Commit e3d2c46f authored by Kjartan's avatar Kjartan

- applied search patch.

- added who is online block.
- made weblog module more configurable.
- users may now delete their own accounts (Feature #8)
- users may now request a password using email address *or* username.
  formerly required both items to match an account which was onerous.
- the link to request a new password is now presented whenever a user
  fails login.
- there is now a confirmation message after submitting edits to your
  user information.
- error messages in user.module may now be stylized by themes.
- <hook>_form has a $param setting you can fill with form parameters.
- improved wording for a few config settings.
- fixed various non-coding standard things.
parent f8372fa3
......@@ -144,22 +144,36 @@ function variable_del($name) {
unset($conf[$name]);
}
/*
** Format a single result entry of a search query:
*/
/**
* Format a single result entry of a search query:
*
* @param $item a single search result as returned by <module>_search of type
* array("count" => ..., "link" => ..., "title" => ...,
* "user" => ..., "date" => ..., "keywords" => ...)
* @param $type module type of this item
*/
function search_item($item, $type) {
$output .= " <b><u><a href=\"". $item["link"] ."\">". $item["title"] ."</a></u></b><br />";
$output .= " <b>". $item["count"] . "&nbsp;&nbsp;<u><a href=\"". $item["link"] . "\">". $item["title"] ."</a></u></b><br />";
$output .= " <small>$type ". ($item["user"] ? " - ". $item["user"] : "") ."". ($item["date"] ? " - ". format_date($item["date"], "small") : "") ."</small>";
$output .= "<br /><br />";
return $output;
}
/*
** Render a generic search form:
*/
/**
* Render a generic search form.
*
* "Generic" means "universal usable" - that is, usable not only from
* module.php?mod=search, but also as a simple seach box (without
* "Restrict search to", help text, etc) from theme's header etc.
* This means: provide options to only conditionally render certain
* parts of this form.
*
* @param $action Form action. Defaults to module.php?mod=search.
* @param $query Query string. Defaults to global $keys.
* @param $options != 0: Render additional form fields/text
* ("Restrict search to", help text, etc).
*/
function search_form($action = 0, $query = 0, $options = 0) {
global $keys;
......@@ -171,8 +185,8 @@ function search_form($action = 0, $query = 0, $options = 0) {
$query = $keys;
}
$output .= " <input type=\"text\" size=\"50\" value=\"". check_form($keys) ."\" name=\"keys\">";
$output .= " <input type=\"submit\" value=\"". t("Search") ."\">\n";
$output .= " <br /><input type=\"text\" size=\"50\" value=\"". check_form($keys) ."\" name=\"keys\" />";
$output .= " <input type=\"submit\" value=\"". t("Search") ."\" />\n";
if ($options != 0) {
$output .= "<br />";
......@@ -180,18 +194,21 @@ function search_form($action = 0, $query = 0, $options = 0) {
foreach (module_list() as $name) {
if (module_hook($name, "search")) {
$output .= " <input type=\"checkbox\" name=\"edit[type][$name]\" ". ($edit["type"][$name] ? " checked=\"checked\"" : "") ."/> ". t($name);
$output .= " <input type=\"checkbox\" name=\"edit[type][$name]\" ". ($edit["type"][$name] ? " checked=\"checked\"" : "") ." /> ". t($name);
}
}
// TODO: (link to) search hints
}
$form .= "<br />";
return form($output, "post", $action);
}
/*
** Collect the search results:
*/
* Collect the search results:
*/
function search_data() {
global $keys, $edit;
......@@ -200,12 +217,18 @@ function search_data() {
if ($keys) {
foreach (module_list() as $name) {
if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", check_query($keys)))) {
if ($name == "node" || $name == "comment") {
$output .= "<b>Matching ". $name ."s ranked in order of relevance</b><br />";
}
else {
$output .= "<b>Matching ". $name ."s</b><br />";
}
foreach ($result as $entry) {
$output .= search_item($entry, $name);
}
}
}
if(!$output) {
if (!$output) {
$output .= t("Your search yielded no results.");
}
}
......@@ -213,10 +236,16 @@ function search_data() {
return $output;
}
/*
** Display the search form and the resulting data:
*/
/**
* Display the search form and the resulting data.
*
* @param $type If set, search only nodes of this type.
* Otherwise, search all types.
* @param $action Form action. Defaults to module.php?mod=search.
* @param $query Query string. Defaults to global $keys.
* @param $options != 0: Render additional form fields/text
* ("Restrict search to", help text, etc).
*/
function search_type($type = 0, $action = 0, $query = 0, $options = 0) {
global $edit;
......@@ -304,7 +333,9 @@ function check_query($text) {
function filter($text) {
foreach (module_list() as $name) {
if (module_hook($name, "filter")) $text = module_invoke($name, "filter", $text);
if (module_hook($name, "filter")) {
$text = module_invoke($name, "filter", $text);
}
}
return $text;
......@@ -327,10 +358,6 @@ function check_file($filename) {
}
}
function file_encode($filename) {
$edit[filedata] = base64_encode(fread($fd, filesize($edit[upload_file])));
}
function format_info($body, $block) {
return "<table><tr><td><table align=\"right\" border=\"1\" width=\"180\"><tr><td>$block</td></tr></table>$body</td></tr></table>\n";
}
......@@ -552,7 +579,9 @@ function field_get($string, $name) {
function field_set($string, $name, $value) {
$rval = ereg_replace(",$name=[^,]+", "", ",$string");
if ($value) $rval .= ($rval == "," ? "" : ",") ."$name=$value";
if ($value) {
$rval .= ($rval == "," ? "" : ",") ."$name=$value";
}
return substr($rval, 1);
}
......
......@@ -191,6 +191,15 @@ function comment_preview($edit) {
comment_view($comment, t("reply to this comment"));
$theme->box(t("Reply"), comment_form($edit));
if ($edit["pid"]) {
$comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$edit[pid]'"));
comment_view($comment, t("reply to this comment"));
}
else {
node_view(node_load(array("nid" => $edit["nid"])));
$edit["pid"] = 0;
}
}
function comment_post($edit) {
......@@ -531,10 +540,32 @@ function comment_render($nid, $cid) {
function comment_search($keys) {
global $PHP_SELF;
$result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->nid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
}
// Return the results of performing a search using the indexed search
// for this particular type of node.
//
// Pass an array to the "do_search" function which dictates what it
// will search through, and what it will search for
//
// "keys"'s value is the keywords entered by the user
//
// "type"'s value is used to identify the node type in the search
// index.
//
// "select"'s value is used to relate the data from the specific nodes
// table to the data that the search_index table has in it, and the the
// do_search functino will rank it.
//
// The select must always provide the following fields - lno, title,
// created, uid, name, count
//
// The select statement may optionally provide "nid", which is a secondary
// identifier which is currently used byt the comment module.
//
$find = do_search(array("keys" => $keys,
"type" => "comment",
"select" => "select s.lno as lno, c.nid as nid, c.subject as title, c.timestamp as created, u.uid as uid, u.name as name, s.count as count FROM search_index s, comments c LEFT JOIN users u ON c.uid = u.uid WHERE s.lno = c.cid AND s.type = 'comment' AND s.word like '%'"));
return $find;
}
......@@ -715,4 +746,23 @@ function comment_admin() {
}
}
function comment_update_index() {
// Return an array of values to dictate how to update the search index
// for this particular type of node.
//
// "last_update"'s value is used with variable_set to set the
// last time this node type (comment) had an index update run.
//
// "node_type"'s value is used to identify the node type in the search
// index (commentt in this case).
//
// "select"'s value is used to select the node id and text fields from
// the table we are indexing. In this case, we also check against the
// last run date for the comments update.
return array("last_update" => "comment_cron_last",
"node_type" => "comment",
"select" => "SELECT c.cid as lno, c.subject as text1, c.comment as text2 FROM comments c WHERE timestamp > ". variable_get("comment_cron_last", 1));
}
?>
......@@ -191,6 +191,15 @@ function comment_preview($edit) {
comment_view($comment, t("reply to this comment"));
$theme->box(t("Reply"), comment_form($edit));
if ($edit["pid"]) {
$comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$edit[pid]'"));
comment_view($comment, t("reply to this comment"));
}
else {
node_view(node_load(array("nid" => $edit["nid"])));
$edit["pid"] = 0;
}
}
function comment_post($edit) {
......@@ -531,10 +540,32 @@ function comment_render($nid, $cid) {
function comment_search($keys) {
global $PHP_SELF;
$result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->nid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
}
// Return the results of performing a search using the indexed search
// for this particular type of node.
//
// Pass an array to the "do_search" function which dictates what it
// will search through, and what it will search for
//
// "keys"'s value is the keywords entered by the user
//
// "type"'s value is used to identify the node type in the search
// index.
//
// "select"'s value is used to relate the data from the specific nodes
// table to the data that the search_index table has in it, and the the
// do_search functino will rank it.
//
// The select must always provide the following fields - lno, title,
// created, uid, name, count
//
// The select statement may optionally provide "nid", which is a secondary
// identifier which is currently used byt the comment module.
//
$find = do_search(array("keys" => $keys,
"type" => "comment",
"select" => "select s.lno as lno, c.nid as nid, c.subject as title, c.timestamp as created, u.uid as uid, u.name as name, s.count as count FROM search_index s, comments c LEFT JOIN users u ON c.uid = u.uid WHERE s.lno = c.cid AND s.type = 'comment' AND s.word like '%'"));
return $find;
}
......@@ -715,4 +746,23 @@ function comment_admin() {
}
}
function comment_update_index() {
// Return an array of values to dictate how to update the search index
// for this particular type of node.
//
// "last_update"'s value is used with variable_set to set the
// last time this node type (comment) had an index update run.
//
// "node_type"'s value is used to identify the node type in the search
// index (commentt in this case).
//
// "select"'s value is used to select the node id and text fields from
// the table we are indexing. In this case, we also check against the
// last run date for the comments update.
return array("last_update" => "comment_cron_last",
"node_type" => "comment",
"select" => "SELECT c.cid as lno, c.subject as text1, c.comment as text2 FROM comments c WHERE timestamp > ". variable_get("comment_cron_last", 1));
}
?>
......@@ -48,7 +48,7 @@ function node_teaser($body) {
function node_invoke($node, $name, $arg = 0) {
if (is_array($node)) {
$function = $node[type] ."_$name";
$function = $node["type"] ."_$name";
}
else if (is_object($node)) {
$function = $node->type ."_$name";
......@@ -261,11 +261,28 @@ function node_perm() {
function node_search($keys) {
global $PHP_SELF;
$result = db_query("SELECT n.nid, n.title, n.created, u.uid, u.name FROM node n LEFT JOIN users u ON n.uid = u.uid WHERE n.status = 1 AND (n.title LIKE '%$keys%' OR n.teaser LIKE '%$keys%' OR n.body LIKE '%$keys%') ORDER BY n.created DESC LIMIT 20");
while ($node = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($node->title), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=node&type=node&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->name, "date" => $node->created);
}
// Return the results of performing a search using the indexed search
// for this particular type of node.
//
// Pass an array to the "do_search" function which dictates what it
// will search through, and what it will search for
//
// "keys"'s value is the keywords entered by the user
//
// "type"'s value is used to identify the node type in the search
// index.
//
// "select"'s value is used to relate the data from the specific nodes
// table to the data that the search_index table has in it, and the the
// do_search functino will rank it.
//
// The select must always provide the following fields - lno, title,
// created, uid, name, count
//
$find = do_search(array("keys" => $keys,
"type" => "node",
"select" => "select s.lno as lno, n.title as title, n.created as created, u.uid as uid, u.name as name, s.count as count FROM search_index s, node n LEFT JOIN users u ON n.uid = u.uid WHERE s.lno = n.nid AND s.type = 'node' AND s.word like '%' AND n.status = 1"));
return $find;
}
......@@ -316,7 +333,7 @@ function node_filter_line($text) {
** Replace '<br>', '<br />', '<p>' and '<p />' by '\n':
*/
$text = eregi_replace("<br>", "\n", $text);
$text = eregi_replace("<br />", "\n", $text);
$text = eregi_replace("<br />", "\n", $text);
$text = eregi_replace("<p>", "\n", $text);
$text = eregi_replace("<p />", "\n", $text);
......@@ -772,7 +789,7 @@ function node_form($edit) {
$function = $edit->type ."_form";
if (function_exists($function)) {
$form .= $function($edit, $help, $error);
$form .= $function($edit, $help, $error, $param);
}
/*
......@@ -857,7 +874,7 @@ function node_form($edit) {
$output .= " </tr>";
$output .= "</table>";
return form($output);
return form($output, ($param["method"] ? $param["method"] : "post"), $param["action"], $param["options"]);
}
function node_add($type) {
......@@ -1176,4 +1193,23 @@ function node_page() {
$theme->footer();
}
function node_update_index() {
// Return an array of values to dictate how to update the search index
// for this particular type of node.
//
// "last_update"'s value is used with variable_set to set the
// last time this node type had an index update run.
//
// "node_type"'s value is used to identify the node type in the search
// index.
//
// "select"'s value is used to select the node id and text fields from
// the table we are indexing. In this case, we also check against the
// last run date for the nodes update.
return array("last_update" => "node_cron_last",
"node_type" => "node",
"select" => "SELECT n.nid as lno, n.title as text1, n.body as text2 FROM node n WHERE n.status = 1 AND moderate = 0 and (created > " . variable_get("node_cron_last", 1) . " or changed > " . variable_get("node_cron_last", 1) . ")");
}
?>
......@@ -48,7 +48,7 @@ function node_teaser($body) {
function node_invoke($node, $name, $arg = 0) {
if (is_array($node)) {
$function = $node[type] ."_$name";
$function = $node["type"] ."_$name";
}
else if (is_object($node)) {
$function = $node->type ."_$name";
......@@ -261,11 +261,28 @@ function node_perm() {
function node_search($keys) {
global $PHP_SELF;
$result = db_query("SELECT n.nid, n.title, n.created, u.uid, u.name FROM node n LEFT JOIN users u ON n.uid = u.uid WHERE n.status = 1 AND (n.title LIKE '%$keys%' OR n.teaser LIKE '%$keys%' OR n.body LIKE '%$keys%') ORDER BY n.created DESC LIMIT 20");
while ($node = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($node->title), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=node&type=node&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->name, "date" => $node->created);
}
// Return the results of performing a search using the indexed search
// for this particular type of node.
//
// Pass an array to the "do_search" function which dictates what it
// will search through, and what it will search for
//
// "keys"'s value is the keywords entered by the user
//
// "type"'s value is used to identify the node type in the search
// index.
//
// "select"'s value is used to relate the data from the specific nodes
// table to the data that the search_index table has in it, and the the
// do_search functino will rank it.
//
// The select must always provide the following fields - lno, title,
// created, uid, name, count
//
$find = do_search(array("keys" => $keys,
"type" => "node",
"select" => "select s.lno as lno, n.title as title, n.created as created, u.uid as uid, u.name as name, s.count as count FROM search_index s, node n LEFT JOIN users u ON n.uid = u.uid WHERE s.lno = n.nid AND s.type = 'node' AND s.word like '%' AND n.status = 1"));
return $find;
}
......@@ -316,7 +333,7 @@ function node_filter_line($text) {
** Replace '<br>', '<br />', '<p>' and '<p />' by '\n':
*/
$text = eregi_replace("<br>", "\n", $text);
$text = eregi_replace("<br />", "\n", $text);
$text = eregi_replace("<br />", "\n", $text);
$text = eregi_replace("<p>", "\n", $text);
$text = eregi_replace("<p />", "\n", $text);
......@@ -772,7 +789,7 @@ function node_form($edit) {
$function = $edit->type ."_form";
if (function_exists($function)) {
$form .= $function($edit, $help, $error);
$form .= $function($edit, $help, $error, $param);
}
/*
......@@ -857,7 +874,7 @@ function node_form($edit) {
$output .= " </tr>";
$output .= "</table>";
return form($output);
return form($output, ($param["method"] ? $param["method"] : "post"), $param["action"], $param["options"]);
}
function node_add($type) {
......@@ -1176,4 +1193,23 @@ function node_page() {
$theme->footer();
}
function node_update_index() {
// Return an array of values to dictate how to update the search index
// for this particular type of node.
//
// "last_update"'s value is used with variable_set to set the
// last time this node type had an index update run.
//
// "node_type"'s value is used to identify the node type in the search
// index.
//
// "select"'s value is used to select the node id and text fields from
// the table we are indexing. In this case, we also check against the
// last run date for the nodes update.
return array("last_update" => "node_cron_last",
"node_type" => "node",
"select" => "SELECT n.nid as lno, n.title as text1, n.body as text2 FROM node n WHERE n.status = 1 AND moderate = 0 and (created > " . variable_get("node_cron_last", 1) . " or changed > " . variable_get("node_cron_last", 1) . ")");
}
?>
This diff is collapsed.
This diff is collapsed.
......@@ -40,14 +40,14 @@ function system_view_options() {
// general settings:
$output .= "<h3>General settings</h3>\n";
$output .= form_textfield("Name", "site_name", variable_get("site_name", "drupal"), 55, 55, "The name of this website.");
$output .= form_textfield("E-mail address", "site_mail", variable_get("site_mail", ini_get("sendmail_from")), 55, 128, "A valid e-mail address for this website, used by the auto-mailer to create new user accounts.");
$output .= form_textfield("Slogan", "site_slogan", variable_get("site_slogan", ""), 55, 128, "The slogan of this website");
$output .= form_textarea("Mission", "site_mission", variable_get("site_mission", ""), 55, 5, "Your site's mission statement or focus.");
$output .= form_textfield("E-mail address", "site_mail", variable_get("site_mail", ini_get("sendmail_from")), 55, 128, "A valid e-mail address for this website, used by the auto-mailer during registration, new password requests, notifications, etc.");
$output .= form_textfield("Slogan", "site_slogan", variable_get("site_slogan", ""), 55, 128, "The slogan of this website. Some themes display a slogan when available.");
$output .= form_textarea("Mission", "site_mission", variable_get("site_mission", ""), 55, 5, "Your site's mission statement or focus. When enabled, this mission is listed at Drupal.org");
$output .= form_textarea("Footer message", "site_footer", variable_get("site_footer", ""), 55, 5, "This text will be displayed at the bottom of each page. Useful for adding a copyright notice to your pages.");
$output .= form_textfield("Anonymous user", "anonymous", variable_get("anonymous", "Anonymous"), 55, 55, "The name used to indicate anonymous users.");
foreach (module_list() as $name) { if (module_hook($name, "page")) $pages[$name] = $name; }
$output .= form_select("Default front page", "site_frontpage", variable_get("site_frontpage", "node"), $pages, "The default front page.");
$output .= form_textfield("Extra front page settings", "site_frontpage_extra", variable_get("site_frontpage_extra", ""), 55, 128, "Lets you define additonal variables for the main page in PHP.");
$output .= form_select("Default front page", "site_frontpage", variable_get("site_frontpage", "node"), $pages, "The home page displays content from this module (usually <b>node</b>).");
$output .= form_textarea("Extra front page PHP", "site_frontpage_extra", variable_get("site_frontpage_extra", ""), 55, 5, "Insert arbitrary PHP into the home page. This PHP executes via <b>eval()</b> after the page header but before the main page content.");
$output .= "<hr />\n";
// caching:
......
......@@ -40,14 +40,14 @@ function system_view_options() {
// general settings:
$output .= "<h3>General settings</h3>\n";
$output .= form_textfield("Name", "site_name", variable_get("site_name", "drupal"), 55, 55, "The name of this website.");
$output .= form_textfield("E-mail address", "site_mail", variable_get("site_mail", ini_get("sendmail_from")), 55, 128, "A valid e-mail address for this website, used by the auto-mailer to create new user accounts.");
$output .= form_textfield("Slogan", "site_slogan", variable_get("site_slogan", ""), 55, 128, "The slogan of this website");
$output .= form_textarea("Mission", "site_mission", variable_get("site_mission", ""), 55, 5, "Your site's mission statement or focus.");
$output .= form_textfield("E-mail address", "site_mail", variable_get("site_mail", ini_get("sendmail_from")), 55, 128, "A valid e-mail address for this website, used by the auto-mailer during registration, new password requests, notifications, etc.");
$output .= form_textfield("Slogan", "site_slogan", variable_get("site_slogan", ""), 55, 128, "The slogan of this website. Some themes display a slogan when available.");
$output .= form_textarea("Mission", "site_mission", variable_get("site_mission", ""), 55, 5, "Your site's mission statement or focus. When enabled, this mission is listed at Drupal.org");
$output .= form_textarea("Footer message", "site_footer", variable_get("site_footer", ""), 55, 5, "This text will be displayed at the bottom of each page. Useful for adding a copyright notice to your pages.");
$output .= form_textfield("Anonymous user", "anonymous", variable_get("anonymous", "Anonymous"), 55, 55, "The name used to indicate anonymous users.");
foreach (module_list() as $name) { if (module_hook($name, "page")) $pages[$name] = $name; }
$output .= form_select("Default front page", "site_frontpage", variable_get("site_frontpage", "node"), $pages, "The default front page.");
$output .= form_textfield("Extra front page settings", "site_frontpage_extra", variable_get("site_frontpage_extra", ""), 55, 128, "Lets you define additonal variables for the main page in PHP.");
$output .= form_select("Default front page", "site_frontpage", variable_get("site_frontpage", "node"), $pages, "The home page displays content from this module (usually <b>node</b>).");
$output .= form_textarea("Extra front page PHP", "site_frontpage_extra", variable_get("site_frontpage_extra", ""), 55, 5, "Insert arbitrary PHP into the home page. This PHP executes via <b>eval()</b> after the page header but before the main page content.");
$output .= "<hr />\n";
// caching:
......
......@@ -24,7 +24,7 @@ function sess_read($key) {
function sess_write($key, $value) {
global $HTTP_SERVER_VARS;
db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', session = '". check_query($value) ."', timestamp = '". time() ."' WHERE sid = '$key'");
db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS["REMOTE_ADDR"]) ."', session = '". check_query($value) ."', timestamp = '". time() ."' WHERE sid = '$key'");
return '';
}
......@@ -32,7 +32,7 @@ function sess_write($key, $value) {
function sess_destroy($key) {
global $HTTP_SERVER_VARS;
db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."', sid = '' WHERE sid = '$key'");
db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS["REMOTE_ADDR"]) ."', timestamp = '". time() ."', sid = '' WHERE sid = '$key'");
}
function sess_gc($lifetime) {
......@@ -63,7 +63,7 @@ function user_load($array = array()) {
foreach ($array as $key => $value) {
if ($key == "pass") {
$query .= "u.$key = '" . md5($value) . "' AND ";
$query .= "u.$key = '". md5($value) ."' AND ";
}
else {
$query .= "u.$key = '". addslashes($value) ."' AND ";
......@@ -482,6 +482,23 @@ function user_block() {
$block[0]["info"] = t("User information");
$block[0]["link"] = "module.php?mod=user";
// Who's online block
$time = 60 * 60; // minutes * seconds
$limit = 0; // List the X most recent people
$result = db_query("SELECT uid, name FROM users WHERE timestamp > unix_timestamp() - ($time) ORDER BY timestamp DESC LIMIT $limit");
if (db_num_rows($result)) {
$output = "<ol>";
while ($account = db_fetch_object($result)) {
$output .= '<li><a href="module.php?mod=user&op=view&id='. $account->uid .'">'. (strlen($account->name) > 10 ? substr($account->name, 0, 10) . '...' : $account->name) .'</a></li>';
}
$output .= "</ol>";
$block[1]["content"] = $output;
}
$block[1]["subject"] = t("Who's online");
$block[1]["info"] = t("Who's online");
return $block;
}
......@@ -724,7 +741,7 @@ function user_login($edit = array()) {
}
else {
if (!$error) {
$error = t("Authentication failed.");
$error = sprintf(t("Sorry. Unrecognized username or password. Have you %sforgotten your password%s?"),"<a href=\"/module.php?mod=user&op=password\">","</a>");
}
if ($server) {
watchdog("user", "failed login for '$name@$server': $error");
......@@ -740,7 +757,7 @@ function user_login($edit = array()) {
*/
if ($error) {
$output .= "<p><span style=\"color: red;\">". check_output($error) ."</span></p>";
$output .= "<p><span style=\"color: red;\" class=\"error\">". check_output($error) ."</span></p>";
}
/*
......@@ -778,8 +795,15 @@ function user_logout() {
function user_pass($edit = array()) {
if ($edit["name"] && $edit["mail"]) {
if ($account = db_fetch_object(db_query("SELECT uid FROM users WHERE name = '". check_input($edit["name"]) ."' AND mail = '". check_input($edit["mail"]) ."'"))) {
if ($edit["name"]) {
$account = db_fetch_object(db_query("SELECT uid FROM users WHERE name = '". check_input($edit["name"]) . "'"));
if (!$account) $error = sprintf(t("Sorry. The username <i>%s</i> is not recognized."), $edit["name"]);
}
else if ($edit["mail"]) {
$account = db_fetch_object(db_query("SELECT uid FROM users WHERE mail = '". check_input($edit["mail"]) ."'"));
if (!$account) $error = sprintf(t("Sorry. The e-mail address <i>%s</i> is not recognized."), $edit["mail"]);
}
if ($account) {
$from = variable_get("site_mail", ini_get("sendmail_from"));
$pass = user_password();
......@@ -801,17 +825,17 @@ function user_pass($edit = array()) {
return t("Your password and further instructions have been sent to your e-mail address.");
}
else {
watchdog("user", "mail password: '". $edit["name"] ."' and &lt;". $edit["mail"] ."&gt; do not match");
return t("Could not send password: no match for the specified username and e-mail address.");
// Display error message if necessary.
if ($error) {
$output .= "<p><span style=\"color: red;\" class=\"error\">". check_output($error) ."</span></p>";
}
}
else {
/*
** Display form:
*/
$output .= sprintf(t("%sEnter your username %sor%s your email address.%s"), "<p>", "<b><i>", "</i></b>", "</p>");
$output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64);
$output .= form_textfield(t("E-mail address"), "mail", $edit["mail"], 30, 64);
$output .= form_submit(t("E-mail new password"));
......@@ -894,7 +918,7 @@ function user_register($edit = array()) {
else {
if ($error) {
$output .= "<p><span style=\"color: red;\">". check_output($error) ."</span></p>";
$output .= "<p><span style=\"color: red;\" class=\"error\">". check_output($error) ."</span></p>";
}
$output .= form_textfield(t("Username"), "name", $edit["name"], 30, 64, t("Your full name or your prefered username: only letters, numbers and spaces are allowed."));
......@@ -910,6 +934,24 @@ function user_register($edit = array()) {
}
}
function user_delete() {
global $edit, $user;
if ($edit["confirm"]) {
watchdog(user,"$user->name deactivated her own account.");
db_query("UPDATE users SET mail = 'deleted', status='0' WHERE uid = '$user->uid'");
$output .= t("Your account has been deactivated.");
}
else {
$output .= form_item(t("Confirm Deletion"), t("You are about to deactivate your own user account. In addition, your email address will be removed from the database."));
$output .= form_hidden("confirm", 1);
$output .= form_submit(t("Delete account"));
$output = form($output);
}
return $output;
}