Commit 3b8c99d9 authored by Dries's avatar Dries

- Bugfix: fixed the CREATE FUNCTION in database.mssql as it needs to be...

- Bugfix: fixed the CREATE FUNCTION in database.mssql as it needs to be prefixed with GO for some obscure reason.  Patch by Kjartan.

- Bugfix: fixed the defaults for blocks in database.mssql so the NOT NULL fields get values.  Patch by Kjartan.

- Bugfix: changed check_form() to use htmlspecialchars() instead of drupal_specialchars() as this caused Drupal to emit incorrect form items in presence of quotes.  Example:

  <input type="submit" class="form-submit" name="op" value="Submit "top nodes" block changes" />

  IMO, drupal_specialchars() is better called xmlspecialchars() to avoid confusion.

- Bugfix: when an anonymous user visits a site, they shouldn't see any content (except the login block, if it is enabled) unless they have the "access content" permissions.  Patch by Matt Westgate.

- Improvement: improved the error checking and the error messages in the profile module.  Updated the code to match the Drupal coding conventions.  Modified patch from Matt Westgate.

- Improvement: don't generate the <base href=""> tag in the base theme; it is already emitted by theme_head().  Patch by Kristjan.

- Improvement: don't execute any SQL queries when checking the permissions of user #1.  Patch by Kjartan.

- Improvement: made a scalable layout form that works in IE and that behaves better with narrow themes.  Part of patch #51 by Al.

- Improvement: removed some redundant print statements from the comment module.  Modified patch from Craig Courtney.
parent c6eede08
---
--- Table definitions
---
CREATE TABLE [dbo].[access] (
[aid] [smallint] NULL ,
[mask] [varchar] (255) NOT NULL ,
......@@ -460,13 +464,15 @@ INSERT INTO system VALUES ('themes/marvin/marvin.theme','marvin','theme','Intern
INSERT INTO variable(name,value) VALUES('update_start', 's:10:"2002-05-15";');
INSERT INTO variable(name,value) VALUES('theme_default','s:6:"marvin";');
INSERT INTO blocks(module,delta,status) VALUES('user', '0', '1');
INSERT INTO blocks(module,delta,status) VALUES('user', '1', '1');
INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 0, 1, 0, 1, 0, '');
INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 1, 1, 0, 1, 0, '');
---
--- Functions. Functions first available in SQL Server 2000. GREATEST() used by forum.module, tracker.module at the moment.
---
GO
CREATE FUNCTION GREATEST (@a int, @b int)
RETURNS int AS
BEGIN
......@@ -476,4 +482,3 @@ BEGIN
END
RETURN @b;
END
......@@ -489,7 +489,7 @@ function check_url($uri) {
}
function check_form($text) {
return drupal_specialchars($text);
return htmlspecialchars($text);
}
function check_query($text) {
......
......@@ -23,7 +23,6 @@ function header($title = "") {
$output = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"DTD/xhtml1-transitional.dtd\">\n";
$output .= "<html><head><title>". $title ? $title : variable_get(site_name, "drupal") ."</title>";
$output .= "<base href=\"$base_url/\" />";
$output .= theme_head($main);
$output .= "</head><body bgcolor=\"$this->background\" text=\"$this->foreground". theme_onload_attribute(). "\">";
$output .= "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"><tr><td valign=\"top\" width=\"170\">";
......
......@@ -127,22 +127,3 @@ dd {
#update {
padding: 1em 1em 1em 1em;
}
.node-form .admin {
float: none; width: auto; margin-top: 0;
}
.node-form .standard {
margin-right: 0;
clear: both;
}
.node-form .admin .form-item .title {
margin-top: 0;
}
.node-form .admin .authored .form-item {
margin-bottom: 1.1em;
}
.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra {
float: left; margin-right: 2em; margin-bottom: 1em;
}
.node-form .admin .form-item .form-text {
width: auto;
}
......@@ -48,10 +48,23 @@ th {
.poll .vote-form .choices { text-align: left; margin: 0 auto; display: table; }
.node-form .admin { float: right; width: 15em; margin-top: -1.1em; }
.node-form .standard { margin-right: 15em; }
.node-form .form-text { display: block; }
.node-form textarea { display: block; }
.node-form .form-text { display: block; width: 95%; }
.node-form textarea { display: block; width: 95%; }
.node-form .standard {
clear: both;
}
.node-form .admin .form-item .title {
margin-top: 0;
}
.node-form .admin .authored .form-item {
margin-bottom: 1.1em;
}
.node-form .admin .authored .form-text { width: auto; }
.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra {
float: left; margin-right: 2em; margin-bottom: 1em;
}
.marker { color: #f00; }
.error { color: #f00; }
......
......@@ -1197,7 +1197,7 @@ function comment_folded($comment) {
function comment_flat_collapsed($comments, $threshold) {
foreach ($comments as $comment) {
if (comment_visible($comment, $threshold)) {
print comment_view($comment, "", 0);
comment_view($comment, "", 0);
}
}
}
......@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) {
#$comment = $comments[$n];
if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) {
print "<ul>";
print comment_view($comment, "", 0);
comment_view($comment, "", 0);
comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>";
}
......
......@@ -1197,7 +1197,7 @@ function comment_folded($comment) {
function comment_flat_collapsed($comments, $threshold) {
foreach ($comments as $comment) {
if (comment_visible($comment, $threshold)) {
print comment_view($comment, "", 0);
comment_view($comment, "", 0);
}
}
}
......@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) {
#$comment = $comments[$n];
if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) {
print "<ul>";
print comment_view($comment, "", 0);
comment_view($comment, "", 0);
comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>";
}
......
......@@ -103,7 +103,7 @@ function locale_edit($lid) {
$result = db_query("SELECT * FROM locales WHERE lid = '$lid'");
if ($translation = db_fetch_object($result)) {
$form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string)));
$form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string)));
foreach ($languages as $code=>$language) {
$form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128);
......
......@@ -103,7 +103,7 @@ function locale_edit($lid) {
$result = db_query("SELECT * FROM locales WHERE lid = '$lid'");
if ($translation = db_fetch_object($result)) {
$form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string)));
$form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string)));
foreach ($languages as $code=>$language) {
$form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128);
......
......@@ -43,22 +43,24 @@ function poll_access($op, $node) {
}
function poll_block($op = "list", $delta = 0) {
if ($op == "list") {
$blocks[0]["info"] = t("Most recent poll");
return $blocks;
}
else {
$timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
if ($timestamp) {
$poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
if ($poll->nid) {
// Poll_view dumps the output into $poll->body
poll_view($poll, 1, 1);
if (user_access("access content")) {
if ($op == "list") {
$blocks[0]["info"] = t("Most recent poll");
return $blocks;
}
else {
$timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
if ($timestamp) {
$poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
if ($poll->nid) {
// Poll_view dumps the output into $poll->body
poll_view($poll, 1, 1);
}
}
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
}
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
}
}
......
......@@ -43,22 +43,24 @@ function poll_access($op, $node) {
}
function poll_block($op = "list", $delta = 0) {
if ($op == "list") {
$blocks[0]["info"] = t("Most recent poll");
return $blocks;
}
else {
$timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
if ($timestamp) {
$poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
if ($poll->nid) {
// Poll_view dumps the output into $poll->body
poll_view($poll, 1, 1);
if (user_access("access content")) {
if ($op == "list") {
$blocks[0]["info"] = t("Most recent poll");
return $blocks;
}
else {
$timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
if ($timestamp) {
$poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
if ($poll->nid) {
// Poll_view dumps the output into $poll->body
poll_view($poll, 1, 1);
}
}
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
}
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
}
}
......
......@@ -36,7 +36,7 @@ function _profile_init() {
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
}
function profile_system($field){
function profile_system($field) {
$system["description"] = t("Support for configurable user profiles.");
$system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>");
return $system[$field];
......@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) {
foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) {
$f = "form_".$field[0];
$t = "profile_".$name;
$f = "form_". $field[0];
$t = "profile_". $name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
}
}
......@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) {
$enabled_fields = _profile_active_fields($mode);
if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) {
$error .= $birth_error."<br />";
$error .= $birth_error ."<br />";
}
if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) {
$error .= $avatar_error."<br />";
$error .= $avatar_error ."<br />";
}
foreach (array_keys($profile_fields) as $field) {
......@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) {
}
// now check for required fields
foreach(_profile_active_fields("required") as $required) {
foreach (_profile_active_fields("required") as $required) {
if ($required != "0" && in_array($required, $enabled_fields)) {
if (!$edit["profile_".$required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />";
if (!$edit["profile_". $required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />";
}
}
}
......@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) {
foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name];
$t = "profile_".$name;
$t = "profile_". $name;
if (!empty($user->$t)) {
switch ($field[0]) {
case "textfield":
case "textarea":
case "checkbox":
$value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t);
$value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t);
$output .= form_item($field[1], $value);
break;
case "select":
......@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) {
$extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85"));
if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("the uploaded file was not an image.");
if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("The uploaded file was not an image.");
}
else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) {
$error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) {
$error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
}
else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
$error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
$error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
}
else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
$error = t("error in file upload");
$error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else {
$edit["profile_avatar"] = $extension;
......@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) {
return;
}
else {
return t("The specified birthday is not valid.")."<br />";
return t("The specified birthday is not valid.") ."<br />";
}
}
......
......@@ -36,7 +36,7 @@ function _profile_init() {
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
}
function profile_system($field){
function profile_system($field) {
$system["description"] = t("Support for configurable user profiles.");
$system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>");
return $system[$field];
......@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) {
foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) {
$f = "form_".$field[0];
$t = "profile_".$name;
$f = "form_". $field[0];
$t = "profile_". $name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
}
}
......@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) {
$enabled_fields = _profile_active_fields($mode);
if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) {
$error .= $birth_error."<br />";
$error .= $birth_error ."<br />";
}
if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) {
$error .= $avatar_error."<br />";
$error .= $avatar_error ."<br />";
}
foreach (array_keys($profile_fields) as $field) {
......@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) {
}
// now check for required fields
foreach(_profile_active_fields("required") as $required) {
foreach (_profile_active_fields("required") as $required) {
if ($required != "0" && in_array($required, $enabled_fields)) {
if (!$edit["profile_".$required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />";
if (!$edit["profile_". $required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />";
}
}
}
......@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) {
foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name];
$t = "profile_".$name;
$t = "profile_". $name;
if (!empty($user->$t)) {
switch ($field[0]) {
case "textfield":
case "textarea":
case "checkbox":
$value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t);
$value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t);
$output .= form_item($field[1], $value);
break;
case "select":
......@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) {
$extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85"));
if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("the uploaded file was not an image.");
if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("The uploaded file was not an image.");
}
else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) {
$error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) {
$error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
}
else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
$error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
$error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
}
else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
$error = t("error in file upload");
$error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else {
$edit["profile_avatar"] = $extension;
......@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) {
return;
}
else {
return t("The specified birthday is not valid.")."<br />";
return t("The specified birthday is not valid.") ."<br />";
}
}
......
......@@ -613,67 +613,69 @@ function statistics_display_topnodes_block() {
function statistics_display_online_block() {
global $id, $recent_activity;
$throttle = throttle_status();
$multiplier = variable_get("statistics_throttle_multiplier", 60);
if (user_access("access content")) {
$throttle = throttle_status();
$multiplier = variable_get("statistics_throttle_multiplier", 60);
/* don't do any database lookups if on maximum throttle */
if ($throttle < 5) {
/* count users with activity in the past defined period */
$time_period = variable_get("statistics_block_online_time", 2700);
/* don't do any database lookups if on maximum throttle */
if ($throttle < 5) {
/* count users with activity in the past defined period */
$time_period = variable_get("statistics_block_online_time", 2700);
/*
** This call gathers all the info we need on users/guests in a single
** database call, thus is quite efficient.
*/
$result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
$users = $guests = 0;
/* Count number of users & guests currently online based on db query */
while ($users_online = db_fetch_array($result)) {
if ($users_online["uid"]) {
/* Has uid, so is a registered user */
$user_list[$users] = $users_online[uid];
$users++;
}
else {
/*
** There's only going to be one return with a uid of 0, and that's
** the guest(s). Hence, the count of this field is the total number
** of guests currently online.
*/
$guests = $users_online["count"];
/*
** This call gathers all the info we need on users/guests in a single
** database call, thus is quite efficient.
*/
$result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
$users = $guests = 0;
/* Count number of users & guests currently online based on db query */
while ($users_online = db_fetch_array($result)) {
if ($users_online["uid"]) {
/* Has uid, so is a registered user */
$user_list[$users] = $users_online[uid];
$users++;
}
else {
/*
** There's only going to be one return with a uid of 0, and that's
** the guest(s). Hence, the count of this field is the total number
** of guests currently online.
*/
$guests = $users_online["count"];
}
}
}
/* format the output with proper grammar */
$output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
if (user_access("access userlist") && $users) {
/* Display a list of currently online users */
$max_users = variable_get("statistics_block_online_max_cnt", 10);
$max_name_len = variable_get("statistics_block_online_max_len", 15);
$uid = reset($user_list);
while (($uid) && ($max_users)) {
$user = user_load(array("uid" => $uid));
/* When displaying name, be sure it's not more than defined max length */
$items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
$uid = next($user_list);
/*
** When $max_users reaches zero, we break out even if there are
** more online (as defined by the admin)
*/
$max_users--;
/* format the output with proper grammar */
$output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
if (user_access("access userlist") && $users) {
/* Display a list of currently online users */
$max_users = variable_get("statistics_block_online_max_cnt", 10);
$max_name_len = variable_get("statistics_block_online_max_len", 15);
$uid = reset($user_list);
while (($uid) && ($max_users)) {
$user = user_load(array("uid" => $uid));
/* When displaying name, be sure it's not more than defined max length */
$items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
$uid = next($user_list);
/*
** When $max_users reaches zero, we break out even if there are
** more online (as defined by the admin)
*/
$max_users--;
}
$output .= "<br /><br />";
$output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
$output .= "<br /><br />";
$output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
else {
/* default message when fully throttled */
$output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
}
return $output;
}
else {
/* default message when fully throttled */
$output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
}
return $output;
}
......
......@@ -613,67 +613,69 @@ function statistics_display_topnodes_block() {
function statistics_display_online_block() {
global $id, $recent_activity;
$throttle = throttle_status();
$multiplier = variable_get("statistics_throttle_multiplier", 60);
if (user_access("access content")) {
$throttle = throttle_status();
$multiplier = variable_get("statistics_throttle_multiplier", 60);
/* don't do any database lookups if on maximum throttle */
if ($throttle < 5) {
/* count users with activity in the past defined period */
$time_period = variable_get("statistics_block_online_time", 2700);
/* don't do any database lookups if on maximum throttle */
if ($throttle < 5) {
/* count users with activity in the past defined period */
$time_period = variable_get("statistics_block_online_time", 2700);
/*
** This call gathers all the info we need on users/guests in a single
** database call, thus is quite efficient.
*/
$result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
$users = $guests = 0;
/* Count number of users & guests currently online based on db query */
while ($users_online = db_fetch_array($result)) {
if ($users_online["uid"]) {
/* Has uid, so is a registered user */
$user_list[$users] = $users_online[uid];
$users++;
}
else {
/*
** There's only going to be one return with a uid of 0, and that's
** the guest(s). Hence, the count of this field is the total number
** of guests currently online.
*/
$guests = $users_online["count"];
/*
** This call gathers all the info we need on users/guests in a single
** database call, thus is quite efficient.
*/
$result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
$users = $guests = 0;
/* Count number of users & guests currently online based on db query */
while ($users_online = db_fetch_array($result)) {
if ($users_online["uid"]) {
/* Has uid, so is a registered user */
$user_list[$users] = $users_online[uid];
$users++;
}
else {
/*
** There's only going to be one return with a uid of 0, and that's
** the guest(s). Hence, the count of this field is the total number
** of guests currently online.
*/
$guests = $users_online["count"];
}
}
}
/* format the output with proper grammar */
$output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
if (user_access("access userlist") && $users) {
/* Display a list of currently online users */
$max_users = variable_get("statistics_block_online_max_cnt", 10);
$max_name_len = variable_get("statistics_block_online_max_len", 15);
$uid = reset($user_list);
while (($uid) && ($max_users)) {
$user = user_load(array("uid" => $uid));
/* When displaying name, be sure it's not more than defined max length */
$items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
$uid = next($user_list);
/*
** When $max_users reaches zero, we break out even if there are
** more online (as defined by the admin)
*/
$max_users--;
/* format the output with proper grammar */
$output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
if (user_access("access userlist") && $users) {
/* Display a list of currently online users */
$max_users = variable_get("statistics_block_online_max_cnt", 10);
$max_name_len = variable_get("statistics_block_online_max_len", 15);
$uid = reset($user_list);
while (($uid) && ($max_users)) {
$user = user_load(array("uid" => $uid));
/* When displaying name, be sure it's not more than defined max length */
$items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
$uid = next($user_list);
/*
** When $max_users reaches zero, we break out even if there are
** more online (as defined by the admin)
*/
$max_users--;
}
$output .= "<br /><br />";
$output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
$output .= "<br /><br />";
$output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:"));
}
else {
/* default message when fully throttled */
$output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
}
return $output;
}
else {
/* default message when fully throttled */
$output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier)));
}
return $output;
}
......
......@@ -211,6 +211,10 @@ function user_access($string) {
global $user;
static $perm;
if ($user->uid == 1) {
return 1;