diff --git a/database/database.mssql b/database/database.mssql index 9ba7ea501daa97799be5be05cb684f110edeb599..f4b60db6960a80cd4687de73ee89db4e6b617bc1 100644 --- a/database/database.mssql +++ b/database/database.mssql @@ -1,3 +1,7 @@ +--- +--- Table definitions +--- + CREATE TABLE [dbo].[access] ( [aid] [smallint] NULL , [mask] [varchar] (255) NOT NULL , @@ -460,13 +464,15 @@ INSERT INTO system VALUES ('themes/marvin/marvin.theme','marvin','theme','Intern INSERT INTO variable(name,value) VALUES('update_start', 's:10:"2002-05-15";'); INSERT INTO variable(name,value) VALUES('theme_default','s:6:"marvin";'); -INSERT INTO blocks(module,delta,status) VALUES('user', '0', '1'); -INSERT INTO blocks(module,delta,status) VALUES('user', '1', '1'); +INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 0, 1, 0, 1, 0, ''); +INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 1, 1, 0, 1, 0, ''); + --- --- Functions. Functions first available in SQL Server 2000. GREATEST() used by forum.module, tracker.module at the moment. --- +GO CREATE FUNCTION GREATEST (@a int, @b int) RETURNS int AS BEGIN @@ -476,4 +482,3 @@ BEGIN END RETURN @b; END - diff --git a/includes/common.inc b/includes/common.inc index 3b30032d08200ccd31bcfa92520004f39a5be96b..80ab6ee4c8c936288125b64a041636789f09b428 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -489,7 +489,7 @@ function check_url($uri) { } function check_form($text) { - return drupal_specialchars($text); + return htmlspecialchars($text); } function check_query($text) { diff --git a/includes/theme.inc b/includes/theme.inc index 643e3932328de15a12debb762ea73264640e6c6a..2e60b37a3c6a6e0fcab3b88031d51f032dc80b6b 100644 --- a/includes/theme.inc +++ b/includes/theme.inc @@ -23,7 +23,6 @@ function header($title = "") { $output = "\n"; $output .= "". $title ? $title : variable_get(site_name, "drupal") .""; - $output .= ""; $output .= theme_head($main); $output .= "background\" text=\"$this->foreground". theme_onload_attribute(). "\">"; $output .= "
"; diff --git a/misc/admin.css b/misc/admin.css index 6b68a2aae8a27f859dd7d3d15ef498aea8d3bd70..14f9b3466891eb4d238f2c2f18b230b5737e6708 100644 --- a/misc/admin.css +++ b/misc/admin.css @@ -127,22 +127,3 @@ dd { #update { padding: 1em 1em 1em 1em; } -.node-form .admin { - float: none; width: auto; margin-top: 0; -} -.node-form .standard { - margin-right: 0; - clear: both; -} -.node-form .admin .form-item .title { - margin-top: 0; -} -.node-form .admin .authored .form-item { - margin-bottom: 1.1em; -} -.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra { - float: left; margin-right: 2em; margin-bottom: 1em; -} -.node-form .admin .form-item .form-text { - width: auto; -} diff --git a/misc/drupal.css b/misc/drupal.css index 7f2a217a70649441d06c5e1a22e17b7901fe018b..96065b78cdf41efa6993bd71fe15e7e06f15cdb0 100644 --- a/misc/drupal.css +++ b/misc/drupal.css @@ -48,10 +48,23 @@ th { .poll .vote-form .choices { text-align: left; margin: 0 auto; display: table; } -.node-form .admin { float: right; width: 15em; margin-top: -1.1em; } -.node-form .standard { margin-right: 15em; } -.node-form .form-text { display: block; } -.node-form textarea { display: block; } +.node-form .form-text { display: block; width: 95%; } +.node-form textarea { display: block; width: 95%; } + +.node-form .standard { + clear: both; +} +.node-form .admin .form-item .title { + margin-top: 0; +} +.node-form .admin .authored .form-item { + margin-bottom: 1.1em; +} +.node-form .admin .authored .form-text { width: auto; } + +.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra { + float: left; margin-right: 2em; margin-bottom: 1em; +} .marker { color: #f00; } .error { color: #f00; } diff --git a/modules/comment.module b/modules/comment.module index bca28f425dfc8720d4716bc6bd8013e72921be7f..1b965e711acd9e34ec96e7412ee1570331a64a31 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -1197,7 +1197,7 @@ function comment_folded($comment) { function comment_flat_collapsed($comments, $threshold) { foreach ($comments as $comment) { if (comment_visible($comment, $threshold)) { - print comment_view($comment, "", 0); + comment_view($comment, "", 0); } } } @@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) { #$comment = $comments[$n]; if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) { print "
    "; - print comment_view($comment, "", 0); + comment_view($comment, "", 0); comment_thread_min($comments, $threshold, $comment->cid); print "
"; } diff --git a/modules/comment/comment.module b/modules/comment/comment.module index bca28f425dfc8720d4716bc6bd8013e72921be7f..1b965e711acd9e34ec96e7412ee1570331a64a31 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -1197,7 +1197,7 @@ function comment_folded($comment) { function comment_flat_collapsed($comments, $threshold) { foreach ($comments as $comment) { if (comment_visible($comment, $threshold)) { - print comment_view($comment, "", 0); + comment_view($comment, "", 0); } } } @@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) { #$comment = $comments[$n]; if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) { print "
    "; - print comment_view($comment, "", 0); + comment_view($comment, "", 0); comment_thread_min($comments, $threshold, $comment->cid); print "
"; } diff --git a/modules/locale.module b/modules/locale.module index 38c0ee68127095e8a122efbe883e84dbba4d8897..99f374d36aa79f2cb4249808793f48499bb2f84b 100644 --- a/modules/locale.module +++ b/modules/locale.module @@ -103,7 +103,7 @@ function locale_edit($lid) { $result = db_query("SELECT * FROM locales WHERE lid = '$lid'"); if ($translation = db_fetch_object($result)) { - $form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string))); + $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string))); foreach ($languages as $code=>$language) { $form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128); diff --git a/modules/locale/locale.module b/modules/locale/locale.module index 38c0ee68127095e8a122efbe883e84dbba4d8897..99f374d36aa79f2cb4249808793f48499bb2f84b 100644 --- a/modules/locale/locale.module +++ b/modules/locale/locale.module @@ -103,7 +103,7 @@ function locale_edit($lid) { $result = db_query("SELECT * FROM locales WHERE lid = '$lid'"); if ($translation = db_fetch_object($result)) { - $form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string))); + $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string))); foreach ($languages as $code=>$language) { $form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128); diff --git a/modules/poll.module b/modules/poll.module index 2dcb835ee22edfaa7bf2360d51beb258a7d1fb53..f799bf5e1d0246a903b3e85429a987fb2670065e 100644 --- a/modules/poll.module +++ b/modules/poll.module @@ -43,22 +43,24 @@ function poll_access($op, $node) { } function poll_block($op = "list", $delta = 0) { - if ($op == "list") { - $blocks[0]["info"] = t("Most recent poll"); - return $blocks; - } - else { - $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); - if ($timestamp) { - $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); - if ($poll->nid) { - // Poll_view dumps the output into $poll->body - poll_view($poll, 1, 1); + if (user_access("access content")) { + if ($op == "list") { + $blocks[0]["info"] = t("Most recent poll"); + return $blocks; + } + else { + $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); + if ($timestamp) { + $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); + if ($poll->nid) { + // Poll_view dumps the output into $poll->body + poll_view($poll, 1, 1); + } } + $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); + $block["content"] = $poll->body; + return $block; } - $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); - $block["content"] = $poll->body; - return $block; } } diff --git a/modules/poll/poll.module b/modules/poll/poll.module index 2dcb835ee22edfaa7bf2360d51beb258a7d1fb53..f799bf5e1d0246a903b3e85429a987fb2670065e 100644 --- a/modules/poll/poll.module +++ b/modules/poll/poll.module @@ -43,22 +43,24 @@ function poll_access($op, $node) { } function poll_block($op = "list", $delta = 0) { - if ($op == "list") { - $blocks[0]["info"] = t("Most recent poll"); - return $blocks; - } - else { - $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); - if ($timestamp) { - $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); - if ($poll->nid) { - // Poll_view dumps the output into $poll->body - poll_view($poll, 1, 1); + if (user_access("access content")) { + if ($op == "list") { + $blocks[0]["info"] = t("Most recent poll"); + return $blocks; + } + else { + $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); + if ($timestamp) { + $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); + if ($poll->nid) { + // Poll_view dumps the output into $poll->body + poll_view($poll, 1, 1); + } } + $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); + $block["content"] = $poll->body; + return $block; } - $block["subject"] = t("Poll: %t", array("%t" => $poll->title)); - $block["content"] = $poll->body; - return $block; } } diff --git a/modules/profile.module b/modules/profile.module index 26a4c9145c7215eaa6bcd36f530012375a39bc00..a8acb7ca107b547a6136d1fe083ac7aea96d4251 100644 --- a/modules/profile.module +++ b/modules/profile.module @@ -36,7 +36,7 @@ function _profile_init() { $GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December")); } -function profile_system($field){ +function profile_system($field) { $system["description"] = t("Support for configurable user profiles."); $system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.
Notes:
  • In order for a user to enter information you MUST check \"enable\".
  • In order for other people too see the entered information you must make it \"public\"
  • If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does not imply \"enable\"
  • If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.
"); return $system[$field]; @@ -113,8 +113,8 @@ function _profile_form($edit, $mode) { foreach ($profile_fields as $name => $field) { if ($field[0] && in_array($name, $reg_fields)) { - $f = "form_".$field[0]; - $t = "profile_".$name; + $f = "form_". $field[0]; + $t = "profile_". $name; $output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]); } } @@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) { $enabled_fields = _profile_active_fields($mode); if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) { - $error .= $birth_error."
"; + $error .= $birth_error ."
"; } if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) { - $error .= $avatar_error."
"; + $error .= $avatar_error ."
"; } foreach (array_keys($profile_fields) as $field) { @@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) { } // now check for required fields - foreach(_profile_active_fields("required") as $required) { + foreach (_profile_active_fields("required") as $required) { if ($required != "0" && in_array($required, $enabled_fields)) { - if (!$edit["profile_".$required]) { - $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."
"; + if (!$edit["profile_". $required]) { + $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."
"; } } } @@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) { foreach (_profile_active_fields($mode) as $name) { $field = $profile_fields[$name]; - $t = "profile_".$name; + $t = "profile_". $name; if (!empty($user->$t)) { switch ($field[0]) { case "textfield": case "textarea": case "checkbox": - $value = ($t == "profile_homepage") ? "$t)."\">".check_output($user->$t)."" : check_output($user->$t); + $value = ($t == "profile_homepage") ? "$t) ."\">". check_output($user->$t) ."" : check_output($user->$t); $output .= form_item($field[1], $value); break; case "select": @@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) { $extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], ".")); $size = getimagesize($image_file); list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85")); - if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { - $error = t("the uploaded file was not an image."); + if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { + $error = t("The uploaded file was not an image."); } - else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) { - $error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); + else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) { + $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); } else if ($size[0] > $maxwidth || $size[1] > $maxheight) { - $error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + } + else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); + } + else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) { - $error = t("error in file upload"); + $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else { $edit["profile_avatar"] = $extension; @@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) { return; } else { - return t("The specified birthday is not valid.")."
"; + return t("The specified birthday is not valid.") ."
"; } } diff --git a/modules/profile/profile.module b/modules/profile/profile.module index 26a4c9145c7215eaa6bcd36f530012375a39bc00..a8acb7ca107b547a6136d1fe083ac7aea96d4251 100644 --- a/modules/profile/profile.module +++ b/modules/profile/profile.module @@ -36,7 +36,7 @@ function _profile_init() { $GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December")); } -function profile_system($field){ +function profile_system($field) { $system["description"] = t("Support for configurable user profiles."); $system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.
Notes:
  • In order for a user to enter information you MUST check \"enable\".
  • In order for other people too see the entered information you must make it \"public\"
  • If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does not imply \"enable\"
  • If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.
"); return $system[$field]; @@ -113,8 +113,8 @@ function _profile_form($edit, $mode) { foreach ($profile_fields as $name => $field) { if ($field[0] && in_array($name, $reg_fields)) { - $f = "form_".$field[0]; - $t = "profile_".$name; + $f = "form_". $field[0]; + $t = "profile_". $name; $output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]); } } @@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) { $enabled_fields = _profile_active_fields($mode); if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) { - $error .= $birth_error."
"; + $error .= $birth_error ."
"; } if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) { - $error .= $avatar_error."
"; + $error .= $avatar_error ."
"; } foreach (array_keys($profile_fields) as $field) { @@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) { } // now check for required fields - foreach(_profile_active_fields("required") as $required) { + foreach (_profile_active_fields("required") as $required) { if ($required != "0" && in_array($required, $enabled_fields)) { - if (!$edit["profile_".$required]) { - $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."
"; + if (!$edit["profile_". $required]) { + $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."
"; } } } @@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) { foreach (_profile_active_fields($mode) as $name) { $field = $profile_fields[$name]; - $t = "profile_".$name; + $t = "profile_". $name; if (!empty($user->$t)) { switch ($field[0]) { case "textfield": case "textarea": case "checkbox": - $value = ($t == "profile_homepage") ? "$t)."\">".check_output($user->$t)."" : check_output($user->$t); + $value = ($t == "profile_homepage") ? "$t) ."\">". check_output($user->$t) ."" : check_output($user->$t); $output .= form_item($field[1], $value); break; case "select": @@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) { $extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], ".")); $size = getimagesize($image_file); list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85")); - if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { - $error = t("the uploaded file was not an image."); + if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { + $error = t("The uploaded file was not an image."); } - else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) { - $error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); + else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) { + $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); } else if ($size[0] > $maxwidth || $size[1] > $maxheight) { - $error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); + } + else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); + } + else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) { + $error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) { - $error = t("error in file upload"); + $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/"))); } else { $edit["profile_avatar"] = $extension; @@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) { return; } else { - return t("The specified birthday is not valid.")."
"; + return t("The specified birthday is not valid.") ."
"; } } diff --git a/modules/statistics.module b/modules/statistics.module index 294b67135d24b75873460b80f4c808755e169e38..9618a31c91fc337229bd925c106c1659ba901e9a 100644 --- a/modules/statistics.module +++ b/modules/statistics.module @@ -613,67 +613,69 @@ function statistics_display_topnodes_block() { function statistics_display_online_block() { global $id, $recent_activity; - $throttle = throttle_status(); - $multiplier = variable_get("statistics_throttle_multiplier", 60); + if (user_access("access content")) { + $throttle = throttle_status(); + $multiplier = variable_get("statistics_throttle_multiplier", 60); - /* don't do any database lookups if on maximum throttle */ - if ($throttle < 5) { - /* count users with activity in the past defined period */ - $time_period = variable_get("statistics_block_online_time", 2700); + /* don't do any database lookups if on maximum throttle */ + if ($throttle < 5) { + /* count users with activity in the past defined period */ + $time_period = variable_get("statistics_block_online_time", 2700); - /* - ** This call gathers all the info we need on users/guests in a single - ** database call, thus is quite efficient. - */ - $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); - - $users = $guests = 0; - /* Count number of users & guests currently online based on db query */ - while ($users_online = db_fetch_array($result)) { - if ($users_online["uid"]) { - /* Has uid, so is a registered user */ - $user_list[$users] = $users_online[uid]; - $users++; - } - else { - /* - ** There's only going to be one return with a uid of 0, and that's - ** the guest(s). Hence, the count of this field is the total number - ** of guests currently online. - */ - $guests = $users_online["count"]; + /* + ** This call gathers all the info we need on users/guests in a single + ** database call, thus is quite efficient. + */ + $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); + + $users = $guests = 0; + /* Count number of users & guests currently online based on db query */ + while ($users_online = db_fetch_array($result)) { + if ($users_online["uid"]) { + /* Has uid, so is a registered user */ + $user_list[$users] = $users_online[uid]; + $users++; + } + else { + /* + ** There's only going to be one return with a uid of 0, and that's + ** the guest(s). Hence, the count of this field is the total number + ** of guests currently online. + */ + $guests = $users_online["count"]; + } } - } - /* format the output with proper grammar */ - $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); - - if (user_access("access userlist") && $users) { - /* Display a list of currently online users */ - $max_users = variable_get("statistics_block_online_max_cnt", 10); - $max_name_len = variable_get("statistics_block_online_max_len", 15); - $uid = reset($user_list); - while (($uid) && ($max_users)) { - $user = user_load(array("uid" => $uid)); - /* When displaying name, be sure it's not more than defined max length */ - $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); - $uid = next($user_list); - /* - ** When $max_users reaches zero, we break out even if there are - ** more online (as defined by the admin) - */ - $max_users--; + /* format the output with proper grammar */ + $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); + + if (user_access("access userlist") && $users) { + /* Display a list of currently online users */ + $max_users = variable_get("statistics_block_online_max_cnt", 10); + $max_name_len = variable_get("statistics_block_online_max_len", 15); + $uid = reset($user_list); + while (($uid) && ($max_users)) { + $user = user_load(array("uid" => $uid)); + /* When displaying name, be sure it's not more than defined max length */ + $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); + $uid = next($user_list); + /* + ** When $max_users reaches zero, we break out even if there are + ** more online (as defined by the admin) + */ + $max_users--; + } + + $output .= "

"; + $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } - - $output .= "

"; - $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } + else { + /* default message when fully throttled */ + $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); + } + return $output; } - else { - /* default message when fully throttled */ - $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); - } - return $output; } diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module index 294b67135d24b75873460b80f4c808755e169e38..9618a31c91fc337229bd925c106c1659ba901e9a 100644 --- a/modules/statistics/statistics.module +++ b/modules/statistics/statistics.module @@ -613,67 +613,69 @@ function statistics_display_topnodes_block() { function statistics_display_online_block() { global $id, $recent_activity; - $throttle = throttle_status(); - $multiplier = variable_get("statistics_throttle_multiplier", 60); + if (user_access("access content")) { + $throttle = throttle_status(); + $multiplier = variable_get("statistics_throttle_multiplier", 60); - /* don't do any database lookups if on maximum throttle */ - if ($throttle < 5) { - /* count users with activity in the past defined period */ - $time_period = variable_get("statistics_block_online_time", 2700); + /* don't do any database lookups if on maximum throttle */ + if ($throttle < 5) { + /* count users with activity in the past defined period */ + $time_period = variable_get("statistics_block_online_time", 2700); - /* - ** This call gathers all the info we need on users/guests in a single - ** database call, thus is quite efficient. - */ - $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); - - $users = $guests = 0; - /* Count number of users & guests currently online based on db query */ - while ($users_online = db_fetch_array($result)) { - if ($users_online["uid"]) { - /* Has uid, so is a registered user */ - $user_list[$users] = $users_online[uid]; - $users++; - } - else { - /* - ** There's only going to be one return with a uid of 0, and that's - ** the guest(s). Hence, the count of this field is the total number - ** of guests currently online. - */ - $guests = $users_online["count"]; + /* + ** This call gathers all the info we need on users/guests in a single + ** database call, thus is quite efficient. + */ + $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); + + $users = $guests = 0; + /* Count number of users & guests currently online based on db query */ + while ($users_online = db_fetch_array($result)) { + if ($users_online["uid"]) { + /* Has uid, so is a registered user */ + $user_list[$users] = $users_online[uid]; + $users++; + } + else { + /* + ** There's only going to be one return with a uid of 0, and that's + ** the guest(s). Hence, the count of this field is the total number + ** of guests currently online. + */ + $guests = $users_online["count"]; + } } - } - /* format the output with proper grammar */ - $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); - - if (user_access("access userlist") && $users) { - /* Display a list of currently online users */ - $max_users = variable_get("statistics_block_online_max_cnt", 10); - $max_name_len = variable_get("statistics_block_online_max_len", 15); - $uid = reset($user_list); - while (($uid) && ($max_users)) { - $user = user_load(array("uid" => $uid)); - /* When displaying name, be sure it's not more than defined max length */ - $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); - $uid = next($user_list); - /* - ** When $max_users reaches zero, we break out even if there are - ** more online (as defined by the admin) - */ - $max_users--; + /* format the output with proper grammar */ + $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); + + if (user_access("access userlist") && $users) { + /* Display a list of currently online users */ + $max_users = variable_get("statistics_block_online_max_cnt", 10); + $max_name_len = variable_get("statistics_block_online_max_len", 15); + $uid = reset($user_list); + while (($uid) && ($max_users)) { + $user = user_load(array("uid" => $uid)); + /* When displaying name, be sure it's not more than defined max length */ + $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); + $uid = next($user_list); + /* + ** When $max_users reaches zero, we break out even if there are + ** more online (as defined by the admin) + */ + $max_users--; + } + + $output .= "

"; + $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } - - $output .= "

"; - $output .= theme("theme_item_list", $items, variable_get("statistics_block_online_subtitle", "Online users:")); } + else { + /* default message when fully throttled */ + $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); + } + return $output; } - else { - /* default message when fully throttled */ - $output = t("This site is currently sustaining more than %total page views a minute.", array("%total" => ($throttle * $multiplier))); - } - return $output; } diff --git a/modules/user.module b/modules/user.module index 3c307043f349a5ab8bd170088186d95e9965b30f..6a6c1d91d62bd114a24f63b0a37a7d8daa8aadcc 100644 --- a/modules/user.module +++ b/modules/user.module @@ -211,6 +211,10 @@ function user_access($string) { global $user; static $perm; + if ($user->uid == 1) { + return 1; + } + /* ** To reduce the number of SQL queries, we cache the user's permissions ** in a static variable. @@ -225,13 +229,7 @@ function user_access($string) { } } - if ($user->uid == 1) { - return 1; - } - else { - return strstr($perm, $string); - } - + return strstr($perm, $string); } function user_mail($mail, $subject, $message, $header) { @@ -366,7 +364,6 @@ function user_block($op = "list", $delta = 0) { } break; case 2: - $result = db_query_range("SELECT uid, name FROM users WHERE status != '0' ORDER BY uid DESC", 0, 5); while ($account = db_fetch_object($result)) { $items[] = l((strlen($account->name) > 15 ? substr($account->name, 0, 15) . '...' : $account->name), "user/view/$account->uid"); diff --git a/modules/user/user.module b/modules/user/user.module index 3c307043f349a5ab8bd170088186d95e9965b30f..6a6c1d91d62bd114a24f63b0a37a7d8daa8aadcc 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -211,6 +211,10 @@ function user_access($string) { global $user; static $perm; + if ($user->uid == 1) { + return 1; + } + /* ** To reduce the number of SQL queries, we cache the user's permissions ** in a static variable. @@ -225,13 +229,7 @@ function user_access($string) { } } - if ($user->uid == 1) { - return 1; - } - else { - return strstr($perm, $string); - } - + return strstr($perm, $string); } function user_mail($mail, $subject, $message, $header) { @@ -366,7 +364,6 @@ function user_block($op = "list", $delta = 0) { } break; case 2: - $result = db_query_range("SELECT uid, name FROM users WHERE status != '0' ORDER BY uid DESC", 0, 5); while ($account = db_fetch_object($result)) { $items[] = l((strlen($account->name) > 15 ? substr($account->name, 0, 15) . '...' : $account->name), "user/view/$account->uid");