summaryrefslogtreecommitdiff
path: root/modules/user
diff options
context:
space:
mode:
Diffstat (limited to 'modules/user')
-rw-r--r--modules/user/controllers/admin_users.php5
-rw-r--r--modules/user/controllers/logout.php11
-rw-r--r--modules/user/controllers/password.php4
-rw-r--r--modules/user/controllers/users.php1
-rw-r--r--modules/user/helpers/group.php1
-rw-r--r--modules/user/helpers/user.php18
-rw-r--r--modules/user/helpers/user_event.php8
-rw-r--r--modules/user/helpers/user_installer.php6
-rw-r--r--modules/user/helpers/user_menu.php28
-rw-r--r--modules/user/helpers/user_theme.php12
-rw-r--r--modules/user/models/group.php15
-rw-r--r--modules/user/models/user.php25
-rw-r--r--modules/user/module.info4
-rw-r--r--modules/user/views/admin_users.html.php4
-rw-r--r--modules/user/views/login.html.php4
-rw-r--r--modules/user/views/login_ajax.html.php2
16 files changed, 86 insertions, 62 deletions
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index b5dc6cb5..f87602b8 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -48,8 +48,9 @@ class Admin_Users_Controller extends Controller {
$desired_locale = $form->add_user->locale->value;
$user->locale = $desired_locale == "none" ? null : $desired_locale;
}
-
$user->save();
+ module::event("user_add_form_admin_completed", $user, $form);
+
message::success(t("Created user %user_name", array("user_name" => p::clean($user->name))));
print json_encode(array("result" => "success"));
} else {
@@ -128,6 +129,7 @@ class Admin_Users_Controller extends Controller {
$user->password = $form->edit_user->password->value;
}
$user->email = $form->edit_user->email->value;
+ $user->url = $form->edit_user->url->value;
if ($form->edit_user->locale) {
$desired_locale = $form->edit_user->locale->value;
$user->locale = $desired_locale == "none" ? null : $desired_locale;
@@ -138,6 +140,7 @@ class Admin_Users_Controller extends Controller {
$user->admin = $form->edit_user->admin->checked;
}
$user->save();
+ module::event("user_edit_form_admin_completed", $user, $form);
message::success(t("Changed user %user_name", array("user_name" => p::clean($user->name))));
print json_encode(array("result" => "success"));
diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php
index 63971789..099b1952 100644
--- a/modules/user/controllers/logout.php
+++ b/modules/user/controllers/logout.php
@@ -19,18 +19,19 @@
*/
class Logout_Controller extends Controller {
public function index() {
- access::verify_csrf();
+ //access::verify_csrf();
$user = user::active();
user::logout();
log::info("user", t("User %name logged out", array("name" => p::clean($user->name))),
html::anchor("user/$user->id", p::clean($user->name)));
- if ($this->input->get("continue")) {
- $item = url::get_item_from_uri($this->input->get("continue"));
+ if ($continue_url = $this->input->get("continue")) {
+ $item = url::get_item_from_uri($continue_url);
if (access::can("view", $item)) {
- url::redirect($this->input->get("continue"));
+ // Don't use url::redirect() because it'll call url::site() and munge the continue url.
+ header("Location: $continue_url");
} else {
- url::redirect("");
+ url::redirect("albums/1");
}
}
}
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index ed3b9736..7c432701 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -29,8 +29,6 @@ class Password_Controller extends Controller {
}
public function do_reset() {
- access::verify_csrf();
-
if (request::method() == "post") {
$this->_change_password();
} else {
@@ -74,7 +72,7 @@ class Password_Controller extends Controller {
log::success(
"user",
- t("Password reset email sent for user %name", array("name" => p::clean($user->name)));
+ t("Password reset email sent for user %name", array("name" => p::clean($user->name))));
} else {
// Don't include the username here until you're sure that it's XSS safe
log::warning(
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index 46f799c5..0bf2e81d 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -39,6 +39,7 @@ class Users_Controller extends REST_Controller {
$user->locale = $desired_locale == "none" ? null : $desired_locale;
}
$user->save();
+ module::event("user_edit_form_completed", $user, $form);
message::success(t("User information updated."));
print json_encode(
diff --git a/modules/user/helpers/group.php b/modules/user/helpers/group.php
index 1dace840..04e6efd6 100644
--- a/modules/user/helpers/group.php
+++ b/modules/user/helpers/group.php
@@ -39,7 +39,6 @@ class group_Core {
$group->name = $name;
$group->save();
- module::event("group_created", $group);
return $group;
}
diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php
index a59588f8..69a6ecb3 100644
--- a/modules/user/helpers/user.php
+++ b/modules/user/helpers/user.php
@@ -34,13 +34,16 @@ class user_Core {
->matches($group->password);
$group->input("email")->label(t("Email"))->id("gEmail")->value($user->email);
$group->input("url")->label(t("URL"))->id("gUrl")->value($user->url);
- $group->submit("")->value(t("Save"));
$form->add_rules_from($user);
+
+ module::event("user_edit_form", $user, $form);
+ $group->submit("")->value(t("Save"));
return $form;
}
static function get_edit_form_admin($user) {
- $form = new Forge("admin/users/edit_user/$user->id", "", "post", array("id" => "gEditUserForm"));
+ $form = new Forge(
+ "admin/users/edit_user/$user->id", "", "post", array("id" => "gEditUserForm"));
$group = $form->group("edit_user")->label(t("Edit User"));
$group->input("name")->label(t("Username"))->id("gUsername")->value($user->name);
$group->inputs["name"]->error_messages(
@@ -53,9 +56,11 @@ class user_Core {
$group->input("email")->label(t("Email"))->id("gEmail")->value($user->email);
$group->input("url")->label(t("URL"))->id("gUrl")->value($user->url);
$group->checkbox("admin")->label(t("Admin"))->id("gAdmin")->checked($user->admin);
- $group->submit("")->value(t("Modify User"));
$form->add_rules_from($user);
$form->edit_user->password->rules("-required");
+
+ module::event("user_edit_form_admin", $user, $form);
+ $group->submit("")->value(t("Modify User"));
return $form;
}
@@ -72,14 +77,16 @@ class user_Core {
$group->input("url")->label(t("URL"))->id("gUrl");
self::_add_locale_dropdown($group);
$group->checkbox("admin")->label(t("Admin"))->id("gAdmin");
- $group->submit("")->value(t("Add User"));
$user = ORM::factory("user");
$form->add_rules_from($user);
+
+ module::event("user_add_form_admin", $user, $form);
+ $group->submit("")->value(t("Add User"));
return $form;
}
private static function _add_locale_dropdown(&$form, $user=null) {
- $locales = locale::installed();
+ $locales = locales::installed();
if (count($locales) > 1) {
// Put "none" at the first position in the array
$locales = array_merge(array("" => t("« none »")), $locales);
@@ -202,7 +209,6 @@ class user_Core {
$user->add(group::registered_users());
$user->save();
- module::event("user_created", $user);
return $user;
}
diff --git a/modules/user/helpers/user_event.php b/modules/user/helpers/user_event.php
index 6515fbfb..4bde224b 100644
--- a/modules/user/helpers/user_event.php
+++ b/modules/user/helpers/user_event.php
@@ -30,4 +30,12 @@ class user_event_Core {
I18n::instance()->locale($locale);
}
}
+
+ static function admin_menu($menu, $theme) {
+ $menu->add_after("appearance_menu",
+ Menu::factory("link")
+ ->id("users_groups")
+ ->label(t("Users/Groups"))
+ ->url(url::site("admin/users")));
+ }
}
diff --git a/modules/user/helpers/user_installer.php b/modules/user/helpers/user_installer.php
index 1959d038..8ef4f13d 100644
--- a/modules/user/helpers/user_installer.php
+++ b/modules/user/helpers/user_installer.php
@@ -36,7 +36,7 @@ class user_installer {
PRIMARY KEY (`id`),
UNIQUE KEY(`hash`),
UNIQUE KEY(`name`))
- ENGINE=InnoDB DEFAULT CHARSET=utf8;");
+ DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups} (
`id` int(9) NOT NULL auto_increment,
@@ -44,14 +44,14 @@ class user_installer {
`special` BOOLEAN default 0,
PRIMARY KEY (`id`),
UNIQUE KEY(`name`))
- ENGINE=InnoDB DEFAULT CHARSET=utf8;");
+ DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups_users} (
`group_id` int(9) NOT NULL,
`user_id` int(9) NOT NULL,
PRIMARY KEY (`group_id`, `user_id`),
UNIQUE KEY(`user_id`, `group_id`))
- ENGINE=InnoDB DEFAULT CHARSET=utf8;");
+ DEFAULT CHARSET=utf8;");
$everybody = group::create("Everybody");
$everybody->special = true;
diff --git a/modules/user/helpers/user_menu.php b/modules/user/helpers/user_menu.php
deleted file mode 100644
index 05e401f9..00000000
--- a/modules/user/helpers/user_menu.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php defined("SYSPATH") or die("No direct script access.");
-/**
- * Gallery - a web based photo album viewer and editor
- * Copyright (C) 2000-2009 Bharat Mediratta
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at
- * your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
- */
-class user_menu_Core {
- static function admin($menu, $theme) {
- $menu->add_after("appearance_menu",
- Menu::factory("link")
- ->id("users_groups")
- ->label(t("Users/Groups"))
- ->url(url::site("admin/users")));
- }
-}
diff --git a/modules/user/helpers/user_theme.php b/modules/user/helpers/user_theme.php
index ad9d4c63..8de2d248 100644
--- a/modules/user/helpers/user_theme.php
+++ b/modules/user/helpers/user_theme.php
@@ -19,14 +19,10 @@
*/
class user_theme_Core {
static function header_top($theme) {
- $view = new View("login.html");
- $view->user = user::active();
- return $view->render();
- }
-
- static function admin_head($theme) {
- if (strpos(Router::$current_uri, "admin/users") !== false) {
- $theme->script("lib/gallery.panel.js");
+ if ($theme->page_type != "login") {
+ $view = new View("login.html");
+ $view->user = user::active();
+ return $view->render();
}
}
}
diff --git a/modules/user/models/group.php b/modules/user/models/group.php
index 45948887..8af78012 100644
--- a/modules/user/models/group.php
+++ b/modules/user/models/group.php
@@ -27,7 +27,22 @@ class Group_Model extends ORM {
* @see ORM::delete()
*/
public function delete($id=null) {
+ $old = clone $this;
module::event("group_before_delete", $this);
parent::delete($id);
+ module::event("group_deleted", $old);
+ }
+
+ public function save() {
+ if (!$this->loaded) {
+ $created = 1;
+ }
+ parent::save();
+ if (isset($created)) {
+ module::event("group_created", $this);
+ } else {
+ module::event("group_updated", $this->original(), $this);
+ }
+ return $this;
}
} \ No newline at end of file
diff --git a/modules/user/models/user.php b/modules/user/models/user.php
index b447892e..55562f34 100644
--- a/modules/user/models/user.php
+++ b/modules/user/models/user.php
@@ -25,6 +25,7 @@ class User_Model extends ORM {
"full_name" => "length[0,255]",
"email" => "valid_email|length[1,255]",
"password" => "length[1,40]",
+ "url" => "valid_url",
"locale" => "length[2,10]");
public function __set($column, $value) {
@@ -44,8 +45,10 @@ class User_Model extends ORM {
* @see ORM::delete()
*/
public function delete($id=null) {
+ $old = clone $this;
module::event("user_before_delete", $this);
parent::delete($id);
+ module::event("user_deleted", $old);
}
/**
@@ -57,4 +60,26 @@ class User_Model extends ORM {
return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
}
+
+ public function save() {
+ if (!$this->loaded) {
+ $created = 1;
+ }
+ parent::save();
+ if (isset($created)) {
+ module::event("user_created", $this);
+ } else {
+ module::event("user_updated", $this->original(), $this);
+ }
+ return $this;
+ }
+
+ /**
+ * Return the best version of the user's name. Either their specified full name, or fall back
+ * to the user name.
+ * @return string
+ */
+ public function display_name() {
+ return empty($this->full_name) ? $this->name : $this->full_name;
+ }
} \ No newline at end of file
diff --git a/modules/user/module.info b/modules/user/module.info
index 2dba517d..8a9af407 100644
--- a/modules/user/module.info
+++ b/modules/user/module.info
@@ -1,3 +1,3 @@
-name = Users and Groups
-description = Provides user and group management
+name = "Users and Groups"
+description = "Provides user and group management"
version = 1
diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php
index b469f82d..9bd4c068 100644
--- a/modules/user/views/admin_users.html.php
+++ b/modules/user/views/admin_users.html.php
@@ -28,7 +28,7 @@
{},
function(data) {
$("#group-" + group_id).html(data);
- $("#group-" + group_id + " .gDialogLink").bind("click", handleDialogEvent);
+ $("#group-" + group_id + " .gDialogLink").gallery_dialog();
});
}
@@ -66,7 +66,7 @@
<? foreach ($users as $i => $user): ?>
<tr id="gUser-<?= $user->id ?>" class="<?= text::alternate("gOddRow", "gEvenRow") ?> user <?= $user->admin ? "admin" : "" ?>">
<td id="user-<?= $user->id ?>" class="core-info gDraggable">
- <img src="<?= $user->avatar_url(20, $theme->theme_url("images/avatar.jpg", true)) ?>"
+ <img src="<?= $user->avatar_url(20, $theme->url("images/avatar.jpg", true)) ?>"
title="<?= t("Drag user onto group below to add as a new member") ?>"
alt="<?= p::clean($user->name) ?>"
width="20"
diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php
index 7617d131..10ed31b2 100644
--- a/modules/user/views/login.html.php
+++ b/modules/user/views/login.html.php
@@ -12,10 +12,10 @@
'<a href="' . url::site("form/edit/users/{$user->id}") .
'" title="' . t("Edit Your Profile") .
'" id="gUserProfileLink" class="gDialogLink">' .
- p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?>
+ p::clean($user->display_name()) . '</a>')) ?>
</li>
<li>
- <a href="<?= url::site("logout?csrf=$csrf&continue=" . url::current(true)) ?>"
+ <a href="<?= url::site("logout?csrf=$csrf&amp;continue=" . urlencode(url::current(true))) ?>"
id="gLogoutLink"><?= t("Logout") ?></a>
</li>
<? endif ?>
diff --git a/modules/user/views/login_ajax.html.php b/modules/user/views/login_ajax.html.php
index 56a6f111..d697c958 100644
--- a/modules/user/views/login_ajax.html.php
+++ b/modules/user/views/login_ajax.html.php
@@ -38,7 +38,7 @@
</div>
</li>
<li>
- <a href="#" id="gForgotPasswordLink"><?= t("Forgot your Password?") ?></a>
+ <a href="#" id="gForgotPasswordLink"><?= t("Forgot Your Password?") ?></a>
</li>
</ul>
</div>
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-16 14:24:54 +0000