Commit 3b8c99d9 authored by Dries's avatar Dries

- Bugfix: fixed the CREATE FUNCTION in database.mssql as it needs to be prefixed with GO for some obscure reason.  Patch by Kjartan.

- Bugfix: fixed the defaults for blocks in database.mssql so the NOT NULL fields get values.  Patch by Kjartan.

- Bugfix: changed check_form() to use htmlspecialchars() instead of drupal_specialchars() as this caused Drupal to emit incorrect form items in presence of quotes.  Example:

  <input type="submit" class="form-submit" name="op" value="Submit "top nodes" block changes" />

  IMO, drupal_specialchars() is better called xmlspecialchars() to avoid confusion.

- Bugfix: when an anonymous user visits a site, they shouldn't see any content (except the login block, if it is enabled) unless they have the "access content" permissions.  Patch by Matt Westgate.

- Improvement: improved the error checking and the error messages in the profile module.  Updated the code to match the Drupal coding conventions.  Modified patch from Matt Westgate.

- Improvement: don't generate the <base href=""> tag in the base theme; it is already emitted by theme_head().  Patch by Kristjan.

- Improvement: don't execute any SQL queries when checking the permissions of user #1.  Patch by Kjartan.

- Improvement: made a scalable layout form that works in IE and that behaves better with narrow themes.  Part of patch #51 by Al.

- Improvement: removed some redundant print statements from the comment module.  Modified patch from Craig Courtney.
parent c6eede08
---
--- Table definitions
---
CREATE TABLE [dbo].[access] ( CREATE TABLE [dbo].[access] (
[aid] [smallint] NULL , [aid] [smallint] NULL ,
[mask] [varchar] (255) NOT NULL , [mask] [varchar] (255) NOT NULL ,
...@@ -460,13 +464,15 @@ INSERT INTO system VALUES ('themes/marvin/marvin.theme','marvin','theme','Intern ...@@ -460,13 +464,15 @@ INSERT INTO system VALUES ('themes/marvin/marvin.theme','marvin','theme','Intern
INSERT INTO variable(name,value) VALUES('update_start', 's:10:"2002-05-15";'); INSERT INTO variable(name,value) VALUES('update_start', 's:10:"2002-05-15";');
INSERT INTO variable(name,value) VALUES('theme_default','s:6:"marvin";'); INSERT INTO variable(name,value) VALUES('theme_default','s:6:"marvin";');
INSERT INTO blocks(module,delta,status) VALUES('user', '0', '1'); INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 0, 1, 0, 1, 0, '');
INSERT INTO blocks(module,delta,status) VALUES('user', '1', '1'); INSERT INTO blocks(module,delta,status,custom,region,weight,path) VALUES('user', 1, 1, 0, 1, 0, '');
--- ---
--- Functions. Functions first available in SQL Server 2000. GREATEST() used by forum.module, tracker.module at the moment. --- Functions. Functions first available in SQL Server 2000. GREATEST() used by forum.module, tracker.module at the moment.
--- ---
GO
CREATE FUNCTION GREATEST (@a int, @b int) CREATE FUNCTION GREATEST (@a int, @b int)
RETURNS int AS RETURNS int AS
BEGIN BEGIN
...@@ -476,4 +482,3 @@ BEGIN ...@@ -476,4 +482,3 @@ BEGIN
END END
RETURN @b; RETURN @b;
END END
...@@ -489,7 +489,7 @@ function check_url($uri) { ...@@ -489,7 +489,7 @@ function check_url($uri) {
} }
function check_form($text) { function check_form($text) {
return drupal_specialchars($text); return htmlspecialchars($text);
} }
function check_query($text) { function check_query($text) {
......
...@@ -23,7 +23,6 @@ function header($title = "") { ...@@ -23,7 +23,6 @@ function header($title = "") {
$output = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"DTD/xhtml1-transitional.dtd\">\n"; $output = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"DTD/xhtml1-transitional.dtd\">\n";
$output .= "<html><head><title>". $title ? $title : variable_get(site_name, "drupal") ."</title>"; $output .= "<html><head><title>". $title ? $title : variable_get(site_name, "drupal") ."</title>";
$output .= "<base href=\"$base_url/\" />";
$output .= theme_head($main); $output .= theme_head($main);
$output .= "</head><body bgcolor=\"$this->background\" text=\"$this->foreground". theme_onload_attribute(). "\">"; $output .= "</head><body bgcolor=\"$this->background\" text=\"$this->foreground". theme_onload_attribute(). "\">";
$output .= "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"><tr><td valign=\"top\" width=\"170\">"; $output .= "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"><tr><td valign=\"top\" width=\"170\">";
......
...@@ -127,22 +127,3 @@ dd { ...@@ -127,22 +127,3 @@ dd {
#update { #update {
padding: 1em 1em 1em 1em; padding: 1em 1em 1em 1em;
} }
.node-form .admin {
float: none; width: auto; margin-top: 0;
}
.node-form .standard {
margin-right: 0;
clear: both;
}
.node-form .admin .form-item .title {
margin-top: 0;
}
.node-form .admin .authored .form-item {
margin-bottom: 1.1em;
}
.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra {
float: left; margin-right: 2em; margin-bottom: 1em;
}
.node-form .admin .form-item .form-text {
width: auto;
}
...@@ -48,10 +48,23 @@ th { ...@@ -48,10 +48,23 @@ th {
.poll .vote-form .choices { text-align: left; margin: 0 auto; display: table; } .poll .vote-form .choices { text-align: left; margin: 0 auto; display: table; }
.node-form .admin { float: right; width: 15em; margin-top: -1.1em; } .node-form .form-text { display: block; width: 95%; }
.node-form .standard { margin-right: 15em; } .node-form textarea { display: block; width: 95%; }
.node-form .form-text { display: block; }
.node-form textarea { display: block; } .node-form .standard {
clear: both;
}
.node-form .admin .form-item .title {
margin-top: 0;
}
.node-form .admin .authored .form-item {
margin-bottom: 1.1em;
}
.node-form .admin .authored .form-text { width: auto; }
.node-form .admin .authored, .node-form .admin .options, .node-form .admin .extra {
float: left; margin-right: 2em; margin-bottom: 1em;
}
.marker { color: #f00; } .marker { color: #f00; }
.error { color: #f00; } .error { color: #f00; }
......
...@@ -1197,7 +1197,7 @@ function comment_folded($comment) { ...@@ -1197,7 +1197,7 @@ function comment_folded($comment) {
function comment_flat_collapsed($comments, $threshold) { function comment_flat_collapsed($comments, $threshold) {
foreach ($comments as $comment) { foreach ($comments as $comment) {
if (comment_visible($comment, $threshold)) { if (comment_visible($comment, $threshold)) {
print comment_view($comment, "", 0); comment_view($comment, "", 0);
} }
} }
} }
...@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) { ...@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) {
#$comment = $comments[$n]; #$comment = $comments[$n];
if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) { if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) {
print "<ul>"; print "<ul>";
print comment_view($comment, "", 0); comment_view($comment, "", 0);
comment_thread_min($comments, $threshold, $comment->cid); comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>"; print "</ul>";
} }
......
...@@ -1197,7 +1197,7 @@ function comment_folded($comment) { ...@@ -1197,7 +1197,7 @@ function comment_folded($comment) {
function comment_flat_collapsed($comments, $threshold) { function comment_flat_collapsed($comments, $threshold) {
foreach ($comments as $comment) { foreach ($comments as $comment) {
if (comment_visible($comment, $threshold)) { if (comment_visible($comment, $threshold)) {
print comment_view($comment, "", 0); comment_view($comment, "", 0);
} }
} }
} }
...@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) { ...@@ -1218,7 +1218,7 @@ function comment_thread_min($comments, $threshold, $pid = 0) {
#$comment = $comments[$n]; #$comment = $comments[$n];
if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) { if (($comment->pid == $pid) && (comment_visible($comment, $threshold))) {
print "<ul>"; print "<ul>";
print comment_view($comment, "", 0); comment_view($comment, "", 0);
comment_thread_min($comments, $threshold, $comment->cid); comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>"; print "</ul>";
} }
......
...@@ -103,7 +103,7 @@ function locale_edit($lid) { ...@@ -103,7 +103,7 @@ function locale_edit($lid) {
$result = db_query("SELECT * FROM locales WHERE lid = '$lid'"); $result = db_query("SELECT * FROM locales WHERE lid = '$lid'");
if ($translation = db_fetch_object($result)) { if ($translation = db_fetch_object($result)) {
$form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string))); $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string)));
foreach ($languages as $code=>$language) { foreach ($languages as $code=>$language) {
$form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128); $form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128);
......
...@@ -103,7 +103,7 @@ function locale_edit($lid) { ...@@ -103,7 +103,7 @@ function locale_edit($lid) {
$result = db_query("SELECT * FROM locales WHERE lid = '$lid'"); $result = db_query("SELECT * FROM locales WHERE lid = '$lid'");
if ($translation = db_fetch_object($result)) { if ($translation = db_fetch_object($result)) {
$form .= form_item(t("Original text"), wordwrap(drupal_specialchars($translation->string))); $form .= form_item(t("Original text"), wordwrap(htmlspecialchars($translation->string)));
foreach ($languages as $code=>$language) { foreach ($languages as $code=>$language) {
$form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128); $form .= (strlen($translation->string) > 30) ? form_textarea($language, $code, $translation->$code, 50, 10) : form_textfield($language, $code, $translation->$code, 50, 128);
......
...@@ -43,22 +43,24 @@ function poll_access($op, $node) { ...@@ -43,22 +43,24 @@ function poll_access($op, $node) {
} }
function poll_block($op = "list", $delta = 0) { function poll_block($op = "list", $delta = 0) {
if ($op == "list") { if (user_access("access content")) {
$blocks[0]["info"] = t("Most recent poll"); if ($op == "list") {
return $blocks; $blocks[0]["info"] = t("Most recent poll");
} return $blocks;
else { }
$timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); else {
if ($timestamp) { $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
$poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); if ($timestamp) {
if ($poll->nid) { $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
// Poll_view dumps the output into $poll->body if ($poll->nid) {
poll_view($poll, 1, 1); // Poll_view dumps the output into $poll->body
poll_view($poll, 1, 1);
}
} }
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
} }
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
} }
} }
......
...@@ -43,22 +43,24 @@ function poll_access($op, $node) { ...@@ -43,22 +43,24 @@ function poll_access($op, $node) {
} }
function poll_block($op = "list", $delta = 0) { function poll_block($op = "list", $delta = 0) {
if ($op == "list") { if (user_access("access content")) {
$blocks[0]["info"] = t("Most recent poll"); if ($op == "list") {
return $blocks; $blocks[0]["info"] = t("Most recent poll");
} return $blocks;
else { }
$timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'")); else {
if ($timestamp) { $timestamp = db_result(db_query("SELECT MAX(created) FROM node WHERE type = 'poll' AND status = '1' AND moderate = '0'"));
$poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1")); if ($timestamp) {
if ($poll->nid) { $poll = node_load(array("type" => "poll", "created" => $timestamp, "moderate" => "0", "status" => "1"));
// Poll_view dumps the output into $poll->body if ($poll->nid) {
poll_view($poll, 1, 1); // Poll_view dumps the output into $poll->body
poll_view($poll, 1, 1);
}
} }
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
} }
$block["subject"] = t("Poll: %t", array("%t" => $poll->title));
$block["content"] = $poll->body;
return $block;
} }
} }
......
...@@ -36,7 +36,7 @@ function _profile_init() { ...@@ -36,7 +36,7 @@ function _profile_init() {
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December")); $GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
} }
function profile_system($field){ function profile_system($field) {
$system["description"] = t("Support for configurable user profiles."); $system["description"] = t("Support for configurable user profiles.");
$system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>"); $system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>");
return $system[$field]; return $system[$field];
...@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) { ...@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) {
foreach ($profile_fields as $name => $field) { foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) { if ($field[0] && in_array($name, $reg_fields)) {
$f = "form_".$field[0]; $f = "form_". $field[0];
$t = "profile_".$name; $t = "profile_". $name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]); $output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
} }
} }
...@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) { ...@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) {
$enabled_fields = _profile_active_fields($mode); $enabled_fields = _profile_active_fields($mode);
if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) { if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) {
$error .= $birth_error."<br />"; $error .= $birth_error ."<br />";
} }
if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) { if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) {
$error .= $avatar_error."<br />"; $error .= $avatar_error ."<br />";
} }
foreach (array_keys($profile_fields) as $field) { foreach (array_keys($profile_fields) as $field) {
...@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) { ...@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) {
} }
// now check for required fields // now check for required fields
foreach(_profile_active_fields("required") as $required) { foreach (_profile_active_fields("required") as $required) {
if ($required != "0" && in_array($required, $enabled_fields)) { if ($required != "0" && in_array($required, $enabled_fields)) {
if (!$edit["profile_".$required]) { if (!$edit["profile_". $required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />"; $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />";
} }
} }
} }
...@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) { ...@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) {
foreach (_profile_active_fields($mode) as $name) { foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name]; $field = $profile_fields[$name];
$t = "profile_".$name; $t = "profile_". $name;
if (!empty($user->$t)) { if (!empty($user->$t)) {
switch ($field[0]) { switch ($field[0]) {
case "textfield": case "textfield":
case "textarea": case "textarea":
case "checkbox": case "checkbox":
$value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t); $value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t);
$output .= form_item($field[1], $value); $output .= form_item($field[1], $value);
break; break;
case "select": case "select":
...@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) { ...@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) {
$extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], ".")); $extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file); $size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85")); list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85"));
if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("the uploaded file was not an image."); $error = t("The uploaded file was not an image.");
} }
else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) { else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) {
$error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
} }
else if ($size[0] > $maxwidth || $size[1] > $maxheight) { else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
$error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
}
else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
} }
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) { else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
$error = t("error in file upload"); $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
} }
else { else {
$edit["profile_avatar"] = $extension; $edit["profile_avatar"] = $extension;
...@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) { ...@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) {
return; return;
} }
else { else {
return t("The specified birthday is not valid.")."<br />"; return t("The specified birthday is not valid.") ."<br />";
} }
} }
......
...@@ -36,7 +36,7 @@ function _profile_init() { ...@@ -36,7 +36,7 @@ function _profile_init() {
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December")); $GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
} }
function profile_system($field){ function profile_system($field) {
$system["description"] = t("Support for configurable user profiles."); $system["description"] = t("Support for configurable user profiles.");
$system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>"); $system["admin_help"] = t("When a user creates an account you can ask them to give you some extra information about themselves, as well as letting them use a small picture, called an avatar.<br />Notes:<ul><li>In order for a user to <i>enter</i> information you <b>MUST</b> check \"enable\".</li><li>In order for other people too see the entered information you must make it \"public\"</li><li>If an item is \"public\" but not enabled then the user can never give it a value and it will never been seen. Public does <b>not</b> imply \"enable\"</li><li>If an item is enabled, but not shown in the registration form the a user will have to ". l("edit their account", "user/edit") ." to place information in the field.</ul>");
return $system[$field]; return $system[$field];
...@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) { ...@@ -113,8 +113,8 @@ function _profile_form($edit, $mode) {
foreach ($profile_fields as $name => $field) { foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) { if ($field[0] && in_array($name, $reg_fields)) {
$f = "form_".$field[0]; $f = "form_". $field[0];
$t = "profile_".$name; $t = "profile_". $name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]); $output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
} }
} }
...@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) { ...@@ -143,11 +143,11 @@ function _profile_validate($edit, $mode, $user) {
$enabled_fields = _profile_active_fields($mode); $enabled_fields = _profile_active_fields($mode);
if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) { if (in_array("birthday", $enabled_fields) && ($birth_error = _profile_validate_birth($edit))) {
$error .= $birth_error."<br />"; $error .= $birth_error ."<br />";
} }
if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) { if (in_array("avatar", $enabled_fields) && ($avatar_error = _profile_validate_avatar($edit, $user))) {
$error .= $avatar_error."<br />"; $error .= $avatar_error ."<br />";
} }
foreach (array_keys($profile_fields) as $field) { foreach (array_keys($profile_fields) as $field) {
...@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) { ...@@ -158,10 +158,10 @@ function _profile_validate($edit, $mode, $user) {
} }
// now check for required fields // now check for required fields
foreach(_profile_active_fields("required") as $required) { foreach (_profile_active_fields("required") as $required) {
if ($required != "0" && in_array($required, $enabled_fields)) { if ($required != "0" && in_array($required, $enabled_fields)) {
if (!$edit["profile_".$required]) { if (!$edit["profile_". $required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />"; $error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1])) ."<br />";
} }
} }
} }
...@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) { ...@@ -174,14 +174,14 @@ function _profile_user_view(&$user, $mode) {
foreach (_profile_active_fields($mode) as $name) { foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name]; $field = $profile_fields[$name];
$t = "profile_".$name; $t = "profile_". $name;
if (!empty($user->$t)) { if (!empty($user->$t)) {
switch ($field[0]) { switch ($field[0]) {
case "textfield": case "textfield":
case "textarea": case "textarea":
case "checkbox": case "checkbox":
$value = ($t == "profile_homepage") ? "<a href=\"".check_output($user->$t)."\">".check_output($user->$t)."</a>" : check_output($user->$t); $value = ($t == "profile_homepage") ? "<a href=\"". check_output($user->$t) ."\">". check_output($user->$t) ."</a>" : check_output($user->$t);
$output .= form_item($field[1], $value); $output .= form_item($field[1], $value);
break; break;
case "select": case "select":
...@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) { ...@@ -224,17 +224,23 @@ function _profile_validate_avatar(&$edit, $user) {
$extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], ".")); $extension = strtolower(strrchr($_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file); $size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85")); list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_dimensions", "85x85"));
if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) { if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("the uploaded file was not an image."); $error = t("The uploaded file was not an image.");
} }
else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30")*1000)) { else if (filesize($image_file) > (variable_get("profile_avatar_file_size", "30") * 1000)) {
$error = t("the uploaded image is too large, maximum %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30"))); $error = t("The uploaded image is too large; the maximum file size is %a kB.", array("%a" => variable_get("profile_avatar_file_size", "30")));
} }
else if ($size[0] > $maxwidth || $size[1] > $maxheight) { else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
$error = t("the uploaded image is too large, maximum %a.", array("%a" => variable_get("profile_avatar_dimensions", "85x85"))); $error = t("The uploaded image is too large; the maximum dimensions are %a pixels.", array("%a" => variable_get("profile_avatar_dimensions", "85x85")));
}
else if (!is_dir(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the '%directory' directory doesn't exist.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
}
else if (!is_writeable(variable_get("profile_avatar_path", "misc/avatars/"))) {
$error = t("Failed to upload the avatar image; the webserver has no write permission to the '%directory' directory.", array("%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
} }
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) { else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
$error = t("error in file upload"); $error = t("Failed to upload the avatar image; could not copy file '%filename' to directory '%directory'.", array("%filename" => $_FILES["edit"]["name"]["profile_avatar"], "%directory" => variable_get("profile_avatar_path", "misc/avatars/")));
} }
else { else {
$edit["profile_avatar"] = $extension; $edit["profile_avatar"] = $extension;
...@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) { ...@@ -272,7 +278,7 @@ function _profile_validate_birth(&$edit) {
return; return;
} }
else { else {
return t("The specified birthday is not valid.")."<br />"; return t("The specified birthday is not valid.") ."<br />";
} }
} }
......
...@@ -613,67 +613,69 @@ function statistics_display_topnodes_block() { ...@@ -613,67 +613,69 @@ function statistics_display_topnodes_block() {
function statistics_display_online_block() { function statistics_display_online_block() {
global $id, $recent_activity; global $id, $recent_activity;
$throttle = throttle_status(); if (user_access("access content")) {
$multiplier = variable_get("statistics_throttle_multiplier", 60); $throttle = throttle_status();
$multiplier = variable_get("statistics_throttle_multiplier", 60);
/* don't do any database lookups if on maximum throttle */ /* don't do any database lookups if on maximum throttle */
if ($throttle < 5) { if ($throttle < 5) {
/* count users with activity in the past defined period */ /* count users with activity in the past defined period */
$time_period = variable_get("statistics_block_online_time", 2700); $time_period = variable_get("statistics_block_online_time", 2700);
/* /*
** This call gathers all the info we need on users/guests in a single ** This call gathers all the info we need on users/guests in a single
** database call, thus is quite efficient. ** database call, thus is quite efficient.
*/ */
$result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period)); $result = db_query("SELECT COUNT(DISTINCT hostname) AS count, uid, MAX(timestamp) AS max_timestamp FROM accesslog WHERE timestamp >= %d GROUP BY uid ORDER BY max_timestamp DESC", (time() - $time_period));
$users = $guests = 0; $users = $guests = 0;
/* Count number of users & guests currently online based on db query */ /* Count number of users & guests currently online based on db query */
while ($users_online = db_fetch_array($result)) { while ($users_online = db_fetch_array($result)) {
if ($users_online["uid"]) { if ($users_online["uid"]) {
/* Has uid, so is a registered user */ /* Has uid, so is a registered user */
$user_list[$users] = $users_online[uid]; $user_list[$users] = $users_online[uid];
$users++; $users++;
} }
else { else {
/* /*
** There's only going to be one return with a uid of 0, and that's ** There's only going to be one return with a uid of 0, and that's
** the guest(s). Hence, the count of this field is the total number ** the guest(s). Hence, the count of this field is the total number
** of guests currently online. ** of guests currently online.
*/ */
$guests = $users_online["count"]; $guests = $users_online["count"];
}
} }
}
/* format the output with proper grammar */ /* format the output with proper grammar */
$output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests"))); $output .= t("There %verb currently %members and %visitors online.", array("%verb" => (($users == 1) && ($guests == 1) ? "is" : "are"), "%members" => format_plural($users, "1 user", "%count users"), "%visitors" => format_plural($guests, "1 guest", "%count guests")));
if (user_access("access userlist") && $users) { if (user_access("access userlist") && $users) {
/* Display a list of currently online users */ /* Display a list of currently online users */
$max_users = variable_get("statistics_block_online_max_cnt", 10); $max_users = variable_get("statistics_block_online_max_cnt", 10);
$max_name_len = variable_get("statistics_block_online_max_len", 15); $max_name_len = variable_get("statistics_block_online_max_len", 15);
$uid = reset($user_list); $uid = reset($user_list);
while (($uid) && ($max_users)) { while (($uid) && ($max_users)) {
$user = user_load(array("uid" => $uid)); $user = user_load(array("uid" => $uid));
/* When displaying name, be sure it's not more than defined max length */ /* When displaying name, be sure it's not more than defined max length */
$items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid"); $items[] = l((strlen($user->name) > $max_name_len ? substr($user->name, 0, $max_name_len) ."..." : $user->name), "user/view/$user->uid");
$uid = next($user_list); $uid = next($user_list);
/* /*
** When $max_users reaches zero, we break out even if there are ** When $max_users reaches zero, we break out even if there are
** more online (as defined by the admin) ** more online (as defined by the admin)
*/ */
$max_users--; $max_users--;
}
$output .= "<br /><br />";