bachir/materio-base-legacy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated drupal core to 7.51

Browse Source
This commit is contained in:
Bachir Soussi Chiadmi
2016-11-01 18:21:48 +01:00
parent 2ed8b48636
commit 1f780c974e
227 changed files with 2960 additions and 762 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
modules/user/tests/user_form_test.info
View File

@@ -5,8 +5,8 @@ version = VERSION
core = 7.x
hidden = TRUE
; Information added by Drupal.org packaging script on 2016-02-24
version = "7.43"
; Information added by Drupal.org packaging script on 2016-10-05
version = "7.51"
project = "drupal"
datestamp = "1456343506"
datestamp = "1475694174"

18
modules/user/tests/user_form_test.module
View File

@@ -62,3 +62,21 @@ function user_form_test_current_password($form, &$form_state, $account) {
function user_form_test_current_password_submit($form, &$form_state) {
drupal_set_message(t('The password has been validated and the form submitted successfully.'));
}
/**
* Implements hook_form_FORM_ID_alter().
*/
function user_form_test_form_user_profile_form_alter(&$form, &$form_state) {
if (variable_get('user_form_test_user_profile_form_rebuild', FALSE)) {
$form['#submit'][] = 'user_form_test_user_account_submit';
}
}
/**
* Submit function for user_profile_form().
*/
function user_form_test_user_account_submit($form, &$form_state) {
// Rebuild the form instead of letting the process end. This allows us to
// test for bugs that can be triggered in contributed modules.
$form_state['rebuild'] = TRUE;
}

6
modules/user/user.info
View File

@@ -9,8 +9,8 @@ required = TRUE
configure = admin/config/people
stylesheets[all][] = user.css
; Information added by Drupal.org packaging script on 2016-02-24
version = "7.43"
; Information added by Drupal.org packaging script on 2016-10-05
version = "7.51"
project = "drupal"
datestamp = "1456343506"
datestamp = "1475694174"

12
modules/user/user.install
View File

@@ -49,6 +49,9 @@ function user_schema() {
'columns' => array('uid' => 'uid'),
),
),
'indexes' => array(
'uid_module' => array('uid', 'module'),
),
);
$schema['role_permission'] = array(
@@ -910,6 +913,15 @@ function user_update_7018() {
}
}
/**
* Ensure there is a combined index on {authmap}.uid and {authmap}.module.
*/
function user_update_7019() {
// Check first in case it was already added manually.
if (!db_index_exists('authmap', 'uid_module')) {
db_add_index('authmap', 'uid_module', array('uid', 'module'));
}
}
/**
* @} End of "addtogroup updates-7.x-extra".
*/

54
modules/user/user.module
View File

@@ -418,13 +418,11 @@ function user_load_by_name($name) {
*
* @return
* A fully-loaded $user object upon successful save or FALSE if the save failed.
*
* @todo D8: Drop $edit and fix user_save() to be consistent with others.
*/
function user_save($account, $edit = array(), $category = 'account') {
$transaction = db_transaction();
try {
if (!empty($edit['pass'])) {
if (isset($edit['pass']) && strlen(trim($edit['pass'])) > 0) {
// Allow alternate password hashing schemes.
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
$edit['pass'] = user_hash_password(trim($edit['pass']));
@@ -791,7 +789,7 @@ function user_role_permissions($roles = array()) {
* (optional) The account to check, if not given use currently logged in user.
*
* @return
* Boolean TRUE if the current user has the requested permission.
* Boolean TRUE if the user has the requested permission.
*
* All permission checks in Drupal should go through this function. This
* way, we guarantee consistent behavior, and ensure that the superuser
@@ -1162,7 +1160,7 @@ function user_account_form(&$form, &$form_state) {
$form['account']['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => (!$register && isset($account->roles) ? array_keys($account->roles) : array()),
'#default_value' => (!$register && !empty($account->roles) ? array_keys(array_filter($account->roles)) : array()),
'#options' => $roles,
'#access' => $roles && user_access('administer permissions'),
DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated,
@@ -1232,7 +1230,7 @@ function user_validate_current_pass(&$form, &$form_state) {
// that prevent them from being empty if they are changed.
if ((strlen(trim($form_state['values'][$key])) > 0) && ($form_state['values'][$key] != $account->$key)) {
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
$current_pass_failed = empty($form_state['values']['current_pass']) || !user_check_password($form_state['values']['current_pass'], $account);
$current_pass_failed = strlen(trim($form_state['values']['current_pass'])) == 0 || !user_check_password($form_state['values']['current_pass'], $account);
if ($current_pass_failed) {
form_set_error('current_pass', t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => $name)));
form_set_error($key);
@@ -1755,9 +1753,11 @@ function user_menu() {
$items['admin/people/create'] = array(
'title' => 'Add user',
'page callback' => 'user_admin',
'page arguments' => array('create'),
'access arguments' => array('administer users'),
'type' => MENU_LOCAL_ACTION,
'file' => 'user.admin.inc',
);
// Administration pages.
@@ -2165,7 +2165,7 @@ function user_login_name_validate($form, &$form_state) {
*/
function user_login_authenticate_validate($form, &$form_state) {
$password = trim($form_state['values']['pass']);
if (!empty($form_state['values']['name']) && !empty($password)) {
if (!empty($form_state['values']['name']) && strlen(trim($password)) > 0) {
// Do not allow any login from the current user's IP if the limit has been
// reached. Default is 50 failed attempts allowed in one hour. This is
// independent of the per-user limit to catch attempts from one IP to log
@@ -2256,7 +2256,7 @@ function user_login_final_validate($form, &$form_state) {
*/
function user_authenticate($name, $password) {
$uid = FALSE;
if (!empty($name) && !empty($password)) {
if (!empty($name) && strlen(trim($password)) > 0) {
$account = user_load_by_name($name);
if ($account) {
// Allow alternate password hashing schemes.
@@ -2356,26 +2356,14 @@ function user_external_login_register($name, $module) {
* following properties:
* - uid: The user ID number.
* - login: The UNIX timestamp of the user's last login.
* @param array $options
* (optional) A keyed array of settings. Supported options are:
* - langcode: A language code to be used when generating locale-sensitive
* urls. If langcode is NULL the users preferred language is used.
*
* @return
* A unique URL that provides a one-time log in for the user, from which
* they can change their password.
*/
function user_pass_reset_url($account, $options = array()) {
function user_pass_reset_url($account) {
$timestamp = REQUEST_TIME;
$url_options = array('absolute' => TRUE);
if (isset($options['langcode'])) {
$languages = language_list();
$url_options['language'] = $languages[$options['langcode']];
}
else {
$url_options['language'] = user_preferred_language($account);
}
return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), $url_options);
return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), array('absolute' => TRUE));
}
/**
@@ -2387,10 +2375,6 @@ function user_pass_reset_url($account, $options = array()) {
* - uid: The user ID number.
* - pass: The hashed user password string.
* - login: The UNIX timestamp of the user's last login.
* @param array $options
* (optional) A keyed array of settings. Supported options are:
* - langcode: A language code to be used when generating locale-sensitive
* urls. If langcode is NULL the users preferred language is used.
*
* @return
* A unique URL that may be used to confirm the cancellation of the user
@@ -2399,17 +2383,9 @@ function user_pass_reset_url($account, $options = array()) {
* @see user_mail_tokens()
* @see user_cancel_confirm()
*/
function user_cancel_url($account, $options = array()) {
function user_cancel_url($account) {
$timestamp = REQUEST_TIME;
$url_options = array('absolute' => TRUE);
if (isset($options['langcode'])) {
$languages = language_list();
$url_options['language'] = $languages[$options['langcode']];
}
else {
$url_options['language'] = user_preferred_language($account);
}
return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), $url_options);
return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), array('absolute' => TRUE));
}
/**
@@ -2899,7 +2875,7 @@ Your account on [site:name] has been canceled.
if ($replace) {
// We do not sanitize the token replacement, since the output of this
// replacement is intended for an e-mail message, not a web browser.
return token_replace($text, $variables, array('language' => $language, 'langcode' => $langcode, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
return token_replace($text, $variables, array('language' => $language, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
}
return $text;
@@ -2926,8 +2902,8 @@ Your account on [site:name] has been canceled.
*/
function user_mail_tokens(&$replacements, $data, $options) {
if (isset($data['user'])) {
$replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user'], $options);
$replacements['[user:cancel-url]'] = user_cancel_url($data['user'], $options);
$replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user']);
$replacements['[user:cancel-url]'] = user_cancel_url($data['user']);
}
}

51
modules/user/user.pages.inc
View File

@@ -44,6 +44,12 @@ function user_pass() {
$form['name']['#value'] = $user->mail;
$form['mail'] = array(
'#prefix' => '<p>',
// As of https://www.drupal.org/node/889772 the user no longer must log
// out (if they are still logged in when using the password reset link,
// they will be logged out automatically then), but this text is kept as
// is to avoid breaking translations as well as to encourage the user to
// log out manually at a time of their own choosing (when it will not
// interrupt anything else they may have been in the middle of doing).
'#markup' => t('Password reset instructions will be mailed to %email. You must log out to use the password reset link in the e-mail.', array('%email' => $user->mail)),
'#suffix' => '</p>',
);
@@ -54,6 +60,11 @@ function user_pass() {
return $form;
}
/**
* Form validation handler for user_pass().
*
* @see user_pass_submit()
*/
function user_pass_validate($form, &$form_state) {
$name = trim($form_state['values']['name']);
// Try to load by email.
@@ -72,6 +83,11 @@ function user_pass_validate($form, &$form_state) {
}
}
/**
* Form submission handler for user_pass().
*
* @see user_pass_validate()
*/
function user_pass_submit($form, &$form_state) {
global $language;
@@ -96,9 +112,20 @@ function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $a
// When processing the one-time login link, we have to make sure that a user
// isn't already logged in.
if ($user->uid) {
// The existing user is already logged in.
// The existing user is already logged in. Log them out and reload the
// current page so the password reset process can continue.
if ($user->uid == $uid) {
drupal_set_message(t('You are logged in as %user. <a href="!user_edit">Change your password.</a>', array('%user' => $user->name, '!user_edit' => url("user/$user->uid/edit"))));
// Preserve the current destination (if any) and ensure the redirect goes
// back to the current page; any custom destination set in
// hook_user_logout() and intended for regular logouts would not be
// appropriate here.
$destination = array();
if (isset($_GET['destination'])) {
$destination = drupal_get_destination();
}
user_logout_current_user();
unset($_GET['destination']);
drupal_goto(current_path(), array('query' => drupal_get_query_parameters() + $destination));
}
// A different user is already logged in on the computer.
else {
@@ -110,8 +137,8 @@ function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $a
// Invalid one-time link specifies an unknown user.
drupal_set_message(t('The one-time login link you clicked is invalid.'), 'error');
}
drupal_goto();
}
drupal_goto();
}
else {
// Time out, in seconds, until login URL expires. Defaults to 24 hours =
@@ -168,6 +195,14 @@ function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $a
* Menu callback; logs the current user out, and redirects to the home page.
*/
function user_logout() {
user_logout_current_user();
drupal_goto();
}
/**
* Logs the current user out.
*/
function user_logout_current_user() {
global $user;
watchdog('user', 'Session closed for %name.', array('%name' => $user->name));
@@ -176,8 +211,6 @@ function user_logout() {
// Destroy the current session, and reset $user to the anonymous user.
session_destroy();
drupal_goto();
}
/**
@@ -294,14 +327,18 @@ function user_profile_form($form, &$form_state, $account, $category = 'account')
}
/**
* Validation function for the user account and profile editing form.
* Form validation handler for user_profile_form().
*
* @see user_profile_form_submit()
*/
function user_profile_form_validate($form, &$form_state) {
entity_form_field_validate('user', $form, $form_state);
}
/**
* Submit function for the user account and profile editing form.
* Form submission handler for user_profile_form().
*
* @see user_profile_form_validate()
*/
function user_profile_form_submit($form, &$form_state) {
$account = $form_state['user'];

162
modules/user/user.test
View File

@@ -480,6 +480,34 @@ class UserPasswordResetTestCase extends DrupalWebTestCase {
$this->assertText(t('Further instructions have been sent to your e-mail address.'), 'Password reset instructions mailed message displayed.');
}
/**
* Test user password reset while logged in.
*/
function testUserPasswordResetLoggedIn() {
$account = $this->drupalCreateUser();
$this->drupalLogin($account);
// Make sure the test account has a valid password.
user_save($account, array('pass' => user_password()));
// Generate one time login link.
$reset_url = user_pass_reset_url($account);
$this->drupalGet($reset_url);
$this->assertText('Reset password');
$this->drupalPost(NULL, NULL, t('Log in'));
$this->assertText('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.');
$pass = user_password();
$edit = array(
'pass[pass1]' => $pass,
'pass[pass2]' => $pass,
);
$this->drupalPost(NULL, $edit, t('Save'));
$this->assertText('The changes have been saved.');
}
/**
* Attempts login using an expired password reset link.
*/
@@ -1849,6 +1877,19 @@ class UserCreateTestCase extends DrupalWebTestCase {
$this->drupalGet('admin/people');
$this->assertText($edit['name'], 'User found in list of users');
}
// Test that the password '0' is considered a password.
$name = $this->randomName();
$edit = array(
'name' => $name,
'mail' => $name . '@example.com',
'pass[pass1]' => 0,
'pass[pass2]' => 0,
'notify' => FALSE,
);
$this->drupalPost('admin/people/create', $edit, t('Create new account'));
$this->assertText(t('Created a new user account for @name. No e-mail has been sent.', array('@name' => $edit['name'])), 'User created with password 0');
$this->assertNoText('Password field is required');
}
}
@@ -1926,6 +1967,74 @@ class UserEditTestCase extends DrupalWebTestCase {
$this->drupalLogin($user1);
$this->drupalLogout();
}
/**
* Tests setting the password to "0".
*/
public function testUserWith0Password() {
$admin = $this->drupalCreateUser(array('administer users'));
$this->drupalLogin($admin);
// Create a regular user.
$user1 = $this->drupalCreateUser(array());
$edit = array('pass[pass1]' => '0', 'pass[pass2]' => '0');
$this->drupalPost("user/" . $user1->uid . "/edit", $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$this->drupalLogout();
$user1->pass_raw = '0';
$this->drupalLogin($user1);
$this->drupalLogout();
}
}
/**
* Tests editing a user account with and without a form rebuild.
*/
class UserEditRebuildTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'User edit with form rebuild',
'description' => 'Test user edit page when a form rebuild is triggered.',
'group' => 'User',
);
}
function setUp() {
parent::setUp('user_form_test');
}
/**
* Test user edit page when the form is set to rebuild.
*/
function testUserEditFormRebuild() {
$user1 = $this->drupalCreateUser(array('change own username'));
$this->drupalLogin($user1);
$roles = array_keys($user1->roles);
// Save the user form twice.
$edit = array();
$edit['current_pass'] = $user1->pass_raw;
$this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$this->drupalPost(NULL, $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$saved_user1 = entity_load_unchanged('user', $user1->uid);
$this->assertEqual(count($roles), count($saved_user1->roles), 'Count of user roles in database matches original count.');
$diff = array_diff(array_keys($saved_user1->roles), $roles);
$this->assertTrue(empty($diff), format_string('User roles in database match original: @roles', array('@roles' => implode(', ', $saved_user1->roles))));
// Set variable that causes the form to be rebuilt in user_form_test.module.
variable_set('user_form_test_user_profile_form_rebuild', TRUE);
$this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$this->drupalPost(NULL, $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$saved_user1 = entity_load_unchanged('user', $user1->uid);
$this->assertEqual(count($roles), count($saved_user1->roles), 'Count of user roles in database matches original count.');
$diff = array_diff(array_keys($saved_user1->roles), $roles);
$this->assertTrue(empty($diff), format_string('User roles in database match original: @roles', array('@roles' => implode(', ', $saved_user1->roles))));
}
}
/**
@@ -2149,26 +2258,6 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
);
}
public function setUp() {
parent::setUp('locale');
$account = $this->drupalCreateUser(array('access administration pages', 'administer languages'));
$this->drupalLogin($account);
// Add language.
$edit = array('langcode' => 'de');
$this->drupalPost('admin/config/regional/language/add', $edit, t('Add language'));
// Enable URL language detection and selection.
$edit = array('language[enabled][locale-url]' => 1);
$this->drupalPost('admin/config/regional/language/configure', $edit, t('Save settings'));
// Reset static caching.
drupal_static_reset('language_list');
drupal_static_reset('locale_url_outbound_alter');
drupal_static_reset('locale_language_url_rewrite_url');
}
/**
* Creates a user, then tests the tokens generated from it.
*/
@@ -2219,39 +2308,6 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
$output = token_replace($input, array('user' => $account), array('language' => $language, 'sanitize' => FALSE));
$this->assertEqual($output, $expected, format_string('Unsanitized user token %token replaced.', array('%token' => $input)));
}
$languages = language_list();
// Generate login and cancel link.
$tests = array();
$tests['[user:one-time-login-url]'] = user_pass_reset_url($account);
$tests['[user:cancel-url]'] = user_cancel_url($account);
// Generate tokens with interface language.
$link = url('user', array('absolute' => TRUE));
foreach ($tests as $input => $expected) {
$output = token_replace($input, array('user' => $account), array('langcode' => $language->language, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
$this->assertTrue(strpos($output, $link) === 0, 'Generated URL is in interface language.');
}
// Generate tokens with the user's preferred language.
$edit['language'] = 'de';
$account = user_save($account, $edit);
$link = url('user', array('language' => $languages[$account->language], 'absolute' => TRUE));
foreach ($tests as $input => $expected) {
$output = token_replace($input, array('user' => $account), array('callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
$this->assertTrue(strpos($output, $link) === 0, "Generated URL is in the user's preferred language.");
}
// Generate tokens with one specific language.
$link = url('user', array('language' => $languages['de'], 'absolute' => TRUE));
foreach ($tests as $input => $expected) {
foreach (array($user1, $user2) as $account) {
$output = token_replace($input, array('user' => $account), array('langcode' => 'de', 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
$this->assertTrue(strpos($output, $link) === 0, "Generated URL in in the requested language.");
}
}
}
}