Mercurial > defr > drupal > core
diff modules/profile/profile.module @ 1:c1f4ac30525a 6.0
Drupal 6.0
| author | Franck Deroche <webmaster@defr.org> |
|---|---|
| date | Tue, 23 Dec 2008 14:28:28 +0100 |
| parents | |
| children | 2427550111ae |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/profile/profile.module Tue Dec 23 14:28:28 2008 +0100 @@ -0,0 +1,575 @@ +<?php +// $Id: profile.module,v 1.236 2008/02/03 19:36:46 goba Exp $ + +/** + * @file + * Support for configurable user profiles. + */ + +/** + * Private field, content only available to privileged users. + */ +define('PROFILE_PRIVATE', 1); + +/** + * Public field, content shown on profile page but not used on member list pages. + */ +define('PROFILE_PUBLIC', 2); + +/** + * Public field, content shown on profile page and on member list pages. + */ +define('PROFILE_PUBLIC_LISTINGS', 3); + +/** + * Hidden profile field, only accessible by administrators, modules and themes. + */ +define('PROFILE_HIDDEN', 4); + +/** + * Implementation of hook_help(). + */ +function profile_help($path, $arg) { + switch ($path) { + case 'admin/help#profile': + $output = '<p>'. t('The profile module allows custom fields (such as country, full name, or age) to be defined and displayed in the <em>My Account</em> section. This permits users of a site to share more information about themselves, and can help community-based sites organize users around specific information.') .'</p>'; + $output .= '<p>'. t('The following types of fields can be added to a user profile:') .'</p>'; + $output .= '<ul><li>'. t('single-line textfield') .'</li>'; + $output .= '<li>'. t('multi-line textfield') .'</li>'; + $output .= '<li>'. t('checkbox') .'</li>'; + $output .= '<li>'. t('list selection') .'</li>'; + $output .= '<li>'. t('freeform list') .'</li>'; + $output .= '<li>'. t('URL') .'</li>'; + $output .= '<li>'. t('date') .'</li></ul>'; + $output .= '<p>'. t('For more information, see the online handbook entry for <a href="@profile">Profile module</a>.', array('@profile' => 'http://drupal.org/handbook/modules/profile/')) .'</p>'; + return $output; + case 'admin/user/profile': + return '<p>'. t("This page displays a list of the existing custom profile fields to be displayed on a user's <em>My Account</em> page. To provide structure, similar or related fields may be placed inside a category. To add a new category (or edit an existing one), edit a profile field and provide a new category name. To change the category of a field or the order of fields within a category, grab a drag-and-drop handle under the Title column and drag the field to a new location in the list. (Grab a handle by clicking and holding the mouse while hovering over a handle icon.) Remember that your changes will not be saved until you click the <em>Save configuration</em> button at the bottom of the page.") .'</p>'; + } +} + +/** + * Implementation of hook_theme() + */ +function profile_theme() { + return array( + 'profile_block' => array( + 'arguments' => array('account' => NULL, 'fields' => array()), + 'template' => 'profile-block', + ), + 'profile_listing' => array( + 'arguments' => array('account' => NULL, 'fields' => array()), + 'template' => 'profile-listing', + ), + 'profile_wrapper' => array( + 'arguments' => array('content' => NULL), + 'template' => 'profile-wrapper', + ), + 'profile_admin_overview' => array( + 'arguments' => array('form' => NULL), + 'file' => 'profile.admin.inc', + ) + ); +} + +/** + * Implementation of hook_menu(). + */ +function profile_menu() { + $items['profile'] = array( + 'title' => 'User list', + 'page callback' => 'profile_browse', + 'access arguments' => array('access user profiles'), + 'type' => MENU_SUGGESTED_ITEM, + 'file' => 'profile.pages.inc', + ); + $items['admin/user/profile'] = array( + 'title' => 'Profiles', + 'description' => 'Create customizable fields for your users.', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('profile_admin_overview'), + 'access arguments' => array('administer users'), + 'file' => 'profile.admin.inc', + ); + $items['admin/user/profile/add'] = array( + 'title' => 'Add field', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('profile_field_form'), + 'type' => MENU_CALLBACK, + 'file' => 'profile.admin.inc', + ); + $items['admin/user/profile/autocomplete'] = array( + 'title' => 'Profile category autocomplete', + 'page callback' => 'profile_admin_settings_autocomplete', + 'type' => MENU_CALLBACK, + 'file' => 'profile.admin.inc', + ); + $items['admin/user/profile/edit'] = array( + 'title' => 'Edit field', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('profile_field_form'), + 'type' => MENU_CALLBACK, + 'file' => 'profile.admin.inc', + ); + $items['admin/user/profile/delete'] = array( + 'title' => 'Delete field', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('profile_field_delete'), + 'type' => MENU_CALLBACK, + 'file' => 'profile.admin.inc', + ); + $items['profile/autocomplete'] = array( + 'title' => 'Profile autocomplete', + 'page callback' => 'profile_autocomplete', + 'access arguments' => array('access user profiles'), + 'type' => MENU_CALLBACK, + 'file' => 'profile.pages.inc', + ); + return $items; +} + +/** + * Implementation of hook_block(). + */ +function profile_block($op = 'list', $delta = 0, $edit = array()) { + + if ($op == 'list') { + $blocks[0]['info'] = t('Author information'); + $blocks[0]['cache'] = BLOCK_CACHE_PER_PAGE | BLOCK_CACHE_PER_ROLE; + return $blocks; + } + else if ($op == 'configure' && $delta == 0) { + // Compile a list of fields to show + $fields = array(); + $result = db_query('SELECT name, title, weight, visibility FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + $fields[$record->name] = check_plain($record->title); + } + $fields['user_profile'] = t('Link to full user profile'); + $form['profile_block_author_fields'] = array('#type' => 'checkboxes', + '#title' => t('Profile fields to display'), + '#default_value' => variable_get('profile_block_author_fields', NULL), + '#options' => $fields, + '#description' => t('Select which profile fields you wish to display in the block. Only fields designated as public in the <a href="@profile-admin">profile field configuration</a> are available.', array('@profile-admin' => url('admin/user/profile'))), + ); + return $form; + } + else if ($op == 'save' && $delta == 0) { + variable_set('profile_block_author_fields', $edit['profile_block_author_fields']); + } + else if ($op == 'view') { + if (user_access('access user profiles')) { + $output = ''; + if ((arg(0) == 'node') && is_numeric(arg(1)) && (arg(2) == NULL)) { + $node = node_load(arg(1)); + $account = user_load(array('uid' => $node->uid)); + + if ($use_fields = variable_get('profile_block_author_fields', array())) { + // Compile a list of fields to show. + $fields = array(); + $result = db_query('SELECT name, title, type, visibility, weight FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + // Ensure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions. + if (isset($use_fields[$record->name]) && $use_fields[$record->name]) { + $fields[] = $record; + } + } + } + + if (!empty($fields)) { + $profile = _profile_update_user_fields($fields, $account); + $output .= theme('profile_block', $account, $profile, TRUE); + } + + if (isset($use_fields['user_profile']) && $use_fields['user_profile']) { + $output .= '<div>'. l(t('View full user profile'), 'user/'. $account->uid) .'</div>'; + } + } + + if ($output) { + $block['subject'] = t('About %name', array('%name' => $account->name)); + $block['content'] = $output; + return $block; + } + } + } +} + +/** + * Implementation of hook_user(). + */ +function profile_user($type, &$edit, &$user, $category = NULL) { + switch ($type) { + case 'load': + return profile_load_profile($user); + case 'register': + return profile_form_profile($edit, $user, $category, TRUE); + case 'update': + return profile_save_profile($edit, $user, $category); + case 'insert': + return profile_save_profile($edit, $user, $category, TRUE); + case 'view': + return profile_view_profile($user); + case 'form': + return profile_form_profile($edit, $user, $category); + case 'validate': + return profile_validate_profile($edit, $category); + case 'categories': + return profile_categories(); + case 'delete': + db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid); + } +} + +function profile_load_profile(&$user) { + $result = db_query('SELECT f.name, f.type, v.value FROM {profile_fields} f INNER JOIN {profile_values} v ON f.fid = v.fid WHERE uid = %d', $user->uid); + while ($field = db_fetch_object($result)) { + if (empty($user->{$field->name})) { + $user->{$field->name} = _profile_field_serialize($field->type) ? unserialize($field->value) : $field->value; + } + } +} + +function profile_save_profile(&$edit, &$user, $category, $register = FALSE) { + $result = _profile_get_fields($category, $register); + while ($field = db_fetch_object($result)) { + if (_profile_field_serialize($field->type)) { + $edit[$field->name] = serialize($edit[$field->name]); + } + db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid); + db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]); + // Mark field as handled (prevents saving to user->data). + $edit[$field->name] = NULL; + } +} + +function profile_view_field($user, $field) { + // Only allow browsing of private fields for admins, if browsing is enabled, + // and if a user has permission to view profiles. Note that this check is + // necessary because a user may always see their own profile. + $browse = user_access('access user profiles') + && (user_access('administer users') || $field->visibility != PROFILE_PRIVATE) + && !empty($field->page); + + if (isset($user->{$field->name}) && $value = $user->{$field->name}) { + switch ($field->type) { + case 'textarea': + return check_markup($value); + case 'textfield': + case 'selection': + return $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value); + case 'checkbox': + return $browse ? l($field->title, 'profile/'. $field->name) : check_plain($field->title); + case 'url': + return '<a href="'. check_url($value) .'">'. check_plain($value) .'</a>'; + case 'date': + $format = substr(variable_get('date_format_short', 'm/d/Y - H:i'), 0, 5); + // Note: Avoid PHP's date() because it does not handle dates before + // 1970 on Windows. This would make the date field useless for e.g. + // birthdays. + $replace = array( + 'd' => sprintf('%02d', $value['day']), + 'j' => $value['day'], + 'm' => sprintf('%02d', $value['month']), + 'M' => map_month($value['month']), + 'Y' => $value['year'], + 'H:i' => NULL, + 'g:ia' => NULL, + ); + return strtr($format, $replace); + case 'list': + $values = split("[,\n\r]", $value); + $fields = array(); + foreach ($values as $value) { + if ($value = trim($value)) { + $fields[] = $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value); + } + } + return implode(', ', $fields); + } + } +} + +function profile_view_profile(&$user) { + + profile_load_profile($user); + + // Show private fields to administrators and people viewing their own account. + if (user_access('administer users') || $GLOBALS['user']->uid == $user->uid) { + $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_HIDDEN); + } + else { + $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN); + } + + $fields = array(); + while ($field = db_fetch_object($result)) { + if ($value = profile_view_field($user, $field)) { + $title = ($field->type != 'checkbox') ? check_plain($field->title) : NULL; + + // Create a single fieldset for each category. + if (!isset($user->content[$field->category])) { + $user->content[$field->category] = array( + '#type' => 'user_profile_category', + '#title' => $field->category, + ); + } + + $user->content[$field->category][$field->name] = array( + '#type' => 'user_profile_item', + '#title' => $title, + '#value' => $value, + '#weight' => $field->weight, + '#attributes' => array('class' => 'profile-'. $field->name), + ); + } + } +} + +function _profile_form_explanation($field) { + $output = $field->explanation; + + if ($field->type == 'list') { + $output .= ' '. t('Put each item on a separate line or separate them by commas. No HTML allowed.'); + } + + if ($field->visibility == PROFILE_PRIVATE) { + $output .= ' '. t('The content of this field is kept private and will not be shown publicly.'); + } + + return $output; +} + +function profile_form_profile($edit, $user, $category, $register = FALSE) { + $result = _profile_get_fields($category, $register); + $weight = 1; + $fields = array(); + while ($field = db_fetch_object($result)) { + $category = $field->category; + if (!isset($fields[$category])) { + $fields[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $weight++); + } + switch ($field->type) { + case 'textfield': + case 'url': + $fields[$category][$field->name] = array('#type' => 'textfield', + '#title' => check_plain($field->title), + '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '', + '#maxlength' => 255, + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + if ($field->autocomplete) { + $fields[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/". $field->fid; + } + break; + case 'textarea': + $fields[$category][$field->name] = array('#type' => 'textarea', + '#title' => check_plain($field->title), + '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '', + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'list': + $fields[$category][$field->name] = array('#type' => 'textarea', + '#title' => check_plain($field->title), + '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '', + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'checkbox': + $fields[$category][$field->name] = array('#type' => 'checkbox', + '#title' => check_plain($field->title), + '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '', + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'selection': + $options = $field->required ? array() : array('--'); + $lines = split("[,\n\r]", $field->options); + foreach ($lines as $line) { + if ($line = trim($line)) { + $options[$line] = $line; + } + } + $fields[$category][$field->name] = array('#type' => 'select', + '#title' => check_plain($field->title), + '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '', + '#options' => $options, + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'date': + $fields[$category][$field->name] = array('#type' => 'date', + '#title' => check_plain($field->title), + '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '', + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + } + } + return $fields; +} + +/** + * Helper function: update an array of user fields by calling profile_view_field + */ +function _profile_update_user_fields($fields, $account) { + foreach ($fields as $key => $field) { + $fields[$key]->value = profile_view_field($account, $field); + } + return $fields; +} + +function profile_validate_profile($edit, $category) { + $result = _profile_get_fields($category); + while ($field = db_fetch_object($result)) { + if ($edit[$field->name]) { + if ($field->type == 'url') { + if (!valid_url($edit[$field->name], TRUE)) { + form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title))); + } + } + } + else if ($field->required && !user_access('administer users')) { + form_set_error($field->name, t('The field %field is required.', array('%field' => $field->title))); + } + } + + return $edit; +} + +function profile_categories() { + $result = db_query("SELECT DISTINCT(category) FROM {profile_fields}"); + $data = array(); + while ($category = db_fetch_object($result)) { + $data[] = array( + 'name' => $category->category, + 'title' => $category->category, + 'weight' => 3, + 'access callback' => 'profile_category_access', + 'access arguments' => array($category->category) + ); + } + return $data; +} + +/** + * Menu item access callback - check if a user has access to a profile category. + */ +function profile_category_access($category) { + if (user_access('administer users')) { + return TRUE; + } + else { + return db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility <> %d", $category, PROFILE_HIDDEN)); + } +} + +/** + * Process variables for profile-block.tpl.php. + * + * The $variables array contains the following arguments: + * - $account + * - $fields + * + * @see profile-block.tpl.php + */ +function template_preprocess_profile_block(&$variables) { + + $variables['picture'] = theme('user_picture', $variables['account']); + $variables['profile'] = array(); + // Supply filtered version of $fields that have values. + foreach ($variables['fields'] as $field) { + if ($field->value) { + $variables['profile'][$field->name]->title = check_plain($field->title); + $variables['profile'][$field->name]->value = $field->value; + $variables['profile'][$field->name]->type = $field->type; + } + } + +} + +/** + * Process variables for profile-listing.tpl.php. + * + * The $variables array contains the following arguments: + * - $account + * - $fields + * + * @see profile-listing.tpl.php + */ +function template_preprocess_profile_listing(&$variables) { + + $variables['picture'] = theme('user_picture', $variables['account']); + $variables['name'] = theme('username', $variables['account']); + $variables['profile'] = array(); + // Supply filtered version of $fields that have values. + foreach ($variables['fields'] as $field) { + if ($field->value) { + $variables['profile'][$field->name]->title = $field->title; + $variables['profile'][$field->name]->value = $field->value; + $variables['profile'][$field->name]->type = $field->type; + } + } + +} + +/** + * Process variables for profile-wrapper.tpl.php. + * + * The $variables array contains the following arguments: + * - $content + * + * @see profile-wrapper.tpl.php + */ +function template_preprocess_profile_wrapper(&$variables) { + $variables['current_field'] = ''; + if ($field = arg(1)) { + $variables['current_field'] = $field; + // Supply an alternate template suggestion based on the browsable field. + $variables['template_files'][] = 'profile-wrapper-'. $field; + } +} + +function _profile_field_types($type = NULL) { + $types = array('textfield' => t('single-line textfield'), + 'textarea' => t('multi-line textfield'), + 'checkbox' => t('checkbox'), + 'selection' => t('list selection'), + 'list' => t('freeform list'), + 'url' => t('URL'), + 'date' => t('date')); + return isset($type) ? $types[$type] : $types; +} + +function _profile_field_serialize($type = NULL) { + return $type == 'date'; +} + +function _profile_get_fields($category, $register = FALSE) { + $args = array(); + $sql = 'SELECT * FROM {profile_fields} WHERE '; + $filters = array(); + if ($register) { + $filters[] = 'register = 1'; + } + else { + // Use LOWER('%s') instead of PHP's strtolower() to avoid UTF-8 conversion issues. + $filters[] = "LOWER(category) = LOWER('%s')"; + $args[] = $category; + } + if (!user_access('administer users')) { + $filters[] = 'visibility != %d'; + $args[] = PROFILE_HIDDEN; + } + $sql .= implode(' AND ', $filters); + $sql .= ' ORDER BY category, weight'; + return db_query($sql, $args); +} +