site_iri: comparison web/drupal/modules/profile/profile.module

equal deleted inserted replaced

-:fcf75e232c5b
+:0ff3ba646492
+<?php
+// $Id: profile.module,v 1.236.2.3 2009/01/12 10:09:19 goba Exp $
+/**
+* @file
+* Support for configurable user profiles.
+*/
+/**
+* Private field, content only available to privileged users.
+*/
+define('PROFILE_PRIVATE', 1);
+/**
+* Public field, content shown on profile page but not used on member list pages.
+*/
+define('PROFILE_PUBLIC', 2);
+/**
+* Public field, content shown on profile page and on member list pages.
+*/
+define('PROFILE_PUBLIC_LISTINGS', 3);
+/**
+* Hidden profile field, only accessible by administrators, modules and themes.
+*/
+define('PROFILE_HIDDEN', 4);
+/**
+* Implementation of hook_help().
+*/
+function profile_help($path, $arg) {
+switch ($path) {
+case 'admin/help#profile':
+$output = '<p>'. t('The profile module allows custom fields (such as country, full name, or age) to be defined and displayed in the <em>My Account</em> section. This permits users of a site to share more information about themselves, and can help community-based sites organize users around specific information.') .'</p>';
+$output .= '<p>'. t('The following types of fields can be added to a user profile:') .'</p>';
+$output .= '<ul><li>'. t('single-line textfield') .'</li>';
+$output .= '<li>'. t('multi-line textfield') .'</li>';
+$output .= '<li>'. t('checkbox') .'</li>';
+$output .= '<li>'. t('list selection') .'</li>';
+$output .= '<li>'. t('freeform list') .'</li>';
+$output .= '<li>'. t('URL') .'</li>';
+$output .= '<li>'. t('date') .'</li></ul>';
+$output .= '<p>'. t('For more information, see the online handbook entry for <a href="@profile">Profile module</a>.', array('@profile' => 'http://drupal.org/handbook/modules/profile/')) .'</p>';
+return $output;
+case 'admin/user/profile':
+return '<p>'. t("This page displays a list of the existing custom profile fields to be displayed on a user's <em>My Account</em> page. To provide structure, similar or related fields may be placed inside a category. To add a new category (or edit an existing one), edit a profile field and provide a new category name. To change the category of a field or the order of fields within a category, grab a drag-and-drop handle under the Title column and drag the field to a new location in the list. (Grab a handle by clicking and holding the mouse while hovering over a handle icon.) Remember that your changes will not be saved until you click the <em>Save configuration</em> button at the bottom of the page.") .'</p>';
+}
+}
+/**
+* Implementation of hook_theme()
+*/
+function profile_theme() {
+return array(
+'profile_block' => array(
+'arguments' => array('account' => NULL, 'fields' => array()),
+'template' => 'profile-block',
+),
+'profile_listing' => array(
+'arguments' => array('account' => NULL, 'fields' => array()),
+'template' => 'profile-listing',
+),
+'profile_wrapper' => array(
+'arguments' => array('content' => NULL),
+'template' => 'profile-wrapper',
+),
+'profile_admin_overview' => array(
+'arguments' => array('form' => NULL),
+'file' => 'profile.admin.inc',
+)
+);
+}
+/**
+* Implementation of hook_menu().
+*/
+function profile_menu() {
+$items['profile'] = array(
+'title' => 'User list',
+'page callback' => 'profile_browse',
+'access arguments' => array('access user profiles'),
+'type' => MENU_SUGGESTED_ITEM,
+'file' => 'profile.pages.inc',
+);
+$items['admin/user/profile'] = array(
+'title' => 'Profiles',
+'description' => 'Create customizable fields for your users.',
+'page callback' => 'drupal_get_form',
+'page arguments' => array('profile_admin_overview'),
+'access arguments' => array('administer users'),
+'file' => 'profile.admin.inc',
+);
+$items['admin/user/profile/add'] = array(
+'title' => 'Add field',
+'page callback' => 'drupal_get_form',
+'page arguments' => array('profile_field_form'),
+'access arguments' => array('administer users'),
+'type' => MENU_CALLBACK,
+'file' => 'profile.admin.inc',
+);
+$items['admin/user/profile/autocomplete'] = array(
+'title' => 'Profile category autocomplete',
+'page callback' => 'profile_admin_settings_autocomplete',
+'access arguments' => array('administer users'),
+'type' => MENU_CALLBACK,
+'file' => 'profile.admin.inc',
+);
+$items['admin/user/profile/edit'] = array(
+'title' => 'Edit field',
+'page callback' => 'drupal_get_form',
+'page arguments' => array('profile_field_form'),
+'access arguments' => array('administer users'),
+'type' => MENU_CALLBACK,
+'file' => 'profile.admin.inc',
+);
+$items['admin/user/profile/delete'] = array(
+'title' => 'Delete field',
+'page callback' => 'drupal_get_form',
+'page arguments' => array('profile_field_delete'),
+'access arguments' => array('administer users'),
+'type' => MENU_CALLBACK,
+'file' => 'profile.admin.inc',
+);
+$items['profile/autocomplete'] = array(
+'title' => 'Profile autocomplete',
+'page callback' => 'profile_autocomplete',
+'access arguments' => array('access user profiles'),
+'type' => MENU_CALLBACK,
+'file' => 'profile.pages.inc',
+);
+return $items;
+}
+/**
+* Implementation of hook_block().
+*/
+function profile_block($op = 'list', $delta = 0, $edit = array()) {
+if ($op == 'list') {
+$blocks[0]['info'] = t('Author information');
+$blocks[0]['cache'] = BLOCK_CACHE_PER_PAGE | BLOCK_CACHE_PER_ROLE;
+return $blocks;
+}
+else if ($op == 'configure' && $delta == 0) {
+// Compile a list of fields to show
+$fields = array();
+$result = db_query('SELECT name, title, weight, visibility FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS);
+while ($record = db_fetch_object($result)) {
+$fields[$record->name] = check_plain($record->title);
+}
+$fields['user_profile'] = t('Link to full user profile');
+$form['profile_block_author_fields'] = array('#type' => 'checkboxes',
+'#title' => t('Profile fields to display'),
+'#default_value' => variable_get('profile_block_author_fields', array()),
+'#options' => $fields,
+'#description' => t('Select which profile fields you wish to display in the block. Only fields designated as public in the <a href="@profile-admin">profile field configuration</a> are available.', array('@profile-admin' => url('admin/user/profile'))),
+);
+return $form;
+}
+else if ($op == 'save' && $delta == 0) {
+variable_set('profile_block_author_fields', $edit['profile_block_author_fields']);
+}
+else if ($op == 'view') {
+if (user_access('access user profiles')) {
+$output = '';
+if ((arg(0) == 'node') && is_numeric(arg(1)) && (arg(2) == NULL)) {
+$node = node_load(arg(1));
+$account = user_load(array('uid' => $node->uid));
+if ($use_fields = variable_get('profile_block_author_fields', array())) {
+// Compile a list of fields to show.
+$fields = array();
+$result = db_query('SELECT name, title, type, visibility, weight FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS);
+while ($record = db_fetch_object($result)) {
+// Ensure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions.
+if (isset($use_fields[$record->name]) && $use_fields[$record->name]) {
+$fields[] = $record;
+}
+}
+}
+if (!empty($fields)) {
+$profile = _profile_update_user_fields($fields, $account);
+$output .= theme('profile_block', $account, $profile, TRUE);
+}
+if (isset($use_fields['user_profile']) && $use_fields['user_profile']) {
+$output .= '<div>'. l(t('View full user profile'), 'user/'. $account->uid) .'</div>';
+}
+}
+if ($output) {
+$block['subject'] = t('About %name', array('%name' => $account->name));
+$block['content'] = $output;
+return $block;
+}
+}
+}
+}
+/**
+* Implementation of hook_user().
+*/
+function profile_user($type, &$edit, &$user, $category = NULL) {
+switch ($type) {
+case 'load':
+return profile_load_profile($user);
+case 'register':
+return profile_form_profile($edit, $user, $category, TRUE);
+case 'update':
+return profile_save_profile($edit, $user, $category);
+case 'insert':
+return profile_save_profile($edit, $user, $category, TRUE);
+case 'view':
+return profile_view_profile($user);
+case 'form':
+return profile_form_profile($edit, $user, $category);
+case 'validate':
+return profile_validate_profile($edit, $category);
+case 'categories':
+return profile_categories();
+case 'delete':
+db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid);
+}
+}
+function profile_load_profile(&$user) {
+$result = db_query('SELECT f.name, f.type, v.value FROM {profile_fields} f INNER JOIN {profile_values} v ON f.fid = v.fid WHERE uid = %d', $user->uid);
+while ($field = db_fetch_object($result)) {
+if (empty($user->{$field->name})) {
+$user->{$field->name} = _profile_field_serialize($field->type) ? unserialize($field->value) : $field->value;
+}
+}
+}
+function profile_save_profile(&$edit, &$user, $category, $register = FALSE) {
+$result = _profile_get_fields($category, $register);
+while ($field = db_fetch_object($result)) {
+if (_profile_field_serialize($field->type)) {
+$edit[$field->name] = serialize($edit[$field->name]);
+}
+db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid);
+db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]);
+// Mark field as handled (prevents saving to user->data).
+$edit[$field->name] = NULL;
+}
+}
+function profile_view_field($user, $field) {
+// Only allow browsing of private fields for admins, if browsing is enabled,
+// and if a user has permission to view profiles. Note that this check is
+// necessary because a user may always see their own profile.
+$browse = user_access('access user profiles')
+&& (user_access('administer users') || $field->visibility != PROFILE_PRIVATE)
+&& !empty($field->page);
+if (isset($user->{$field->name}) && $value = $user->{$field->name}) {
+switch ($field->type) {
+case 'textarea':
+return check_markup($value);
+case 'textfield':
+case 'selection':
+return $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value);
+case 'checkbox':
+return $browse ? l($field->title, 'profile/'. $field->name) : check_plain($field->title);
+case 'url':
+return '<a href="'. check_url($value) .'">'. check_plain($value) .'</a>';
+case 'date':
+$format = substr(variable_get('date_format_short', 'm/d/Y - H:i'), 0, 5);
+// Note: Avoid PHP's date() because it does not handle dates before
+// 1970 on Windows. This would make the date field useless for e.g.
+// birthdays.
+$replace = array(
+'d' => sprintf('%02d', $value['day']),
+'j' => $value['day'],
+'m' => sprintf('%02d', $value['month']),
+'M' => map_month($value['month']),
+'Y' => $value['year'],
+'H:i' => NULL,
+'g:ia' => NULL,
+);
+return strtr($format, $replace);
+case 'list':
+$values = split("[,\n\r]", $value);
+$fields = array();
+foreach ($values as $value) {
+if ($value = trim($value)) {
+$fields[] = $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value);
+}
+}
+return implode(', ', $fields);
+}
+}
+}
+function profile_view_profile(&$user) {
+profile_load_profile($user);
+// Show private fields to administrators and people viewing their own account.
+if (user_access('administer users') || $GLOBALS['user']->uid == $user->uid) {
+$result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_HIDDEN);
+}
+else {
+$result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN);
+}
+$fields = array();
+while ($field = db_fetch_object($result)) {
+if ($value = profile_view_field($user, $field)) {
+$title = ($field->type != 'checkbox') ? check_plain($field->title) : NULL;
+// Create a single fieldset for each category.
+if (!isset($user->content[$field->category])) {
+$user->content[$field->category] = array(
+'#type' => 'user_profile_category',
+'#title' => $field->category,
+);
+}
+$user->content[$field->category][$field->name] = array(
+'#type' => 'user_profile_item',
+'#title' => $title,
+'#value' => $value,
+'#weight' => $field->weight,
+'#attributes' => array('class' => 'profile-'. $field->name),
+);
+}
+}
+}
+function _profile_form_explanation($field) {
+$output = $field->explanation;
+if ($field->type == 'list') {
+$output .= ' '. t('Put each item on a separate line or separate them by commas. No HTML allowed.');
+}
+if ($field->visibility == PROFILE_PRIVATE) {
+$output .= ' '. t('The content of this field is kept private and will not be shown publicly.');
+}
+return $output;
+}
+function profile_form_profile($edit, $user, $category, $register = FALSE) {
+$result = _profile_get_fields($category, $register);
+$weight = 1;
+$fields = array();
+while ($field = db_fetch_object($result)) {
+$category = $field->category;
+if (!isset($fields[$category])) {
+$fields[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $weight++);
+}
+switch ($field->type) {
+case 'textfield':
+case 'url':
+$fields[$category][$field->name] = array('#type' => 'textfield',
+'#title' => check_plain($field->title),
+'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
+'#maxlength' => 255,
+'#description' => _profile_form_explanation($field),
+'#required' => $field->required,
+);
+if ($field->autocomplete) {
+$fields[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/". $field->fid;
+}
+break;
+case 'textarea':
+$fields[$category][$field->name] = array('#type' => 'textarea',
+'#title' => check_plain($field->title),
+'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
+'#description' => _profile_form_explanation($field),
+'#required' => $field->required,
+);
+break;
+case 'list':
+$fields[$category][$field->name] = array('#type' => 'textarea',
+'#title' => check_plain($field->title),
+'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
+'#description' => _profile_form_explanation($field),
+'#required' => $field->required,
+);
+break;
+case 'checkbox':
+$fields[$category][$field->name] = array('#type' => 'checkbox',
+'#title' => check_plain($field->title),
+'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
+'#description' => _profile_form_explanation($field),
+'#required' => $field->required,
+);
+break;
+case 'selection':
+$options = $field->required ? array() : array('--');
+$lines = split("[\n\r]", $field->options);
+foreach ($lines as $line) {
+if ($line = trim($line)) {
+$options[$line] = $line;
+}
+}
+$fields[$category][$field->name] = array('#type' => 'select',
+'#title' => check_plain($field->title),
+'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
+'#options' => $options,
+'#description' => _profile_form_explanation($field),
+'#required' => $field->required,
+);
+break;
+case 'date':
+$fields[$category][$field->name] = array('#type' => 'date',
+'#title' => check_plain($field->title),
+'#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
+'#description' => _profile_form_explanation($field),
+'#required' => $field->required,
+);
+break;
+}
+}
+return $fields;
+}
+/**
+* Helper function: update an array of user fields by calling profile_view_field
+*/
+function _profile_update_user_fields($fields, $account) {
+foreach ($fields as $key => $field) {
+$fields[$key]->value = profile_view_field($account, $field);
+}
+return $fields;
+}
+function profile_validate_profile($edit, $category) {
+$result = _profile_get_fields($category);
+while ($field = db_fetch_object($result)) {
+if ($edit[$field->name]) {
+if ($field->type == 'url') {
+if (!valid_url($edit[$field->name], TRUE)) {
+form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title)));
+}
+}
+}
+else if ($field->required && !user_access('administer users')) {
+form_set_error($field->name, t('The field %field is required.', array('%field' => $field->title)));
+}
+}
+return $edit;
+}
+function profile_categories() {
+$result = db_query("SELECT DISTINCT(category) FROM {profile_fields}");
+$data = array();
+while ($category = db_fetch_object($result)) {
+$data[] = array(
+'name' => $category->category,
+'title' => $category->category,
+'weight' => 3,
+'access callback' => 'profile_category_access',
+'access arguments' => array(1, $category->category)
+);
+}
+return $data;
+}
+/**
+* Menu item access callback - check if a user has access to a profile category.
+*/
+function profile_category_access($account, $category) {
+if (user_access('administer users') && $account->uid > 0) {
+return TRUE;
+}
+else {
+return user_edit_access($account) && db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility <> %d", $category, PROFILE_HIDDEN));
+}
+}
+/**
+* Process variables for profile-block.tpl.php.
+*
+* The $variables array contains the following arguments:
+* - $account
+* - $fields
+*
+* @see profile-block.tpl.php
+*/
+function template_preprocess_profile_block(&$variables) {
+$variables['picture'] = theme('user_picture', $variables['account']);
+$variables['profile'] = array();
+// Supply filtered version of $fields that have values.
+foreach ($variables['fields'] as $field) {
+if ($field->value) {
+$variables['profile'][$field->name]->title = check_plain($field->title);
+$variables['profile'][$field->name]->value = $field->value;
+$variables['profile'][$field->name]->type = $field->type;
+}
+}
+}
+/**
+* Process variables for profile-listing.tpl.php.
+*
+* The $variables array contains the following arguments:
+* - $account
+* - $fields
+*
+* @see profile-listing.tpl.php
+*/
+function template_preprocess_profile_listing(&$variables) {
+$variables['picture'] = theme('user_picture', $variables['account']);
+$variables['name'] = theme('username', $variables['account']);
+$variables['profile'] = array();
+// Supply filtered version of $fields that have values.
+foreach ($variables['fields'] as $field) {
+if ($field->value) {
+$variables['profile'][$field->name]->title = $field->title;
+$variables['profile'][$field->name]->value = $field->value;
+$variables['profile'][$field->name]->type = $field->type;
+}
+}
+}
+/**
+* Process variables for profile-wrapper.tpl.php.
+*
+* The $variables array contains the following arguments:
+* - $content
+*
+* @see profile-wrapper.tpl.php
+*/
+function template_preprocess_profile_wrapper(&$variables) {
+$variables['current_field'] = '';
+if ($field = arg(1)) {
+$variables['current_field'] = $field;
+// Supply an alternate template suggestion based on the browsable field.
+$variables['template_files'][] = 'profile-wrapper-'. $field;
+}
+}
+function _profile_field_types($type = NULL) {
+$types = array('textfield' => t('single-line textfield'),
+'textarea' => t('multi-line textfield'),
+'checkbox' => t('checkbox'),
+'selection' => t('list selection'),
+'list' => t('freeform list'),
+'url' => t('URL'),
+'date' => t('date'));
+return isset($type) ? $types[$type] : $types;
+}
+function _profile_field_serialize($type = NULL) {
+return $type == 'date';
+}
+function _profile_get_fields($category, $register = FALSE) {
+$args = array();
+$sql = 'SELECT * FROM {profile_fields} WHERE ';
+$filters = array();
+if ($register) {
+$filters[] = 'register = 1';
+}
+else {
+// Use LOWER('%s') instead of PHP's strtolower() to avoid UTF-8 conversion issues.
+$filters[] = "LOWER(category) = LOWER('%s')";
+$args[] = $category;
+}
+if (!user_access('administer users')) {
+$filters[] = 'visibility != %d';
+$args[] = PROFILE_HIDDEN;
+}
+$sql .= implode(' AND ', $filters);
+$sql .= ' ORDER BY category, weight';
+return db_query($sql, $args);
+}

branch	drupal
changeset 74	0ff3ba646492