("Make sure you enter a fully qualified URL: remember to include \"http://\"."));
foreach ($themes as $key => $value) $options .= "<option value=\"$key\"". (($user->theme == $key) ? " selected=\"selected\"" : "") .">$key - $value[1]</option>\n";
$output .= form_item(t("Theme"), "<select name=\"edit[theme]\">$options</select>", t("Selecting a different theme will change the look and feel of the site."));
......@@ -934,6 +1008,13 @@ function user_view($uid = 0) {
}
}
}
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "view_private", "", $user);
}
}
$output .= form_item(t("Homepage"), format_url($user->homepage));
$output .= form_item(t("Signature"), check_output($user->signature, 1));
......@@ -946,6 +1027,12 @@ function user_view($uid = 0) {
$output .= form_item(t("Name"), check_output($account->name));
$output .= form_item(t("Homepage"), format_url($account->homepage));
foreach (module_list() as $module) {
if (module_hook($module, "user")) {
$output .= module_invoke($module, "user", "view_public", "", $account);
}
}
$theme->header();
$theme->box(t("View user information"), $output);
$theme->footer();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment