summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSascha Grossenbacher2010-07-29 07:49:54 (GMT)
committer Sascha Grossenbacher2010-07-29 07:49:54 (GMT)
commit87d96e43f839a49883067d8cf8103a33f56e1883 (patch)
treeeb9704d0b6f0d0987c2c5a55f23e7925f7c88924
parentb8c573c2ea490ba43c536137fdaa086646007da9 (diff)
#865298 by Berdir | BenK: Added validation function for user blocking form.
-rwxr-xr-xpm_block_user/pm_block_user.module18
-rw-r--r--pm_block_user/pm_block_user.pages.inc66
2 files changed, 67 insertions, 17 deletions
diff --git a/pm_block_user/pm_block_user.module b/pm_block_user/pm_block_user.module
index b8c1e67..16a42d0 100755
--- a/pm_block_user/pm_block_user.module
+++ b/pm_block_user/pm_block_user.module
@@ -161,13 +161,29 @@ function _pm_block_user_access($account) {
if (!privatemsg_user_access('read privatemsg', $user)) {
return FALSE;
}
- if (_pm_block_user_rule_exists($account, $user, PM_BLOCK_USER_DISALLOW_BLOCKING)) {
+ // Allow to unblock users that are already blocked but the user is now not
+ // allowed to block anymore.
+ if (_pm_block_user_rule_exists($account, $user, PM_BLOCK_USER_DISALLOW_BLOCKING) && !pm_block_user_has_blocked($account, $user)) {
return FALSE;
}
return TRUE;
}
/**
+ * Checks if author is blocked by the recipient.
+ *
+ * @param $author
+ * The user that would send a message.
+ * @param $recipient
+ * The user that would receive the message.
+ * @return
+ * TRUE if the recipient has blocked the author.
+ */
+function pm_block_user_has_blocked($author, $recipient) {
+ return db_query('SELECT 1 FROM {pm_block_user} WHERE author = :author AND recipient = :recipient', array(':author' => $author->uid, ':recipient' => $recipient->uid))->fetchField();
+}
+
+/**
* Checks whether a rule exists for a given author, recipient and action.
*
* For example: if this is passed User A (who has the admin role), User B (who
diff --git a/pm_block_user/pm_block_user.pages.inc b/pm_block_user/pm_block_user.pages.inc
index 692ad04..fc49edb 100644
--- a/pm_block_user/pm_block_user.pages.inc
+++ b/pm_block_user/pm_block_user.pages.inc
@@ -25,11 +25,7 @@ function pm_block_user_form($form, $form_state, $author) {
'#type' => 'value',
'#value' => isset($_GET['destination']) ? $_GET['destination'] : 'messages/',
);
- $blocked = db_query('SELECT COUNT(recipient) FROM {pm_block_user} WHERE author = :author AND recipient = :recipient', array(
- ':author' => $author->uid,
- ':recipient' => $user->uid,
- ))->fetchField();
- if ($blocked) {
+ if (pm_block_user_has_blocked($author, $user)) {
$form['block_action'] = array(
'#type' => 'value',
'#value' => 'unblock_user',
@@ -37,7 +33,7 @@ function pm_block_user_form($form, $form_state, $author) {
return confirm_form($form,
t('You have previously blocked "@author" from sending you any more messages. Are you sure you want to unblock this user?', array('@author' => $author->name)),
isset($_GET['destination']) ? $_GET['destination'] : 'messages/',
- t('This action cannot be undone.'),
+ '',
t('Unblock @author', array('@author' => $author->name)),
t('Cancel')
);
@@ -99,10 +95,12 @@ function pm_block_user_list() {
'#title' => t('Username'),
'#autocomplete_path' => 'messages/user-name-autocomplete',
'#description' => t('Separate multiple names with commas.'),
+ '#required' => TRUE,
);
$form['new']['submit'] = array(
'#type' => 'submit',
'#value' => t('Block user'),
+ '#validate' => array('pm_block_user_block_validate'),
'#submit' => array('pm_block_user_block_submit'),
);
@@ -139,22 +137,58 @@ function pm_block_user_list() {
}
/**
- * Submit callback for block user form.
+ * Validate user names.
*/
-function pm_block_user_block_submit($form, &$form_state) {
+function pm_block_user_block_validate($form, &$form_state) {
global $user;
list($accounts, $invalid) = _privatemsg_parse_userstring($form_state['values']['name']);
+ // Remove acocunts that can not be blocked.
if (!empty($accounts)) {
- $insert = db_insert('pm_block_user')->fields(array('author', 'recipient'));
- foreach ($accounts as $account) {
- $insert->values(array(
- 'author' => $account->uid,
- 'recipient' => $user->uid,
- ));
- drupal_set_message(t('!author has been blocked from sending you any further messages.', array('!author' => theme('username', array('account' => $account)))));
+ foreach ($accounts as $id => $account) {
+ // Check if the user can not be blocked because of a rule.
+ if (_pm_block_user_rule_exists($account, $user, PM_BLOCK_USER_DISALLOW_BLOCKING)) {
+ drupal_set_message(t('You are not allowed to block !account.', array('!account' => theme('username', array('account' => $account)))), 'warning');
+ unset($accounts[$id]);
+ }
+ // Check if the user is already blocked.
+ if (pm_block_user_has_blocked($account, $user)) {
+ drupal_set_message(t('You have already blocked !account.', array('!account' => theme('username', array('account' => $account)))), 'warning');
+ unset($accounts[$id]);
+ }
+ // Do not allow users to block themself.
+ if ($user->uid == $account->uid) {
+ drupal_set_message(t('You can not block yourself.'), 'warning');
+ unset($accounts[$id]);
+ }
}
- $insert->execute();
}
+ // Display warning about invalid user names.
+ if (!empty($invalid)) {
+ drupal_set_message(t('The following users do not exist: @invalid.', array('@invalid' => implode(", ", $invalid))), 'warning');
+ }
+ // If there are no accounts left, display error.
+ if (empty($accounts)) {
+ form_set_error('name', t('You are either not allowed to block these users or the users do not exist.'));
+ }
+ else {
+ $form_state['valid_accounts'] = $accounts;
+ }
+}
+
+/**
+ * Submit callback for block user form.
+ */
+function pm_block_user_block_submit($form, &$form_state) {
+ global $user;
+ $insert = db_insert('pm_block_user')->fields(array('author', 'recipient'));
+ foreach ($form_state['valid_accounts'] as $account) {
+ $insert->values(array(
+ 'author' => $account->uid,
+ 'recipient' => $user->uid,
+ ));
+ drupal_set_message(t('!author has been blocked from sending you any further messages.', array('!author' => theme('username', array('account' => $account)))));
+ }
+ $insert->execute();
}
/**