|
|
|
|
@@ -187,7 +187,7 @@ function user_entity_info() {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Entity URI callback.
|
|
|
|
|
* Implements callback_entity_info_uri().
|
|
|
|
|
*/
|
|
|
|
|
function user_uri($user) {
|
|
|
|
|
return array(
|
|
|
|
|
@@ -321,7 +321,7 @@ class UserController extends DrupalDefaultEntityController {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add the full file objects for user pictures if enabled.
|
|
|
|
|
if (!empty($picture_fids) && variable_get('user_pictures', 1) == 1) {
|
|
|
|
|
if (!empty($picture_fids) && variable_get('user_pictures', 0)) {
|
|
|
|
|
$pictures = file_load_multiple($picture_fids);
|
|
|
|
|
foreach ($queried_users as $account) {
|
|
|
|
|
if (!empty($account->picture) && isset($pictures[$account->picture])) {
|
|
|
|
|
@@ -1083,6 +1083,9 @@ function user_account_form(&$form, &$form_state) {
|
|
|
|
|
'#access' => !empty($protected_values),
|
|
|
|
|
'#description' => $current_pass_description,
|
|
|
|
|
'#weight' => -5,
|
|
|
|
|
// Do not let web browsers remember this password, since we are trying
|
|
|
|
|
// to confirm that the person submitting the form actually knows the
|
|
|
|
|
// current one.
|
|
|
|
|
'#attributes' => array('autocomplete' => 'off'),
|
|
|
|
|
);
|
|
|
|
|
$form['#validate'][] = 'user_validate_current_pass';
|
|
|
|
|
@@ -2192,7 +2195,7 @@ function user_login_final_validate($form, &$form_state) {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
form_set_error('name', t('Sorry, unrecognized username or password. <a href="@password">Have you forgotten your password?</a>', array('@password' => url('user/password'))));
|
|
|
|
|
form_set_error('name', t('Sorry, unrecognized username or password. <a href="@password">Have you forgotten your password?</a>', array('@password' => url('user/password', array('query' => array('name' => $form_state['values']['name']))))));
|
|
|
|
|
watchdog('user', 'Login attempt failed for %user.', array('%user' => $form_state['values']['name']));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
@@ -2238,7 +2241,12 @@ function user_authenticate($name, $password) {
|
|
|
|
|
* Finalize the login process. Must be called when logging in a user.
|
|
|
|
|
*
|
|
|
|
|
* The function records a watchdog message about the new session, saves the
|
|
|
|
|
* login timestamp, calls hook_user op 'login' and generates a new session. *
|
|
|
|
|
* login timestamp, calls hook_user_login(), and generates a new session.
|
|
|
|
|
*
|
|
|
|
|
* @param array $edit
|
|
|
|
|
* The array of form values submitted by the user.
|
|
|
|
|
*
|
|
|
|
|
* @see hook_user_login()
|
|
|
|
|
*/
|
|
|
|
|
function user_login_finalize(&$edit = array()) {
|
|
|
|
|
global $user;
|
|
|
|
|
@@ -2307,26 +2315,14 @@ function user_external_login_register($name, $module) {
|
|
|
|
|
*
|
|
|
|
|
* @param object $account
|
|
|
|
|
* An object containing the user account.
|
|
|
|
|
* @param array $options
|
|
|
|
|
* (optional) A keyed array of settings. Supported options are:
|
|
|
|
|
* - langcode: A language code to be used when generating locale-sensitive
|
|
|
|
|
* urls. If langcode is NULL the users preferred language is used.
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
* A unique URL that provides a one-time log in for the user, from which
|
|
|
|
|
* they can change their password.
|
|
|
|
|
*/
|
|
|
|
|
function user_pass_reset_url($account, $options = array()) {
|
|
|
|
|
function user_pass_reset_url($account) {
|
|
|
|
|
$timestamp = REQUEST_TIME;
|
|
|
|
|
$url_options = array('absolute' => TRUE);
|
|
|
|
|
if (isset($options['langcode'])) {
|
|
|
|
|
$languages = language_list();
|
|
|
|
|
$url_options['language'] = $languages[$options['langcode']];
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$url_options['language'] = user_preferred_language($account);
|
|
|
|
|
}
|
|
|
|
|
return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login), $url_options);
|
|
|
|
|
return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login), array('absolute' => TRUE));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
@@ -2338,10 +2334,6 @@ function user_pass_reset_url($account, $options = array()) {
|
|
|
|
|
* - uid: The user uid number.
|
|
|
|
|
* - pass: The hashed user password string.
|
|
|
|
|
* - login: The user login name.
|
|
|
|
|
* @param array $options
|
|
|
|
|
* (optional) A keyed array of settings. Supported options are:
|
|
|
|
|
* - langcode: A language code to be used when generating locale-sensitive
|
|
|
|
|
* urls. If langcode is NULL the users preferred language is used.
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
* A unique URL that may be used to confirm the cancellation of the user
|
|
|
|
|
@@ -2350,17 +2342,9 @@ function user_pass_reset_url($account, $options = array()) {
|
|
|
|
|
* @see user_mail_tokens()
|
|
|
|
|
* @see user_cancel_confirm()
|
|
|
|
|
*/
|
|
|
|
|
function user_cancel_url($account, $options = array()) {
|
|
|
|
|
function user_cancel_url($account) {
|
|
|
|
|
$timestamp = REQUEST_TIME;
|
|
|
|
|
$url_options = array('absolute' => TRUE);
|
|
|
|
|
if (isset($options['langcode'])) {
|
|
|
|
|
$languages = language_list();
|
|
|
|
|
$url_options['language'] = $languages[$options['langcode']];
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$url_options['language'] = user_preferred_language($account);
|
|
|
|
|
}
|
|
|
|
|
return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login), $url_options);
|
|
|
|
|
return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login), array('absolute' => TRUE));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
@@ -2435,6 +2419,14 @@ function user_cancel($edit, $uid, $method) {
|
|
|
|
|
array('_user_cancel', array($edit, $account, $method)),
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// After cancelling account, ensure that user is logged out.
|
|
|
|
|
if ($account->uid == $user->uid) {
|
|
|
|
|
// Batch API stores data in the session, so use the finished operation to
|
|
|
|
|
// manipulate the current user's session id.
|
|
|
|
|
$batch['finished'] = '_user_cancel_session_regenerate';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
batch_set($batch);
|
|
|
|
|
|
|
|
|
|
// Batch processing is either handled via Form API or has to be invoked
|
|
|
|
|
@@ -2477,16 +2469,29 @@ function _user_cancel($edit, $account, $method) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// After cancelling account, ensure that user is logged out.
|
|
|
|
|
// After cancelling account, ensure that user is logged out. We can't destroy
|
|
|
|
|
// their session though, as we might have information in it, and we can't
|
|
|
|
|
// regenerate it because batch API uses the session ID, we will regenerate it
|
|
|
|
|
// in _user_cancel_session_regenerate().
|
|
|
|
|
if ($account->uid == $user->uid) {
|
|
|
|
|
// Destroy the current session, and reset $user to the anonymous user.
|
|
|
|
|
session_destroy();
|
|
|
|
|
$user = drupal_anonymous_user();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Clear the cache for anonymous users.
|
|
|
|
|
cache_clear_all();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Finished batch processing callback for cancelling a user account.
|
|
|
|
|
*
|
|
|
|
|
* @see user_cancel()
|
|
|
|
|
*/
|
|
|
|
|
function _user_cancel_session_regenerate() {
|
|
|
|
|
// Regenerate the users session instead of calling session_destroy() as we
|
|
|
|
|
// want to preserve any messages that might have been set.
|
|
|
|
|
drupal_session_regenerate();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Delete a user.
|
|
|
|
|
*
|
|
|
|
|
@@ -2809,7 +2814,7 @@ Your account on [site:name] has been canceled.
|
|
|
|
|
if ($replace) {
|
|
|
|
|
// We do not sanitize the token replacement, since the output of this
|
|
|
|
|
// replacement is intended for an e-mail message, not a web browser.
|
|
|
|
|
return token_replace($text, $variables, array('langcode' => $langcode, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
|
|
|
|
|
return token_replace($text, $variables, array('language' => $language, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $text;
|
|
|
|
|
@@ -2836,8 +2841,8 @@ Your account on [site:name] has been canceled.
|
|
|
|
|
*/
|
|
|
|
|
function user_mail_tokens(&$replacements, $data, $options) {
|
|
|
|
|
if (isset($data['user'])) {
|
|
|
|
|
$replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user'], $options);
|
|
|
|
|
$replacements['[user:cancel-url]'] = user_cancel_url($data['user'], $options);
|
|
|
|
|
$replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user']);
|
|
|
|
|
$replacements['[user:cancel-url]'] = user_cancel_url($data['user']);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@@ -3696,7 +3701,7 @@ function user_block_user_action(&$entity, $context = array()) {
|
|
|
|
|
function user_form_field_ui_field_edit_form_alter(&$form, &$form_state, $form_id) {
|
|
|
|
|
$instance = $form['#instance'];
|
|
|
|
|
|
|
|
|
|
if ($instance['entity_type'] == 'user') {
|
|
|
|
|
if ($instance['entity_type'] == 'user' && !$form['#field']['locked']) {
|
|
|
|
|
$form['instance']['settings']['user_register_form'] = array(
|
|
|
|
|
'#type' => 'checkbox',
|
|
|
|
|
'#title' => t('Display on user registration form.'),
|
|
|
|
|
|
Bachir Soussi Chiadmi