Skip to content

GitLab

Commit a4b833b6 authored by Dries's avatar Dries
Browse files

- Patch #118345 by sun | nedjo, pwolanin, webchick: DIE hook_user_form() +... 

- Patch #118345 by sun | nedjo, pwolanin, webchick: DIE hook_user_form() + hook_user_register() DIE!
parent 77af1955
Hide whitespace changes
Inline Side-by-side
Showing with 102 additions and 196 deletions
modules/block/block.module
View file @ a4b833b6
......@@ -374,10 +374,11 @@ function block_custom_block_save($edit, $delta) {
}
/**
* Implement hook_user_form().
* Implement hook_form_FORM_ID_alter().
*/
function block_user_form(&$edit, $account, $category) {
if ($category == 'account') {
function block_form_user_profile_form_alter(&$form, &$form_state) {
if ($form['#user_category'] == 'account') {
$account = $form['#user'];
$rids = array_keys($account->roles);
$result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.rid IN (:rids) OR r.rid IS NULL) ORDER BY b.weight, b.module", array(':rids' => $rids));
$form['block'] = array(
......@@ -400,8 +401,8 @@ function block_user_form(&$edit, $account, $category) {
}
}
if (!empty($return)) {
return $form;
if (!isset($return)) {
$form['block']['#access'] = FALSE;
}
}
}
......
modules/contact/contact.module
View file @ a4b833b6
......@@ -145,10 +145,11 @@ function contact_load($cid) {
}
/**
* Implement hook_user_form().
* Implement hook_form_FORM_ID_alter().
*/
function contact_user_form(&$edit, $account, $category) {
if ($category == 'account') {
function contact_form_user_profile_form_alter(&$form, &$form_state) {
if ($form['#user_category'] == 'account') {
$account = $form['#user'];
$form['contact'] = array('#type' => 'fieldset',
'#title' => t('Contact settings'),
'#weight' => 5,
......@@ -156,10 +157,9 @@ function contact_user_form(&$edit, $account, $category) {
);
$form['contact']['contact'] = array('#type' => 'checkbox',
'#title' => t('Personal contact form'),
'#default_value' => !empty($edit['contact']) ? $edit['contact'] : FALSE,
'#default_value' => !empty($account->contact) ? $account->contact : FALSE,
'#description' => t('Allow other users to contact you via a <a href="@url">personal contact form</a> which keeps your e-mail address hidden. Note that some privileged users such as site administrators are still able to contact you even if you choose to disable this feature.', array('@url' => url("user/$account->uid/contact"))),
);
return $form;
}
}
......
modules/locale/locale.module
View file @ a4b833b6
......@@ -224,34 +224,18 @@ function locale_locale($op = 'groups') {
}
/**
* Implement hook_user_register().
*/
function locale_user_register(&$edit, $account, $category) {
// If we have more then one language and either creating a user on the
// admin interface or edit the user, show the language selector.
if (variable_get('language_count', 1) > 1 && user_access('administer users')) {
return locale_language_selector_form($account);
}
}
/**
* Implement hook_user_form().
* Form builder callback to display language selection widget.
*
* @ingroup forms
* @see locale_form_alter()
*/
function locale_user_form(&$edit, $account, $category) {
// If we have more then one language and either creating a user on the
// admin interface or edit the user, show the language selector.
if (variable_get('language_count', 1) > 1 && $category == 'account') {
return locale_language_selector_form($account);
}
}
function locale_language_selector_form($user) {
function locale_language_selector_form(&$form, &$form_state, $user) {
global $language;
$languages = language_list('enabled');
$languages = $languages[1];
// If the user is being created, we set the user language to the page language.
$user_preferred_language = $user ? user_preferred_language($user) : $language;
$user_preferred_language = $user->uid ? user_preferred_language($user) : $language;
$names = array();
foreach ($languages as $langcode => $item) {
......@@ -273,7 +257,6 @@ function locale_language_selector_form($user) {
'#options' => $names,
'#description' => ($mode == LANGUAGE_NEGOTIATION_PATH) ? t("This account's default language for e-mails, and preferred language for site presentation.") : t("This account's default language for e-mails."),
);
return $form;
}
/**
......@@ -306,9 +289,19 @@ function locale_form_node_type_form_alter(&$form, &$form_state) {
}
/**
* Implement hook_form_alter(). Adds language fields to forms.
* Implement hook_form_alter().
*
* Adds language fields to forms.
*/
function locale_form_alter(&$form, &$form_state, $form_id) {
// Only alter user forms if there is more than one language.
if (variable_get('language_count', 1) > 1) {
// Display language selector when either creating a user on the admin
// interface or editing a user account.
if (($form_id == 'user_register' && user_access('administer users')) || ($form_id == 'user_profile_form' && $form['#user_category'] == 'account')) {
locale_language_selector_form($form, $form_state, $form['#user']);
}
}
if (isset($form['#id']) && $form['#id'] == 'node-form') {
if (isset($form['#node']->type) && variable_get('language_content_type_' . $form['#node']->type, 0)) {
$form['language'] = array(
......
modules/openid/openid.module
View file @ a4b833b6
......@@ -125,7 +125,9 @@ function _openid_user_login_form_alter(&$form, &$form_state) {
}
/**
* Implement hook_form_alter(). Adds OpenID login to the login forms.
* Implement hook_form_alter().
*
* Adds OpenID login to the login forms.
*/
function openid_form_user_register_alter(&$form, &$form_state) {
if (isset($_SESSION['openid']['values'])) {
......
modules/profile/profile.module
View file @ a4b833b6
......@@ -209,13 +209,6 @@ function profile_block_view($delta = '') {
}
}
/**
* Implement hook_user_register().
*/
function profile_user_register(&$edit, $account, $category) {
return profile_form_profile($edit, $account, $category, TRUE);
}
/**
* Implement hook_user_update().
*/
......@@ -230,13 +223,6 @@ function profile_user_insert(&$edit, $account, $category) {
return profile_save_profile($edit, $account, $category, TRUE);
}
/**
* Implement hook_user_form().
*/
function profile_user_form(&$edit, $account, $category) {
return profile_form_profile($edit, $account, $category);
}
/**
* Implement hook_user_cancel().
*/
......@@ -378,7 +364,17 @@ function _profile_form_explanation($field) {
return $output;
}
function profile_form_profile($edit, $account, $category, $register = FALSE) {
/**
* Implement hook_form_alter().
*/
function profile_form_alter(&$form, &$form_state, $form_id) {
if ($form_id == 'user_register' || $form_id == 'user_profile_form') {
$register = ($form['#user']->uid > 0 ? FALSE : TRUE);
$form = array_merge($form, profile_form_profile($form['#user'], $form['#user_category'], $register));
}
}
function profile_form_profile($account, $category, $register = FALSE) {
$result = _profile_get_fields($category, $register);
$weight = 1;
$fields = array();
......@@ -392,7 +388,7 @@ function profile_form_profile($edit, $account, $category, $register = FALSE) {
case 'url':
$fields[$category][$field->name] = array('#type' => 'textfield',
'#title' => check_plain($field->title),
'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#maxlength' => 255,
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
......@@ -404,7 +400,7 @@ function profile_form_profile($edit, $account, $category, $register = FALSE) {
case 'textarea':
$fields[$category][$field->name] = array('#type' => 'textarea',
'#title' => check_plain($field->title),
'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
......@@ -412,7 +408,7 @@ function profile_form_profile($edit, $account, $category, $register = FALSE) {
case 'list':
$fields[$category][$field->name] = array('#type' => 'textarea',
'#title' => check_plain($field->title),
'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
......@@ -420,7 +416,7 @@ function profile_form_profile($edit, $account, $category, $register = FALSE) {
case 'checkbox':
$fields[$category][$field->name] = array('#type' => 'checkbox',
'#title' => check_plain($field->title),
'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
......@@ -435,7 +431,7 @@ function profile_form_profile($edit, $account, $category, $register = FALSE) {
}
$fields[$category][$field->name] = array('#type' => 'select',
'#title' => check_plain($field->title),
'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#options' => $options,
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
......@@ -444,7 +440,7 @@ function profile_form_profile($edit, $account, $category, $register = FALSE) {
case 'date':
$fields[$category][$field->name] = array('#type' => 'date',
'#title' => check_plain($field->title),
'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
'#default_value' => isset($account->{$field->name}) ? $account->{$field->name} : '',
'#description' => _profile_form_explanation($field),
'#required' => $field->required,
);
......
modules/system/system.module
View file @ a4b833b6
......@@ -1475,25 +1475,24 @@ function system_preprocess_page(&$variables) {
}
/**
* Implement hook_user_form().
* Implement hook_form_FORM_ID_alter().
*/
function system_user_form(&$edit, $account, $category) {
if ($category == 'account') {
function system_form_user_profile_form_alter(&$form, &$form_state) {
if ($form['#user_category'] == 'account') {
if (variable_get('configurable_timezones', 1)) {
system_user_timezone($edit, $form);
system_user_timezone($form, $form_state);
}
return $form;
}
}
/**
* Implement hook_user_register().
* Implement hook_form_FORM_ID_alter().
*/
function system_user_register(&$edit, $account, $category) {
function system_form_user_register_alter(&$form, &$form_state) {
if (variable_get('configurable_timezones', 1)) {
$form = array();
if (variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT) == DRUPAL_USER_TIMEZONE_SELECT) {
system_user_timezone($edit, $form);
system_user_timezone($form, $form_state);
}
else {
$form['account']['timezone'] = array(
......@@ -1518,8 +1517,11 @@ function system_user_login(&$edit, $account) {
/**
* Add the time zone field to the user edit and register forms.
*/
function system_user_timezone(&$edit, &$form) {
function system_user_timezone(&$form, &$form_state) {
global $user;
$account = $form['#user'];
$form['timezone'] = array(
'#type' => 'fieldset',
'#title' => t('Locale settings'),
......@@ -1529,11 +1531,11 @@ function system_user_timezone(&$edit, &$form) {
$form['timezone']['timezone'] = array(
'#type' => 'select',
'#title' => t('Time zone'),
'#default_value' => $edit['timezone'] ? $edit['timezone'] : ($edit['uid'] == $user->uid ? variable_get('date_default_timezone', '') : ''),
'#options' => system_time_zones(($edit['uid'] != $user->uid)),
'#default_value' => isset($account->timezone) ? $account->timezone : ($account->uid == $user->uid ? variable_get('date_default_timezone', '') : ''),
'#options' => system_time_zones($account->uid != $user->uid),
'#description' => t('Select the desired local time and time zone. Dates and times throughout this site will be displayed using this time zone.'),
);
if (!$edit['timezone'] && $edit['uid'] == $user->uid) {
if (!isset($account->timezone) && $account->uid == $user->uid) {
$form['timezone']['#description'] = t('Your time zone setting will be automatically detected if possible. Please confirm the selection and click save.');
$form['timezone']['timezone']['#attributes'] = array('class' => array('timezone-detect'));
drupal_add_js('misc/timezone.js');
......
modules/user/user.api.php
View file @ a4b833b6
......@@ -217,38 +217,6 @@ function hook_user_categories() {
));
}
/**
* The user account edit form is about to be displayed.
*
* The module should present the form elements it wishes to inject
* into the form.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is being performed.
* @param $category
* The active category of user information being edited.
* @return
* A $form array containing the form elements to display.
*/
function hook_user_form(&$edit, $account, $category = NULL) {
if ($category == 'account') {
$form['comment_settings'] = array(
'#type' => 'fieldset',
'#title' => t('Comment settings'),
'#collapsible' => TRUE,
'#weight' => 4);
$form['comment_settings']['signature'] = array(
'#type' => 'textarea',
'#title' => t('Signature'),
'#default_value' => $edit['signature'],
'#description' => t('Your signature will be publicly displayed at the end of your comments.'));
return $form;
}
}
/**
* The user account is being added.
*
......@@ -302,37 +270,6 @@ function hook_user_logout($account) {
->execute();
}
/**
* The user account registration form is about to be displayed.
*
* The module should present the form elements it wishes to inject into the
* form.
*
* @param &$edit
* The array of form values submitted by the user.
* @param $account
* The user object on which the operation is being performed.
* @param $category
* The active category of user information being edited.
* @return
* A $form array containing the form elements to display.
*/
function hook_user_register(&$edit, $account, $category) {
if (variable_get('configurable_timezones', 1)) {
$form = array();
if (variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT) == DRUPAL_USER_TIMEZONE_SELECT) {
system_user_timezone($edit, $form);
}
else {
$form['timezone'] = array(
'#type' => 'hidden',
'#value' => variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT) ? '' : variable_get('date_default_timezone', ''),
);
}
return $form;
}
}
/**
* Modify the account before it gets saved.
*
......
modules/user/user.module
View file @ a4b833b6
......@@ -859,17 +859,6 @@ function user_user_view($account) {
);
}
/**
* Implement hook_user_form.
*/
function user_user_form(&$edit, $account, $category) {
if ($category == 'account') {
$form = array();
$form_state = array();
return user_edit_form($form, $form_state, (isset($account->uid) ? $account->uid : FALSE), $edit);
}
}
/**
* Implement hook_user_validate().
*/
......@@ -1810,7 +1799,12 @@ function user_pass_rehash($password, $timestamp, $login) {
return md5($timestamp . $password . $login);
}
function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
function user_edit_form(&$form, &$form_state) {
global $user;
$account = $form['#user'];
$register = ($form['#user']->uid > 0 ? FALSE : TRUE);
_user_password_dynamic_validation();
$admin = user_access('administer users');
......@@ -1819,24 +1813,29 @@ function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
'#title' => t('Account information'),
'#weight' => -10,
);
// Only show name field when: registration page; or user is editing own account and can change username; or an admin user.
if ($register || ($GLOBALS['user']->uid == $uid && user_access('change own username')) || $admin) {
// Only show name field when: registration page; or user is editing own
// account and can change username; or an admin user.
if ($register || ($user->uid == $account->uid && user_access('change own username')) || $admin) {
$form['account']['name'] = array('#type' => 'textfield',
'#title' => t('Username'),
'#default_value' => $edit['name'],
'#maxlength' => USERNAME_MAX_LENGTH,
'#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'),
'#required' => TRUE,
'#attributes' => array('class' => array('username')),
);
if (!$register) {
$form['account']['name']['#default_value'] = $account->name;
}
}
$form['account']['mail'] = array('#type' => 'textfield',
'#title' => t('E-mail address'),
'#default_value' => $edit['mail'],
'#maxlength' => EMAIL_MAX_LENGTH,
'#description' => t('A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'),
'#required' => TRUE,
);
if (!$register) {
$form['account']['mail']['#default_value'] = $account->mail;
}
if (!$register) {
$form['account']['pass'] = array('#type' => 'password_confirm',
'#description' => t('To change the current user password, enter the new password in both fields.'),
......@@ -1855,7 +1854,7 @@ function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
$form['account']['status'] = array(
'#type' => 'radios',
'#title' => t('Status'),
'#default_value' => isset($edit['status']) ? $edit['status'] : 1,
'#default_value' => isset($account->status) ? $account->status : 1,
'#options' => array(t('Blocked'), t('Active'))
);
}
......@@ -1876,11 +1875,10 @@ function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
unset($roles[DRUPAL_AUTHENTICATED_RID]);
if ($roles) {
$default = empty($edit['roles']) ? array() : array_keys($edit['roles']);
$form['account']['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => $default,
'#default_value' => isset($account->roles) ? array_keys($account->roles) : array(),
'#options' => $roles,
DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated,
);
......@@ -1897,13 +1895,13 @@ function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
$form['signature_settings']['signature'] = array(
'#type' => 'textarea',
'#title' => t('Signature'),
'#default_value' => $edit['signature'],
'#default_value' => isset($account->signature) ? $account->signature : '',
'#description' => t('Your signature will be publicly displayed at the end of your comments.'),
);
}
// Picture/avatar:
if (variable_get('user_pictures', 0) && !$register) {
if (variable_get('user_pictures', 0) && !$register && !$admin) {
$form['picture'] = array(
'#type' => 'fieldset',
'#title' => t('Picture'),
......@@ -1911,15 +1909,15 @@ function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
);
$form['picture']['picture'] = array(
'#type' => 'value',
'#value' => $edit['picture'],
'#value' => isset($account->picture) ? $account->picture : NULL,
);
$form['picture']['picture_current'] = array(
'#markup' => theme('user_picture', (object)$edit),
'#markup' => theme('user_picture', $account),
);
$form['picture']['picture_delete'] = array(
'#type' => 'checkbox',
'#title' => t('Delete picture'),
'#access' => !empty($edit['picture']->fid),
'#access' => !empty($account->picture->fid),
'#description' => t('Check this box to delete your current picture.'),
);
$form['picture']['picture_upload'] = array(
......@@ -1931,9 +1929,6 @@ function user_edit_form($form, &$form_state, $uid, $edit, $register = FALSE) {
$form['#validate'][] = 'user_profile_form_validate';
$form['#validate'][] = 'user_validate_picture';
}
$form['#uid'] = $uid;
return $form;
}
/**
......@@ -3073,8 +3068,11 @@ function user_register($form, &$form_state) {
drupal_goto('user/' . $user->uid);
}
// Start with the default user edit fields.
$form = user_edit_form($form, $form_state, NULL, NULL, TRUE);
$form['#user'] = drupal_anonymous_user();
$form['#user_category'] = 'register';
// Start with the default user account fields.
user_edit_form($form, $form_state);
if ($admin) {
$form['account']['notify'] = array(
'#type' => 'checkbox',
......@@ -3085,13 +3083,6 @@ function user_register($form, &$form_state) {
$form_state['redirect'] = $_GET['q'];
}
// Create a dummy variable for pass-by-reference parameters.
$null = NULL;
$extra = _user_forms($null, NULL, NULL, 'register');
if ($extra) {
$form = array_merge_recursive($form, $extra);
}
// If the "account" fieldset is the only element at the top level, its
// borders are hidden for aesthetic reasons. We do not remove the fieldset but
// preserve the form structure so that modules implementing
......@@ -3110,23 +3101,6 @@ function user_register_validate($form, &$form_state) {
user_module_invoke('validate', $form_state['values'], $form_state['values'], 'account');
}
/**
* Retrieve a list of all form elements for the specified category.
*/
function _user_forms(&$edit, $account, $category, $hook = 'form') {
$groups = array();
foreach (module_implements('user_' . $hook) as $module) {
$function = $module . '_user_' . $hook;
if ($data = $function($edit, $account, $category)) {
$groups = array_merge_recursive($data, $groups);
}
}
uasort($groups, '_user_sort');
return empty($groups) ? FALSE : $groups;
}
/**
* Implementation of hook_modules_installed().
*/
......
modules/user/user.pages.inc
View file @ a4b833b6
......@@ -225,19 +225,21 @@ function user_edit($account, $category = 'account') {
* @see user_profile_form_submit()
* @see user_cancel_confirm_form_submit()
*/
function user_profile_form($form, $form_state, $account, $category = 'account') {
function user_profile_form($form, &$form_state, $account, $category = 'account') {
global $user;
$edit = (empty($form_state['values'])) ? (array)$account : $form_state['values'];
$form['#user'] = $account;
$form['#user_category'] = $category;
$form = _user_forms($edit, $account, $category);
if ($category == 'account') {
user_edit_form($form, $form_state);
}
// Attach field widgets.
field_attach_form('user', (object) $edit, $form, $form_state);
field_attach_form('user', $account, $form, $form_state);
$form['_category'] = array('#type' => 'value', '#value' => $category);
$form['_account'] = array('#type' => 'value', '#value' => $account);
$form['submit'] = array('#type' => 'submit', '#value' => t('Save'), '#weight' => 30);
if (($account->uid == $user->uid && user_access('cancel account')) || user_access('administer users')) {
$form['cancel'] = array(
'#type' => 'submit',
......@@ -257,7 +259,7 @@ function user_profile_form_validate($form, &$form_state) {
$edit = (object)$form_state['values'];
field_attach_form_validate('user', $edit, $form, $form_state);
$edit = (array)$edit;
user_module_invoke('validate', $edit, $form_state['values']['_account'], $form_state['values']['_category']);
user_module_invoke('validate', $edit, $form['#user'], $form['#user_category']);
// Validate input to ensure that non-privileged users can't alter protected data.
if ((!user_access('administer users') && array_intersect(array_keys($edit), array('uid', 'init', 'session'))) || (!user_access('administer permissions') && isset($form_state['values']['roles']))) {
watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
......@@ -270,9 +272,9 @@ function user_profile_form_validate($form, &$form_state) {
* Submit function for the user account and profile editing form.
*/
function user_profile_form_submit($form, &$form_state) {
$account = $form_state['values']['_account'];
$category = $form_state['values']['_category'];
unset($form_state['values']['_account'], $form_state['values']['op'], $form_state['values']['submit'], $form_state['values']['cancel'], $form_state['values']['form_token'], $form_state['values']['form_id'], $form_state['values']['_category'], $form_state['values']['form_build_id']);
$account = $form['#user'];
$category = $form['#user_category'];
unset($form_state['values']['op'], $form_state['values']['submit'], $form_state['values']['cancel'], $form_state['values']['form_token'], $form_state['values']['form_id'], $form_state['values']['form_build_id']);
$edit = (object)$form_state['values'];
field_attach_submit('user', $edit, $form, $form_state);
......@@ -284,7 +286,6 @@ function user_profile_form_submit($form, &$form_state) {