view modules/profile/profile.module @ 7:fff6d4c8c043 6.3

Drupal 6.3
author Franck Deroche <webmaster@defr.org>
date Tue, 23 Dec 2008 14:30:28 +0100
parents 2427550111ae
children 3edae6ecd6c6
line wrap: on
line source
<?php
// $Id: profile.module,v 1.236.2.2 2008/04/28 09:13:46 dries Exp $

/**
 * @file
 * Support for configurable user profiles.
 */

/**
 * Private field, content only available to privileged users.
 */
define('PROFILE_PRIVATE', 1);

/**
 * Public field, content shown on profile page but not used on member list pages.
 */
define('PROFILE_PUBLIC', 2);

/**
 * Public field, content shown on profile page and on member list pages.
 */
define('PROFILE_PUBLIC_LISTINGS', 3);

/**
 * Hidden profile field, only accessible by administrators, modules and themes.
 */
define('PROFILE_HIDDEN', 4);

/**
 * Implementation of hook_help().
 */
function profile_help($path, $arg) {
  switch ($path) {
    case 'admin/help#profile':
      $output = '<p>'. t('The profile module allows custom fields (such as country, full name, or age) to be defined and displayed in the <em>My Account</em> section. This permits users of a site to share more information about themselves, and can help community-based sites organize users around specific information.') .'</p>';
      $output .= '<p>'. t('The following types of fields can be added to a user profile:') .'</p>';
      $output .= '<ul><li>'. t('single-line textfield') .'</li>';
      $output .= '<li>'. t('multi-line textfield') .'</li>';
      $output .= '<li>'. t('checkbox') .'</li>';
      $output .= '<li>'. t('list selection') .'</li>';
      $output .= '<li>'. t('freeform list') .'</li>';
      $output .= '<li>'. t('URL') .'</li>';
      $output .= '<li>'. t('date') .'</li></ul>';
      $output .= '<p>'. t('For more information, see the online handbook entry for <a href="@profile">Profile module</a>.', array('@profile' => 'http://drupal.org/handbook/modules/profile/')) .'</p>';
      return $output;
    case 'admin/user/profile':
      return '<p>'. t("This page displays a list of the existing custom profile fields to be displayed on a user's <em>My Account</em> page. To provide structure, similar or related fields may be placed inside a category. To add a new category (or edit an existing one), edit a profile field and provide a new category name. To change the category of a field or the order of fields within a category, grab a drag-and-drop handle under the Title column and drag the field to a new location in the list. (Grab a handle by clicking and holding the mouse while hovering over a handle icon.) Remember that your changes will not be saved until you click the <em>Save configuration</em> button at the bottom of the page.") .'</p>';
  }
}

/**
 * Implementation of hook_theme()
 */
function profile_theme() {
  return array(
    'profile_block' => array(
      'arguments' => array('account' => NULL, 'fields' => array()),
      'template' => 'profile-block',
    ),
    'profile_listing' => array(
      'arguments' => array('account' => NULL, 'fields' => array()),
      'template' => 'profile-listing',
    ),
    'profile_wrapper' => array(
      'arguments' => array('content' => NULL),
      'template' => 'profile-wrapper',
    ),
    'profile_admin_overview' => array(
      'arguments' => array('form' => NULL),
      'file' => 'profile.admin.inc',
    )
  );
}

/**
 * Implementation of hook_menu().
 */
function profile_menu() {
  $items['profile'] = array(
    'title' => 'User list',
    'page callback' => 'profile_browse',
    'access arguments' => array('access user profiles'),
    'type' => MENU_SUGGESTED_ITEM,
    'file' => 'profile.pages.inc',
  );
  $items['admin/user/profile'] = array(
    'title' => 'Profiles',
    'description' => 'Create customizable fields for your users.',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('profile_admin_overview'),
    'access arguments' => array('administer users'),
    'file' => 'profile.admin.inc',
  );
  $items['admin/user/profile/add'] = array(
    'title' => 'Add field',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('profile_field_form'),
    'access arguments' => array('administer users'),
    'type' => MENU_CALLBACK,
    'file' => 'profile.admin.inc',
  );
  $items['admin/user/profile/autocomplete'] = array(
    'title' => 'Profile category autocomplete',
    'page callback' => 'profile_admin_settings_autocomplete',
    'access arguments' => array('administer users'),
    'type' => MENU_CALLBACK,
    'file' => 'profile.admin.inc',
  );
  $items['admin/user/profile/edit'] = array(
    'title' => 'Edit field',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('profile_field_form'),
    'access arguments' => array('administer users'),
    'type' => MENU_CALLBACK,
    'file' => 'profile.admin.inc',
  );
  $items['admin/user/profile/delete'] = array(
    'title' => 'Delete field',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('profile_field_delete'),
    'access arguments' => array('administer users'),
    'type' => MENU_CALLBACK,
    'file' => 'profile.admin.inc',
  );
  $items['profile/autocomplete'] = array(
    'title' => 'Profile autocomplete',
    'page callback' => 'profile_autocomplete',
    'access arguments' => array('access user profiles'),
    'type' => MENU_CALLBACK,
    'file' => 'profile.pages.inc',
  );
  return $items;
}

/**
 * Implementation of hook_block().
 */
function profile_block($op = 'list', $delta = 0, $edit = array()) {

  if ($op == 'list') {
    $blocks[0]['info'] = t('Author information');
    $blocks[0]['cache'] = BLOCK_CACHE_PER_PAGE | BLOCK_CACHE_PER_ROLE;
    return $blocks;
  }
  else if ($op == 'configure' && $delta == 0) {
    // Compile a list of fields to show
    $fields = array();
    $result = db_query('SELECT name, title, weight, visibility FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS);
    while ($record = db_fetch_object($result)) {
      $fields[$record->name] = check_plain($record->title);
    }
    $fields['user_profile'] = t('Link to full user profile');
    $form['profile_block_author_fields'] = array('#type' => 'checkboxes',
      '#title' => t('Profile fields to display'),
      '#default_value' => variable_get('profile_block_author_fields', array()),
      '#options' => $fields,
      '#description' => t('Select which profile fields you wish to display in the block. Only fields designated as public in the <a href="@profile-admin">profile field configuration</a> are available.', array('@profile-admin' => url('admin/user/profile'))),
    );
    return $form;
  }
  else if ($op == 'save' && $delta == 0) {
    variable_set('profile_block_author_fields', $edit['profile_block_author_fields']);
  }
  else if ($op == 'view') {
    if (user_access('access user profiles')) {
      $output = '';
      if ((arg(0) == 'node') && is_numeric(arg(1)) && (arg(2) == NULL)) {
        $node = node_load(arg(1));
        $account = user_load(array('uid' => $node->uid));

        if ($use_fields = variable_get('profile_block_author_fields', array())) {
          // Compile a list of fields to show.
          $fields = array();
          $result = db_query('SELECT name, title, type, visibility, weight FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS);
          while ($record = db_fetch_object($result)) {
            // Ensure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions.
            if (isset($use_fields[$record->name]) && $use_fields[$record->name]) {
              $fields[] = $record;
            }
          }
        }

        if (!empty($fields)) {
          $profile = _profile_update_user_fields($fields, $account);
          $output .= theme('profile_block', $account, $profile, TRUE);
        }

        if (isset($use_fields['user_profile']) && $use_fields['user_profile']) {
          $output .= '<div>'. l(t('View full user profile'), 'user/'. $account->uid) .'</div>';
        }
      }

      if ($output) {
        $block['subject'] = t('About %name', array('%name' => $account->name));
        $block['content'] = $output;
        return $block;
      }
    }
  }
}

/**
 * Implementation of hook_user().
 */
function profile_user($type, &$edit, &$user, $category = NULL) {
  switch ($type) {
    case 'load':
      return profile_load_profile($user);
    case 'register':
      return profile_form_profile($edit, $user, $category, TRUE);
    case 'update':
    return profile_save_profile($edit, $user, $category);
    case 'insert':
      return profile_save_profile($edit, $user, $category, TRUE);
    case 'view':
      return profile_view_profile($user);
    case 'form':
      return profile_form_profile($edit, $user, $category);
    case 'validate':
      return profile_validate_profile($edit, $category);
    case 'categories':
      return profile_categories();
    case 'delete':
      db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid);
  }
}

function profile_load_profile(&$user) {
  $result = db_query('SELECT f.name, f.type, v.value FROM {profile_fields} f INNER JOIN {profile_values} v ON f.fid = v.fid WHERE uid = %d', $user->uid);
  while ($field = db_fetch_object($result)) {
    if (empty($user->{$field->name})) {
      $user->{$field->name} = _profile_field_serialize($field->type) ? unserialize($field->value) : $field->value;
    }
  }
}

function profile_save_profile(&$edit, &$user, $category, $register = FALSE) {
  $result = _profile_get_fields($category, $register);
  while ($field = db_fetch_object($result)) {
    if (_profile_field_serialize($field->type)) {
      $edit[$field->name] = serialize($edit[$field->name]);
    }
    db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid);
    db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]);
    // Mark field as handled (prevents saving to user->data).
    $edit[$field->name] = NULL;
  }
}

function profile_view_field($user, $field) {
  // Only allow browsing of private fields for admins, if browsing is enabled,
  // and if a user has permission to view profiles. Note that this check is
  // necessary because a user may always see their own profile.
  $browse = user_access('access user profiles')
         && (user_access('administer users') || $field->visibility != PROFILE_PRIVATE)
         && !empty($field->page);

  if (isset($user->{$field->name}) && $value = $user->{$field->name}) {
    switch ($field->type) {
      case 'textarea':
        return check_markup($value);
      case 'textfield':
      case 'selection':
        return $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value);
      case 'checkbox':
        return $browse ? l($field->title, 'profile/'. $field->name) : check_plain($field->title);
      case 'url':
        return '<a href="'. check_url($value) .'">'. check_plain($value) .'</a>';
      case 'date':
        $format = substr(variable_get('date_format_short', 'm/d/Y - H:i'), 0, 5);
        // Note: Avoid PHP's date() because it does not handle dates before
        // 1970 on Windows. This would make the date field useless for e.g.
        // birthdays.
        $replace = array(
          'd' => sprintf('%02d', $value['day']),
          'j' => $value['day'],
          'm' => sprintf('%02d', $value['month']),
          'M' => map_month($value['month']),
          'Y' => $value['year'],
          'H:i' => NULL,
          'g:ia' => NULL,
        );
        return strtr($format, $replace);
      case 'list':
        $values = split("[,\n\r]", $value);
        $fields = array();
        foreach ($values as $value) {
          if ($value = trim($value)) {
            $fields[] = $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value);
          }
        }
        return implode(', ', $fields);
    }
  }
}

function profile_view_profile(&$user) {

  profile_load_profile($user);

  // Show private fields to administrators and people viewing their own account.
  if (user_access('administer users') || $GLOBALS['user']->uid == $user->uid) {
    $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_HIDDEN);
  }
  else {
    $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN);
  }

  $fields = array();
  while ($field = db_fetch_object($result)) {
    if ($value = profile_view_field($user, $field)) {
      $title = ($field->type != 'checkbox') ? check_plain($field->title) : NULL;

      // Create a single fieldset for each category.
      if (!isset($user->content[$field->category])) {
        $user->content[$field->category] = array(
          '#type' => 'user_profile_category',
          '#title' => $field->category,
        );
      }

      $user->content[$field->category][$field->name] = array(
        '#type' => 'user_profile_item',
        '#title' => $title,
        '#value' => $value,
        '#weight' => $field->weight,
        '#attributes' => array('class' => 'profile-'. $field->name),
      );
    }
  }
}

function _profile_form_explanation($field) {
  $output = $field->explanation;

  if ($field->type == 'list') {
    $output .= ' '. t('Put each item on a separate line or separate them by commas. No HTML allowed.');
  }

  if ($field->visibility == PROFILE_PRIVATE) {
    $output .= ' '. t('The content of this field is kept private and will not be shown publicly.');
  }

  return $output;
}

function profile_form_profile($edit, $user, $category, $register = FALSE) {
  $result = _profile_get_fields($category, $register);
  $weight = 1;
  $fields = array();
  while ($field = db_fetch_object($result)) {
    $category = $field->category;
    if (!isset($fields[$category])) {
      $fields[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $weight++);
    }
    switch ($field->type) {
      case 'textfield':
      case 'url':
        $fields[$category][$field->name] = array('#type' => 'textfield',
          '#title' => check_plain($field->title),
          '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
          '#maxlength' => 255,
          '#description' => _profile_form_explanation($field),
          '#required' => $field->required,
        );
        if ($field->autocomplete) {
          $fields[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/". $field->fid;
        }
        break;
      case 'textarea':
        $fields[$category][$field->name] = array('#type' => 'textarea',
          '#title' => check_plain($field->title),
          '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
          '#description' => _profile_form_explanation($field),
          '#required' => $field->required,
        );
        break;
      case 'list':
        $fields[$category][$field->name] = array('#type' => 'textarea',
          '#title' => check_plain($field->title),
          '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
          '#description' => _profile_form_explanation($field),
          '#required' => $field->required,
        );
        break;
      case 'checkbox':
        $fields[$category][$field->name] = array('#type' => 'checkbox',
          '#title' => check_plain($field->title),
          '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
          '#description' => _profile_form_explanation($field),
          '#required' => $field->required,
        );
        break;
      case 'selection':
        $options = $field->required ? array() : array('--');
        $lines = split("[,\n\r]", $field->options);
        foreach ($lines as $line) {
          if ($line = trim($line)) {
            $options[$line] = $line;
          }
        }
        $fields[$category][$field->name] = array('#type' => 'select',
          '#title' => check_plain($field->title),
          '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
          '#options' => $options,
          '#description' => _profile_form_explanation($field),
          '#required' => $field->required,
        );
        break;
      case 'date':
        $fields[$category][$field->name] = array('#type' => 'date',
          '#title' => check_plain($field->title),
          '#default_value' => isset($edit[$field->name]) ? $edit[$field->name] : '',
          '#description' => _profile_form_explanation($field),
          '#required' => $field->required,
        );
        break;
    }
  }
  return $fields;
}

/**
 * Helper function: update an array of user fields by calling profile_view_field
 */
function _profile_update_user_fields($fields, $account) {
  foreach ($fields as $key => $field) {
    $fields[$key]->value = profile_view_field($account, $field);
  }
  return $fields;
}

function profile_validate_profile($edit, $category) {
  $result = _profile_get_fields($category);
  while ($field = db_fetch_object($result)) {
    if ($edit[$field->name]) {
      if ($field->type == 'url') {
        if (!valid_url($edit[$field->name], TRUE)) {
          form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title)));
        }
      }
    }
    else if ($field->required && !user_access('administer users')) {
      form_set_error($field->name, t('The field %field is required.', array('%field' => $field->title)));
    }
  }

  return $edit;
}

function profile_categories() {
  $result = db_query("SELECT DISTINCT(category) FROM {profile_fields}");
  $data = array();
  while ($category = db_fetch_object($result)) {
    $data[] = array(
      'name' => $category->category,
      'title' => $category->category,
      'weight' => 3,
      'access callback' => 'profile_category_access',
      'access arguments' => array(1, $category->category)
    );
  }
  return $data;
}

/**
 * Menu item access callback - check if a user has access to a profile category.
 */
function profile_category_access($account, $category) {
  if (user_access('administer users') && $account->uid > 0) {
    return TRUE;
  }
  else {
    return user_edit_access($account) && db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility <> %d", $category, PROFILE_HIDDEN));
  }
}

/**
 * Process variables for profile-block.tpl.php.
 *
 * The $variables array contains the following arguments:
 * - $account
 * - $fields
 *
 * @see profile-block.tpl.php
 */
function template_preprocess_profile_block(&$variables) {

  $variables['picture'] = theme('user_picture', $variables['account']);
  $variables['profile'] = array();
  // Supply filtered version of $fields that have values.
  foreach ($variables['fields'] as $field) {
    if ($field->value) {
      $variables['profile'][$field->name]->title = check_plain($field->title);
      $variables['profile'][$field->name]->value = $field->value;
      $variables['profile'][$field->name]->type = $field->type;
    }
  }

}

/**
 * Process variables for profile-listing.tpl.php.
 *
 * The $variables array contains the following arguments:
 * - $account
 * - $fields
 *
 * @see profile-listing.tpl.php
 */
function template_preprocess_profile_listing(&$variables) {

  $variables['picture'] = theme('user_picture', $variables['account']);
  $variables['name'] = theme('username', $variables['account']);
  $variables['profile'] = array();
  // Supply filtered version of $fields that have values.
  foreach ($variables['fields'] as $field) {
    if ($field->value) {
      $variables['profile'][$field->name]->title = $field->title;
      $variables['profile'][$field->name]->value = $field->value;
      $variables['profile'][$field->name]->type = $field->type;
    }
  }

}

/**
 * Process variables for profile-wrapper.tpl.php.
 *
 * The $variables array contains the following arguments:
 * - $content
 *
 * @see profile-wrapper.tpl.php
 */
function template_preprocess_profile_wrapper(&$variables) {
  $variables['current_field'] = '';
  if ($field = arg(1)) {
    $variables['current_field'] = $field;
    // Supply an alternate template suggestion based on the browsable field.
    $variables['template_files'][] = 'profile-wrapper-'. $field;
  }
}

function _profile_field_types($type = NULL) {
  $types = array('textfield' => t('single-line textfield'),
                 'textarea' => t('multi-line textfield'),
                 'checkbox' => t('checkbox'),
                 'selection' => t('list selection'),
                 'list' => t('freeform list'),
                 'url' => t('URL'),
                 'date' => t('date'));
  return isset($type) ? $types[$type] : $types;
}

function _profile_field_serialize($type = NULL) {
  return $type == 'date';
}

function _profile_get_fields($category, $register = FALSE) {
  $args = array();
  $sql = 'SELECT * FROM {profile_fields} WHERE ';
  $filters = array();
  if ($register) {
    $filters[] = 'register = 1';
  }
  else {
    // Use LOWER('%s') instead of PHP's strtolower() to avoid UTF-8 conversion issues.
    $filters[] = "LOWER(category) = LOWER('%s')";
    $args[] = $category;
  }
  if (!user_access('administer users')) {
    $filters[] = 'visibility != %d';
    $args[] = PROFILE_HIDDEN;
  }
  $sql .= implode(' AND ', $filters);
  $sql .= ' ORDER BY category, weight';
  return db_query($sql, $args);
}