summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChad Phillips2009-10-21 18:11:47 (GMT)
committer Chad Phillips2009-10-21 18:11:47 (GMT)
commit2ed326c4940d79fd7ab76b6a2e77b1f56889e2d3 (patch)
tree200d688fb30ce4daaf24dd8cd999261b2be5890c
parentef3529fba88c3ff55a7b8df9d98b79f6b26f5924 (diff)
value -> markup. refactor check for a manual removal of the pre-auth role by the admin -- use a hidden form field instead. fix logic for password description. add a missing user message for registration when the pre-auth role is the auth user. fix broken query placeholders. remove unnecessary query that erroneously updated a user's login time when an admin validated their account. fix broken call to drupal_goto. fix up redirect array. use core's user mail functionality for resending validation emails. fix broken mail_alter implementation for admin validation emails.
-rwxr-xr-xlogintoboggan.module88
1 files changed, 44 insertions, 44 deletions
diff --git a/logintoboggan.module b/logintoboggan.module
index 223d6d3..151208a 100755
--- a/logintoboggan.module
+++ b/logintoboggan.module
@@ -185,7 +185,7 @@ function logintoboggan_form_user_profile_form_alter(&$form, &$form_state) {
'#weight' => -10,
);
$form['revalidate']['revalidate_link'] = array(
- '#value' => l(t('re-send validation e-mail'), 'toboggan/revalidate/'. $account->uid),
+ '#markup' => l(t('re-send validation e-mail'), 'toboggan/revalidate/'. $account->uid),
);
}
}
@@ -197,6 +197,13 @@ function logintoboggan_form_user_profile_form_alter(&$form, &$form_state) {
if (user_access('administer users') && isset($form['account']['roles']) && $id != DRUPAL_AUTHENTICATED_RID) {
// User is still in the pre-auth role, so let the admin know.
if ($in_pre_auth_role) {
+ // This form element is necessary as a placeholder for the user's
+ // pre-auth setting on form load. It's used to compare against the
+ // submitted form values to see if the pre-auth role has been unchecked.
+ $form['logintoboggan_pre_auth_check'] = array(
+ '#type' => 'hidden',
+ '#value' => '1',
+ );
if ((variable_get('user_register', 1) == 2)) {
$form['account']['status']['#description'] = t('If this user was created using the "Immediate Login" feature of LoginToboggan, and they are also awaiting adminstrator approval on their account, you must remove them from the site\'s pre-authorized role in the "Roles" section below, or they will not receive authenticated user permissions!');
}
@@ -242,8 +249,6 @@ function logintoboggan_form_user_register_form_alter(&$form, &$form_state) {
//Display a confirm e-mail address box if option is enabled.
if ($mail) {
- // Make sure user help is at the top of the form.
- $form['user_registration_help']['#weight'] = -100;
$form['conf_mail'] = array('#type' => 'textfield',
'#title' => t('Confirm e-mail address'),
@@ -270,7 +275,13 @@ function logintoboggan_form_user_register_form_alter(&$form, &$form_state) {
if ($pass) {
$min_pass = variable_get('logintoboggan_minimum_password_length', 0);
$length = $min_pass ? t('between !min and', array('!min' => $min_pass)) : t('no more than');
- $form['pass']['#description'] = t('Please choose a password for your account; it must be !length 30 characters.', array('!length' => $length));
+ $pass_description = t('Please choose a password for your account; it must be !length 30 characters.', array('!length' => $length));
+ if (isset($form['account'])) {
+ $form['account']['pass']['#description'] = $pass_description;
+ }
+ else {
+ $form['pass']['#description'] = $pass_description;
+ }
}
}
}
@@ -539,7 +550,7 @@ function logintoboggan_user_register_submit($form, &$form_state) {
$message = t('A validation e-mail has been sent to your e-mail address. In order to gain full access to the site, you will need to follow the instructions in that message.');
}
else {
- $message = '';
+ $message = t('Further instructions have been sent to your e-mail address.');
}
} else {
$message = t('Your password and further instructions have been sent to your e-mail address.');
@@ -583,7 +594,7 @@ function logintoboggan_user_register_submit($form, &$form_state) {
*/
function logintoboggan_user_login_validate($form, &$form_state) {
if (isset($form_state['values']['name']) && $form_state['values']['name']) {
- if ($name = db_query("SELECT name FROM {users} WHERE LOWER(mail) = LOWER(':name')", array(
+ if ($name = db_query("SELECT name FROM {users} WHERE LOWER(mail) = LOWER(:name)", array(
':name' => $form_state['values']['name'],
))->fetchField()) {
form_set_value($form['name'], $name, $form_state);
@@ -627,14 +638,14 @@ function logintoboggan_user_edit_validate($form, &$form_state) {
if (variable_get('logintoboggan_login_with_email', 0)) {
$uid = isset($account->uid) ? $account->uid : 0;
// Check that no user is using this name for their email address.
- if (isset($edit['name']) && db_query("SELECT uid FROM {users} WHERE LOWER(mail) = LOWER(':mail') AND uid <> :uid", array(
+ if (isset($edit['name']) && db_query("SELECT uid FROM {users} WHERE LOWER(mail) = LOWER(:mail) AND uid <> :uid", array(
':mail' => $edit['name'],
':uid' => $uid,
))->fetchField()) {
form_set_error('name', t('This name has already been taken by another user.'));
}
// Check that no user is using this email address for their name.
- if (isset($edit['mail']) && db_query("SELECT uid FROM {users} WHERE LOWER(name) = LOWER(':name') AND uid <> :uid", array(
+ if (isset($edit['mail']) && db_query("SELECT uid FROM {users} WHERE LOWER(name) = LOWER(:name) AND uid <> :uid", array(
':name' => $edit['mail'],
':uid' => $uid,
))->fetchField()) {
@@ -1083,12 +1094,6 @@ function logintoboggan_validate_email($uid, $timestamp, $hashed_pass, $action =
// - the hashed password is correct.
if (((variable_get('user_email_verification', TRUE) && empty($account->login)) || array_key_exists(logintoboggan_validating_id(), $account->roles)) && $hashed_pass == logintoboggan_eml_rehash($account->pass, $timestamp, $account->mail)) {
watchdog('user', 'E-mail validation URL used for %name with timestamp @timestamp.', array('%name' => $account->name, '@timestamp' => $timestamp));
- // Update the user table noting user has logged in.
- // And this also makes this hashed password a one-time-only login.
- db_update('users')
- ->fields(array('login' => REQUEST_TIME))
- ->condition('uid', $account->uid)
- ->execute();
// Test here for a valid pre-auth -- if the pre-auth is set to the auth user, we
// handle things a bit differently.
@@ -1115,11 +1120,12 @@ function logintoboggan_validate_email($uid, $timestamp, $hashed_pass, $action =
else {
$edit = array();
$redirect = logintoboggan_process_login($account, $edit, $redirect);
- drupal_goto($redirect['path'], array('query' => $redirect['query'], 'fragment' => $redirect['fragment']));
+ call_user_func_array('drupal_goto', $redirect);
}
break;
// Admin validation.
case 'admin':
+ // TODO: is this still necessary?
// user has new permissions, so we clear their menu cache
cache_clear_all($account->uid .':', 'cache_menu', TRUE);
@@ -1133,6 +1139,7 @@ function logintoboggan_validate_email($uid, $timestamp, $hashed_pass, $action =
break;
// Catch all.
default:
+ // TODO: is this still necessary?
// user has new permissions, so we clear their menu cache
cache_clear_all($account->uid .':', 'cache_menu', TRUE);
@@ -1215,8 +1222,8 @@ function logintoboggan_process_login($account, &$edit, $redirect = array()){
return array(
'user/'. $user->uid,
array(
- 'query' => NULL,
- 'fragment' => NULL,
+ 'query' => array(),
+ 'fragment' => '',
),
);
}
@@ -1253,28 +1260,24 @@ function logintoboggan_user_load($users) {
* Implement hook_user_update().
*/
function logintoboggan_user_update(&$edit, $account, $category) {
- // Only perform this check if:
- // 1. An admin is editing the account.
- // 2. Admin approval is required for new user accounts.
- if (user_access('administer users') && variable_get('user_register', 1) == 2) {
- // Test here for a valid pre-auth -- if the pre-auth is set to the auth
- // user, then no further checking is necessary.
- $validating_id = logintoboggan_validating_id();
- $pre_auth = !variable_get('user_email_verification', TRUE) && $validating_id != DRUPAL_AUTHENTICATED_RID;
- if ($pre_auth) {
+ // Only perform this check if an admin is editing the account.
+ if (user_access('administer users')&& isset($edit['roles'])) {
+ // Check to see if roles present, and the pre-auth role was present when
+ // the form was initially displayed.
+ if (isset($edit['logintoboggan_pre_auth_check'])) {
+ // If the pre-auth is set to the auth user, then no further checking is
+ // necessary.
+ $validating_id = logintoboggan_validating_id();
+ $pre_auth = !variable_get('user_email_verification', TRUE) && $validating_id != DRUPAL_AUTHENTICATED_RID;
+ if ($pre_auth) {
// Check to see if an admin has manually removed the pre-auth role from
// the user. If so, send the account activation email.
- // The logic here is a bit funky, but necessary because we have no way
- // of knowing if a missing $edit['roles'][$validating_id] is because
- // the pre-auth role was disabled on this page save or a previous save.
- // So, we calculate a removal of the pre-auth role manually as follows:
- // 1. The pre-auth role exists in the user's current roles.
- // 2. There's an available $edit['roles'] array to examine.
- // 3. The pre-auth role is not in the array.
- if (array_key_exists($validating_id, $account->roles) && isset($edit['roles']) && (!isset($edit['roles'][$validating_id]) || !$edit['roles'][$validating_id])) {
- // Mail the user, letting them know their account now has auth user perms.
- _user_mail_notify('status_activated', $account);
+ if (!isset($edit['roles'][$validating_id]) || !$edit['roles'][$validating_id]) {
+ // Mail the user, letting them know their account now has auth user perms.
+ _user_mail_notify('status_activated', $account);
+ }
}
+ unset($edit['logintoboggan_pre_auth_check']);
}
}
}
@@ -1283,16 +1286,11 @@ function logintoboggan_user_update(&$edit, $account, $category) {
* Re-sends validation e-mail to user specified by $uid.
*/
function logintoboggan_resend_validation($uid) {
- global $language;
$account = user_load($uid);
$account->password = t('If required, you may reset your password from: !url', array('!url' => url('user/password', array('absolute' => TRUE))));
- $params['account'] = $account;
- $params['login_url'] = logintoboggan_eml_validate_url($account);
-
- // Prepare and send e-mail.
- drupal_mail('logintoboggan', 'logintoboggan_resend_validation', $account->mail, $language, $params);
+ _user_mail_notify('register_no_approval_required', $account);
// Notify admin or user that e-mail was sent and return to user edit form.
if (user_access('administer users')) {
@@ -1359,12 +1357,14 @@ function logintoboggan_main_settings_submit($form, &$form_state) {
* Implementation of hook_mail_alter().
*/
function logintoboggan_mail_alter(&$message) {
- if ($message['id'] == 'register_pending_approval_admin') {
+ if ($message['id'] == 'user_register_pending_approval_admin') {
$reg_pass_set = !variable_get('user_email_verification', TRUE);
if ($reg_pass_set) {
+ $account = $message['params']['account'];
+ $url_options = array('absolute' => TRUE);
$language = $message['language'];
$langcode = isset($language) ? $language->language : NULL;
- $message['body'][] = t("\n\nThe user has automatically received the permissions of the LoginToboggan validating role. To give the user full site permissions, click the link below:\n\n[logintoboggan-validation:url]/admin\n\nAlternatively, you may visit their user account listed above and remove them from the validating role.", array(), array('langcode' => $langcode));
+ $message['body'][] = t("\n\nThe user has automatically received the permissions of the LoginToboggan validating role. To give the user full site permissions, click the link below:\n\n!validation_url/admin\n\nAlternatively, you may visit their user account listed above and remove them from the validating role.", array('!validation_url' => logintoboggan_eml_validate_url($account, $url_options)), array('langcode' => $langcode));
}
}
}