diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index 9e2c875..9f3a501 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -3194,3 +3194,30 @@ function _drupal_shutdown_function() { } } } + +/** + * Forms an associative array from a linear array. + * + * This function walks through the provided array and constructs an associative + * array out of it. The keys of the resulting array will be the values of the + * input array. The values will be the same as the keys unless a function is + * specified, in which case the output of the function is used for the values + * instead. + * + * @param $array + * A linear array. + * @param $function + * A name of a function to apply to all values before output. + * + * @return + * An associative array. + */ +function drupal_map_assoc($array, $function = NULL) { + // array_combine() fails with empty arrays: + // http://bugs.php.net/bug.php?id=34857. + $array = !empty($array) ? array_combine($array, $array) : array(); + if (is_callable($function)) { + $array = array_map($function, $array); + } + return $array; +} diff --git a/core/includes/common.inc b/core/includes/common.inc index 5ff6167..9979a39 100644 --- a/core/includes/common.inc +++ b/core/includes/common.inc @@ -2704,33 +2704,6 @@ function drupal_exit($destination = NULL) { } /** - * Forms an associative array from a linear array. - * - * This function walks through the provided array and constructs an associative - * array out of it. The keys of the resulting array will be the values of the - * input array. The values will be the same as the keys unless a function is - * specified, in which case the output of the function is used for the values - * instead. - * - * @param $array - * A linear array. - * @param $function - * A name of a function to apply to all values before output. - * - * @return - * An associative array. - */ -function drupal_map_assoc($array, $function = NULL) { - // array_combine() fails with empty arrays: - // http://bugs.php.net/bug.php?id=34857. - $array = !empty($array) ? array_combine($array, $array) : array(); - if (is_callable($function)) { - $array = array_map($function, $array); - } - return $array; -} - -/** * Attempts to set the PHP maximum execution time. * * This function is a wrapper around the PHP function set_time_limit(). diff --git a/core/includes/install.core.inc b/core/includes/install.core.inc index 07e25a0..d41d182 100644 --- a/core/includes/install.core.inc +++ b/core/includes/install.core.inc @@ -1905,8 +1905,13 @@ function install_configure_form_submit($form, &$form_state) { // We precreated user 1 with placeholder values. Let's save the real values. $account = user_load(1); - $merge_data = array('init' => $form_state['values']['account']['mail'], 'roles' => !empty($account->roles) ? $account->roles : array(), 'status' => 1, 'timezone' => $form_state['values']['date_default_timezone']); - user_save($account, array_merge($form_state['values']['account'], $merge_data)); + $account->init = $account->mail = $form_state['values']['account']['mail']; + $account->roles = !empty($account->roles) ? $account->roles : array(); + $account->status = 1; + $account->timezone = $form_state['values']['date_default_timezone']; + $account->pass = $form_state['values']['account']['pass']; + $account->name = $form_state['values']['account']['name']; + $account->save(); // Load global $user and perform final login tasks. $user = user_load(1); user_login_finalize(); diff --git a/core/modules/block/block.module b/core/modules/block/block.module index 25bd3b1..a541409 100644 --- a/core/modules/block/block.module +++ b/core/modules/block/block.module @@ -628,9 +628,9 @@ function block_form_user_profile_form_alter(&$form, &$form_state) { /** * Implements hook_user_presave(). */ -function block_user_presave(&$edit, $account) { - if (isset($edit['block'])) { - $edit['data']['block'] = $edit['block']; +function block_user_presave($account) { + if (isset($account->block)) { + $account->data['block'] = $account->block; } } diff --git a/core/modules/block/block.test b/core/modules/block/block.test index 4af6240..4642da2 100644 --- a/core/modules/block/block.test +++ b/core/modules/block/block.test @@ -542,8 +542,8 @@ class BlockCacheTestCase extends DrupalWebTestCase { $this->normal_user_alt = $this->drupalCreateUser(); // Sync the roles, since drupalCreateUser() creates separate roles for // the same permission sets. - user_save($this->normal_user_alt, array('roles' => $this->normal_user->roles)); $this->normal_user_alt->roles = $this->normal_user->roles; + $this->normal_user_alt->save(); // Enable our test block. $edit['blocks[block_test_test_cache][region]'] = 'sidebar_first'; diff --git a/core/modules/contact/contact.module b/core/modules/contact/contact.module index 89ce0bc..c695c7e 100644 --- a/core/modules/contact/contact.module +++ b/core/modules/contact/contact.module @@ -233,8 +233,8 @@ function contact_form_user_profile_form_alter(&$form, &$form_state) { /** * Implements hook_user_presave(). */ -function contact_user_presave(&$edit, $account) { - $edit['data']['contact'] = isset($edit['contact']) ? $edit['contact'] : variable_get('contact_default_status', 1); +function contact_user_presave($account) { + $account->data['contact'] = isset($account->contact) ? $account->contact : variable_get('contact_default_status', 1); } /** diff --git a/core/modules/contact/contact.test b/core/modules/contact/contact.test index d7f26ac..490d8f8 100644 --- a/core/modules/contact/contact.test +++ b/core/modules/contact/contact.test @@ -374,7 +374,8 @@ class ContactPersonalTestCase extends DrupalWebTestCase { // Re-create our contacted user as a blocked user. $this->contact_user = $this->drupalCreateUser(); - user_save($this->contact_user, array('status' => 0)); + $this->contact_user->status = 0; + $this->contact_user->save(); // Test that blocked users can still be contacted by admin. $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); diff --git a/core/modules/entity/entity.class.inc b/core/modules/entity/entity.class.inc index 7ffd496..b9c9947 100644 --- a/core/modules/entity/entity.class.inc +++ b/core/modules/entity/entity.class.inc @@ -189,7 +189,11 @@ class Entity implements EntityInterface { * Sets up the object instance on construction or unserialization. */ protected function setUp() { - $this->entityInfo = entity_get_info($this->entityType); + // @todo: entity_get_info() is not yet defined if this function is called + // too early. This happens e.g. when saving entities with variable_set(). + if (function_exists('entity_get_info')) { + $this->entityInfo = entity_get_info($this->entityType); + } $this->idKey = $this->entityInfo['entity keys']['id']; $this->bundleKey = isset($this->entityInfo['entity keys']['bundle']) ? $this->entityInfo['entity keys']['bundle'] : NULL; } diff --git a/core/modules/entity/tests/entity_crud_hook_test.test b/core/modules/entity/tests/entity_crud_hook_test.test index be59e99..f582c74 100644 --- a/core/modules/entity/tests/entity_crud_hook_test.test +++ b/core/modules/entity/tests/entity_crud_hook_test.test @@ -356,16 +356,15 @@ class EntityCrudHookTestCase extends DrupalWebTestCase { * Tests hook invocations for CRUD operations on users. */ public function testUserHooks() { - $edit = array( + $account = entity_create('user', array( 'name' => 'Test user', 'mail' => 'test@example.com', 'created' => REQUEST_TIME, 'status' => 1, 'language' => 'en', - ); - $account = (object) $edit; + )); $_SESSION['entity_crud_hook_test'] = array(); - $account = user_save($account, $edit); + $account->save(); $this->assertHookMessageOrder(array( 'entity_crud_hook_test_user_presave called', @@ -375,7 +374,7 @@ class EntityCrudHookTestCase extends DrupalWebTestCase { )); $_SESSION['entity_crud_hook_test'] = array(); - $account = user_load($account->uid); + user_load($account->uid); $this->assertHookMessageOrder(array( 'entity_crud_hook_test_entity_load called for type user', @@ -383,8 +382,8 @@ class EntityCrudHookTestCase extends DrupalWebTestCase { )); $_SESSION['entity_crud_hook_test'] = array(); - $edit['name'] = 'New name'; - $account = user_save($account, $edit); + $account->name = 'New name'; + $account->save(); $this->assertHookMessageOrder(array( 'entity_crud_hook_test_user_presave called', diff --git a/core/modules/file/tests/file.test b/core/modules/file/tests/file.test index 05083fc..92b7ef3 100644 --- a/core/modules/file/tests/file.test +++ b/core/modules/file/tests/file.test @@ -709,9 +709,8 @@ class FileFieldRevisionTestCase extends FileFieldTestCase { // Attach the second file to a user. $user = $this->drupalCreateUser(); - $edit = (array) $user; - $edit[$field_name][LANGUAGE_NOT_SPECIFIED][0] = (array) $node_file_r3; - user_save($user, $edit); + $user->{$field_name}[LANGUAGE_NOT_SPECIFIED][0] = (array) $node_file_r3; + $user->save(); $this->drupalGet('user/' . $user->uid . '/edit'); // Delete the third revision and check that the file is not deleted yet. diff --git a/core/modules/openid/openid.module b/core/modules/openid/openid.module index a3df38f..244eaa7 100644 --- a/core/modules/openid/openid.module +++ b/core/modules/openid/openid.module @@ -83,15 +83,15 @@ function openid_help($path, $arg) { /** * Implements hook_user_insert(). */ -function openid_user_insert(&$edit, $account) { - if (!empty($edit['openid_claimed_id'])) { +function openid_user_insert($account) { + if (!empty($account->openid_claimed_id)) { // The user has registered after trying to log in via OpenID. if (variable_get('user_email_verification', TRUE)) { drupal_set_message(t('Once you have verified your e-mail address, you may log in via OpenID.')); } - user_set_authmaps($account, array('authname_openid' => $edit['openid_claimed_id'])); + user_set_authmaps($account, array('authname_openid' => $account->openid_claimed_id)); unset($_SESSION['openid']); - unset($edit['openid_claimed_id']); + unset($account->openid_claimed_id); } } @@ -100,7 +100,7 @@ function openid_user_insert(&$edit, $account) { * * Save openid_identifier to visitor cookie. */ -function openid_user_login(&$edit, $account) { +function openid_user_login(&$form_state, $account) { if (isset($_SESSION['openid'])) { // The user has logged in via OpenID. user_cookie_save(array_intersect_key($_SESSION['openid']['user_login_values'], array_flip(array('openid_identifier')))); diff --git a/core/modules/openid/openid.test b/core/modules/openid/openid.test index 7a4c9cf..f68801a 100644 --- a/core/modules/openid/openid.test +++ b/core/modules/openid/openid.test @@ -189,9 +189,9 @@ class OpenIDFunctionalTestCase extends OpenIDWebTestCase { $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE)); $this->addIdentity($identity); $response = variable_get('openid_test_hook_openid_response_response'); - $account = variable_get('openid_test_hook_openid_response_account'); + $account_uid = variable_get('openid_test_hook_openid_response_account'); $this->assertEqual($response['openid.claimed_id'], $identity, t('hook_openid_response() was invoked.')); - $this->assertEqual($account->uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().')); + $this->assertEqual($account_uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().')); $this->drupalLogout(); @@ -201,9 +201,9 @@ class OpenIDFunctionalTestCase extends OpenIDWebTestCase { $this->submitLoginForm($identity); $this->assertLink(t('Log out'), 0, t('User was logged in.')); $response = variable_get('openid_test_hook_openid_response_response'); - $account = variable_get('openid_test_hook_openid_response_account'); + $account_uid = variable_get('openid_test_hook_openid_response_account'); $this->assertEqual($response['openid.claimed_id'], $identity, t('hook_openid_response() was invoked.')); - $this->assertEqual($account->uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().')); + $this->assertEqual($account_uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().')); $this->drupalLogout(); diff --git a/core/modules/openid/tests/openid_test.module b/core/modules/openid/tests/openid_test.module index 5bd2f4d..0db8a05 100644 --- a/core/modules/openid/tests/openid_test.module +++ b/core/modules/openid/tests/openid_test.module @@ -378,5 +378,5 @@ function openid_test_openid_request_alter(&$request, $service) { */ function openid_test_openid_response($response, $account) { variable_set('openid_test_hook_openid_response_response', $response); - variable_set('openid_test_hook_openid_response_account', $account ? $account : FALSE); + variable_set('openid_test_hook_openid_response_account', $account ? $account->uid : FALSE); } diff --git a/core/modules/overlay/overlay.module b/core/modules/overlay/overlay.module index 58dcbab..f62cf57 100644 --- a/core/modules/overlay/overlay.module +++ b/core/modules/overlay/overlay.module @@ -102,9 +102,9 @@ function overlay_form_user_profile_form_alter(&$form, &$form_state) { /** * Implements hook_user_presave(). */ -function overlay_user_presave(&$edit, $account) { - if (isset($edit['overlay'])) { - $edit['data']['overlay'] = $edit['overlay']; +function overlay_user_presave($account) { + if (isset($account->overlay)) { + $account->data['overlay'] = $account->overlay; } } @@ -311,7 +311,9 @@ function overlay_user_dismiss_message() { return MENU_ACCESS_DENIED; } else { - user_save(user_load($user->uid), array('data' => array('overlay_message_dismissed' => 1))); + $account = user_load($user->uid); + $account->data['overlay_message_dismissed'] = 1; + $account->save(); drupal_set_message(t('The message has been dismissed. You can change your overlay settings at any time by visiting your profile page.')); // Destination is normally given. Go to the user profile as a fallback. drupal_goto('user/' . $user->uid . '/edit'); diff --git a/core/modules/simpletest/drupal_web_test_case.php b/core/modules/simpletest/drupal_web_test_case.php index 7163739..c6f0c92 100644 --- a/core/modules/simpletest/drupal_web_test_case.php +++ b/core/modules/simpletest/drupal_web_test_case.php @@ -1126,7 +1126,8 @@ class DrupalWebTestCase extends DrupalTestCase { $edit['roles'] = array($rid => $rid); } - $account = user_save(drupal_anonymous_user(), $edit); + $account = entity_create('user', $edit); + $account->save(); $this->assertTrue(!empty($account->uid), t('User created with name %name and pass %pass', array('%name' => $edit['name'], '%pass' => $edit['pass'])), t('User login')); if (empty($account->uid)) { @@ -1230,7 +1231,7 @@ class DrupalWebTestCase extends DrupalTestCase { * * @see drupalCreateUser() */ - protected function drupalLogin(stdClass $user) { + protected function drupalLogin($user) { if ($this->loggedInUser) { $this->drupalLogout(); } diff --git a/core/modules/simpletest/tests/session.test b/core/modules/simpletest/tests/session.test index 6303ca5..bc17bae 100644 --- a/core/modules/simpletest/tests/session.test +++ b/core/modules/simpletest/tests/session.test @@ -41,8 +41,8 @@ class SessionTestCase extends DrupalWebTestCase { // Verify that the session is regenerated if a module calls exit // in hook_user_login(). - user_save($user, array('name' => 'session_test_user')); $user->name = 'session_test_user'; + $user->save(); $this->drupalGet('session-test/id'); $matches = array(); preg_match('/\s*session_id:(.*)\n/', $this->drupalGetContent(), $matches); diff --git a/core/modules/system/system.module b/core/modules/system/system.module index 82013ce..33505a1 100644 --- a/core/modules/system/system.module +++ b/core/modules/system/system.module @@ -2011,7 +2011,7 @@ function system_form_user_register_form_alter(&$form, &$form_state) { /** * Implements hook_user_insert(). */ -function system_user_presave(&$edit, $account) { +function system_user_presave($account) { if (variable_get('configurable_timezones', 1) && empty($account->timezone) && !variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT)) { $account->timezone = variable_get('date_default_timezone', ''); } @@ -2021,7 +2021,7 @@ function system_user_presave(&$edit, $account) { /** * Implements hook_user_login(). */ -function system_user_login(&$edit, $account) { +function system_user_login(&$form_state, $account) { // If the user has a NULL time zone, notify them to set a time zone. if (!$account->timezone && variable_get('configurable_timezones', 1) && variable_get('empty_timezone_message', 0)) { drupal_set_message(t('Configure your account time zone setting.', array('@user-edit' => url("user/$account->uid/edit", array('query' => drupal_get_destination(), 'fragment' => 'edit-timezone'))))); diff --git a/core/modules/user/user.entity.inc b/core/modules/user/user.entity.inc index 5549c77..a7b8b48 100644 --- a/core/modules/user/user.entity.inc +++ b/core/modules/user/user.entity.inc @@ -5,13 +5,157 @@ */ /** + * Defines the user entity class. + */ +class User extends Entity { + + /** + * The user ID. + * + * @var integer + */ + public $uid; + + /** + * The unique user name. + * + * @var string + */ + public $name = ''; + + /** + * The user's password (hashed). + * + * @var string + */ + public $pass; + + /** + * The user's email address. + * + * @var string + */ + public $mail = ''; + + /** + * The user's default theme. + * + * @var string + */ + public $theme; + + /** + * The user's signature. + * + * @var string + */ + public $signature; + + /** + * The user's signature format. + * + * @var string + */ + public $signature_format; + + /** + * The timestamp when the user was created. + * + * @var integer + */ + public $created; + + /** + * The timestamp when the user last accessed the site. + * + * @var integer + */ + public $access; + + /** + * The timestamp when the user last logged in. + * + * @var integer + */ + public $login; + + /** + * Whether the user is active(1) or blocked(0). + * + * @var integer + */ + public $status = 0; + + /** + * The user's timezone. + * + * @var string + */ + public $timezone; + + /** + * The user's langcode. + * + * @var string + */ + public $langcode = LANGUAGE_NOT_SPECIFIED; + + /** + * The langcode that the user prefers for receiving emails and viewing the + * site. + * + * @var string + */ + public $preferred_langcode = LANGUAGE_NOT_SPECIFIED; + + /** + * The fid of the user's picture. + * + * @var integer + */ + public $picture = 0; + + /** + * The email address used for initial account creation. + * + * @var string + */ + public $init = ''; + + /** + * The user's roles. + * + * @var array + */ + public $roles = array(); + + /** + * Overrides Entity::__construct(). + */ + public function __construct(array $values = array(), $entity_type = NULL) { + parent::__construct($values, 'user'); + + // Allow 'created' to be set by the caller. + if (!isset($this->created)) { + $this->created = REQUEST_TIME; + } + + // Users always have the authenticated user role. + $this->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user'; + } +} + +/** * Controller class for users. * - * This extends the DrupalDefaultEntityController class, adding required + * This extends the EntityDatabaseStorageController class, adding required * special handling for user objects. */ -class UserController extends DrupalDefaultEntityController { +class UserStorageController extends EntityDatabaseStorageController { + /** + * Overrides EntityDatabaseStorageController::attachLoad(). + */ function attachLoad(&$queried_users, $revision_id = FALSE) { // Build an array of user picture IDs so that these can be fetched later. $picture_fids = array(); @@ -36,12 +180,9 @@ class UserController extends DrupalDefaultEntityController { // Add the full file objects for user pictures if enabled. if (!empty($picture_fids) && variable_get('user_pictures', 1) == 1) { $pictures = file_load_multiple($picture_fids); - foreach ($queried_users as $account) { - if (!empty($account->picture) && isset($pictures[$account->picture])) { - $account->picture = $pictures[$account->picture]; - } - else { - $account->picture = NULL; + foreach ($queried_users as $entity) { + if (!empty($entity->picture) && isset($pictures[$entity->picture])) { + $entity->picture = $pictures[$entity->picture]; } } } @@ -49,4 +190,153 @@ class UserController extends DrupalDefaultEntityController { // hook_user_load(). parent::attachLoad($queried_users, $revision_id); } + + /** + * Overrides EntityDatabaseStorageController::save(). + */ + public function save(EntityInterface $entity) { + $entity->is_new = $entity->isNew(); + if (empty($entity->uid)) { + $entity->uid = db_next_id(db_query('SELECT MAX(uid) FROM {users}')->fetchField()); + } + parent::save($entity); + } + + /** + * Overrides EntityDatabaseStorageController::preSave(). + */ + protected function preSave(EntityInterface $entity) { + // Update the user password if it has changed. + if ($entity->isNew() || (!empty($entity->pass) && $entity->pass != $entity->original->pass)) { + // Allow alternate password hashing schemes. + require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'core/includes/password.inc'); + $entity->pass = user_hash_password(trim($entity->pass)); + // Abort if the hashing failed and returned FALSE. + if (!$entity->pass) { + throw new EntityMalformedException("The entity doesn't have a password"); + } + } + + if (!empty($entity->picture_upload)) { + $entity->picture = $entity->picture_upload; + } + // Delete picture if requested, and if no replacement picture was given. + elseif (!empty($entity->picture_delete)) { + $entity->picture = NULL; + file_usage_delete($entity->original->picture, 'user', 'user', $entity->uid); + file_delete($entity->original->picture); + } + + if (!$entity->isNew()) { + // Process picture uploads. + if (!empty($entity->picture->fid) && (!isset($entity->original->picture->fid) || $entity->picture->fid != $entity->original->picture->fid)) { + $picture = $entity->picture; + // If the picture is a temporary file move it to its final location and + // make it permanent. + if (!$picture->status) { + $info = image_get_info($picture->uri); + $picture_directory = file_default_scheme() . '://' . variable_get('user_picture_path', 'pictures'); + + // Prepare the pictures directory. + file_prepare_directory($picture_directory, FILE_CREATE_DIRECTORY); + $destination = file_stream_wrapper_uri_normalize($picture_directory . '/picture-' . $entity->uid . '-' . REQUEST_TIME . '.' . $info['extension']); + + // Move the temporary file into the final location. + if ($picture = file_move($picture, $destination, FILE_EXISTS_RENAME)) { + $picture->status = FILE_STATUS_PERMANENT; + $entity->picture = file_save($picture); + file_usage_add($picture, 'user', 'user', $entity->uid); + } + } + // Delete the previous picture if it was deleted or replaced. + if (!empty($entity->original->picture->fid)) { + file_usage_delete($entity->original->picture, 'user', 'user', $entity->uid); + file_delete($entity->original->picture); + } + } + $entity->picture = empty($entity->picture->fid) ? NULL : $entity->picture->fid; + + // If the password is empty, leave unchanged from original password. + if (empty($entity->pass)) { + $entity->pass = $entity->original->pass; + } + } + + // Prepare user roles. + if (isset($entity->roles)) { + $entity->roles = array_filter($entity->roles); + } + + // Move account cancellation information into $user->data. + foreach (array('user_cancel_method', 'user_cancel_notify') as $key) { + if (isset($entity->{$key})) { + $entity->data[$key] = $entity->{$key}; + } + } + } + + /** + * Overrides EntityDatabaseStorageController::postSave(). + */ + protected function postSave(EntityInterface $entity, $update) { + + if (!$entity->isNew()) { + // If the password changed, delete all open sessions and recreate + // the current one. + if ($entity->pass != $entity->original->pass) { + drupal_session_destroy_uid($entity->uid); + if ($entity->uid == $GLOBALS['user']->uid) { + drupal_session_regenerate(); + } + } + + // Remove not enabled roles. + $entity->roles = array_filter($entity->roles); + + // Reload user roles if provided. + if ($entity->roles != $entity->original->roles) { + db_delete('users_roles') + ->condition('uid', $entity->uid) + ->execute(); + + $query = db_insert('users_roles')->fields(array('uid', 'rid')); + foreach (array_keys($entity->roles) as $rid) { + if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { + $query->values(array( + 'uid' => $entity->uid, + 'rid' => $rid, + )); + } + } + $query->execute(); + } + + // Delete a blocked user's sessions to kick them if they are online. + if ($entity->original->status != $entity->status && $entity->status == 0) { + drupal_session_destroy_uid($entity->uid); + } + + // Send emails after we have the new user object. + if ($entity->status != $entity->original->status) { + // The user's status is changing; conditionally send notification email. + $op = $entity->status == 1 ? 'status_activated' : 'status_blocked'; + _user_mail_notify($op, $entity); + } + } + else { + // Save user roles. + if (count($entity->roles) > 1) { + $query = db_insert('users_roles')->fields(array('uid', 'rid')); + foreach (array_keys($entity->roles) as $rid) { + if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { + $query->values(array( + 'uid' => $entity->uid, + 'rid' => $rid, + )); + } + } + $query->execute(); + } + } + } } diff --git a/core/modules/user/user.module b/core/modules/user/user.module index 865f17b..7accf8b 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -145,7 +145,7 @@ function user_theme() { * Implements hook_entity_info(). */ function user_entity_info() { - $return = array( + return array( 'user' => array( 'label' => t('User'), 'controller class' => 'UserController', @@ -153,6 +153,7 @@ function user_entity_info() { 'uri callback' => 'user_uri', 'label callback' => 'user_label', 'fieldable' => TRUE, + 'entity class' => 'User', 'entity keys' => array( 'id' => 'uid', ), @@ -173,7 +174,6 @@ function user_entity_info() { ), ), ); - return $return; } /** @@ -360,224 +360,6 @@ function user_load_by_name($name) { } /** - * Save changes to a user account or add a new user. - * - * @param $account - * (optional) The user object to modify or add. If you want to modify - * an existing user account, you will need to ensure that (a) $account - * is an object, and (b) you have set $account->uid to the numeric - * user ID of the user account you wish to modify. If you - * want to create a new user account, you can set $account->is_new to - * TRUE or omit the $account->uid field. - * @param $edit - * An array of fields and values to save. For example array('name' - * => 'My name'). Key / value pairs added to the $edit['data'] will be - * serialized and saved in the {users.data} column. - * - * @return - * A fully-loaded $user object upon successful save or FALSE if the save failed. - * - * @todo D8: Drop $edit and fix user_save() to be consistent with others. - */ -function user_save($account, $edit = array()) { - $transaction = db_transaction(); - try { - if (!empty($edit['pass'])) { - // Allow alternate password hashing schemes. - require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'core/includes/password.inc'); - $edit['pass'] = user_hash_password(trim($edit['pass'])); - // Abort if the hashing failed and returned FALSE. - if (!$edit['pass']) { - return FALSE; - } - } - else { - // Avoid overwriting an existing password with a blank password. - unset($edit['pass']); - } - - // Load the stored entity, if any. - if (!empty($account->uid) && !isset($account->original)) { - $account->original = entity_load_unchanged('user', $account->uid); - } - - if (empty($account)) { - $account = new stdClass(); - } - if (!isset($account->is_new)) { - $account->is_new = empty($account->uid); - } - // Prepopulate $edit['data'] with the current value of $account->data. - // Modules can add to or remove from this array in hook_user_presave(). - if (!empty($account->data)) { - $edit['data'] = !empty($edit['data']) ? array_merge($account->data, $edit['data']) : $account->data; - } - - // Invoke hook_user_presave() for all modules. - user_module_invoke('presave', $edit, $account); - - // Invoke presave operations of Field Attach API and Entity API. Those APIs - // require a fully-fledged and updated entity object. Therefore, we need to - // copy any new property values of $edit into it. - foreach ($edit as $key => $value) { - $account->$key = $value; - } - // Default the user entity language to the user's preferred language. - if (!isset($account->langcode) && isset($account->preferred_langcode)) { - $account->langcode = $account->preferred_langcode; - } - field_attach_presave('user', $account); - module_invoke_all('entity_presave', $account, 'user'); - - if (is_object($account) && !$account->is_new) { - // Process picture uploads. - if (!empty($account->picture->fid) && (!isset($account->original->picture->fid) || $account->picture->fid != $account->original->picture->fid)) { - $picture = $account->picture; - // If the picture is a temporary file move it to its final location and - // make it permanent. - if (!$picture->status) { - $info = image_get_info($picture->uri); - $picture_directory = file_default_scheme() . '://' . variable_get('user_picture_path', 'pictures'); - - // Prepare the pictures directory. - file_prepare_directory($picture_directory, FILE_CREATE_DIRECTORY); - $destination = file_stream_wrapper_uri_normalize($picture_directory . '/picture-' . $account->uid . '-' . REQUEST_TIME . '.' . $info['extension']); - - // Move the temporary file into the final location. - if ($picture = file_move($picture, $destination, FILE_EXISTS_RENAME)) { - $picture->status = FILE_STATUS_PERMANENT; - $account->picture = file_save($picture); - file_usage_add($picture, 'user', 'user', $account->uid); - } - } - // Delete the previous picture if it was deleted or replaced. - if (!empty($account->original->picture->fid)) { - file_usage_delete($account->original->picture, 'user', 'user', $account->uid); - file_delete($account->original->picture); - } - } - elseif (isset($edit['picture_delete']) && $edit['picture_delete']) { - file_usage_delete($account->original->picture, 'user', 'user', $account->uid); - file_delete($account->original->picture); - } - $account->picture = empty($account->picture->fid) ? 0 : $account->picture->fid; - - // Do not allow 'uid' to be changed. - $account->uid = $account->original->uid; - // Save changes to the user table. - $success = drupal_write_record('users', $account, 'uid'); - if ($success === FALSE) { - // The query failed - better to abort the save than risk further - // data loss. - return FALSE; - } - - // Reload user roles if provided. - if ($account->roles != $account->original->roles) { - db_delete('users_roles') - ->condition('uid', $account->uid) - ->execute(); - - $query = db_insert('users_roles')->fields(array('uid', 'rid')); - foreach (array_keys($account->roles) as $rid) { - if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { - $query->values(array( - 'uid' => $account->uid, - 'rid' => $rid, - )); - } - } - $query->execute(); - } - - // Delete a blocked user's sessions to kick them if they are online. - if ($account->original->status != $account->status && $account->status == 0) { - drupal_session_destroy_uid($account->uid); - } - - // If the password changed, delete all open sessions and recreate - // the current one. - if ($account->pass != $account->original->pass) { - drupal_session_destroy_uid($account->uid); - if ($account->uid == $GLOBALS['user']->uid) { - drupal_session_regenerate(); - } - } - - // Save Field data. - field_attach_update('user', $account); - - // Send emails after we have the new user object. - if ($account->status != $account->original->status) { - // The user's status is changing; conditionally send notification email. - $op = $account->status == 1 ? 'status_activated' : 'status_blocked'; - _user_mail_notify($op, $account); - } - - // Update $edit with any interim changes to $account. - foreach ($account as $key => $value) { - if (!property_exists($account->original, $key) || $value !== $account->original->$key) { - $edit[$key] = $value; - } - } - user_module_invoke('update', $edit, $account); - module_invoke_all('entity_update', $account, 'user'); - } - else { - // Allow 'uid' to be set by the caller. There is no danger of writing an - // existing user as drupal_write_record will do an INSERT. - if (empty($account->uid)) { - $account->uid = db_next_id(db_query('SELECT MAX(uid) FROM {users}')->fetchField()); - } - // Allow 'created' to be set by the caller. - if (!isset($account->created)) { - $account->created = REQUEST_TIME; - } - $success = drupal_write_record('users', $account); - if ($success === FALSE) { - // On a failed INSERT some other existing user's uid may be returned. - // We must abort to avoid overwriting their account. - return FALSE; - } - - // Make sure $account is properly initialized. - $account->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user'; - - field_attach_insert('user', $account); - $edit = (array) $account; - user_module_invoke('insert', $edit, $account); - module_invoke_all('entity_insert', $account, 'user'); - - // Save user roles. - if (count($account->roles) > 1) { - $query = db_insert('users_roles')->fields(array('uid', 'rid')); - foreach (array_keys($account->roles) as $rid) { - if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { - $query->values(array( - 'uid' => $account->uid, - 'rid' => $rid, - )); - } - } - $query->execute(); - } - } - // Clear internal properties. - unset($account->is_new); - unset($account->original); - // Clear the static loading cache. - entity_get_controller('user')->resetCache(array($account->uid)); - - return $account; - } - catch (Exception $e) { - $transaction->rollback(); - watchdog_exception('user', $e); - throw $e; - } -} - -/** * Verify the syntax of the given name. */ function user_validate_name($name) { @@ -1126,14 +908,16 @@ function user_account_form_validate($form, &$form_state) { if ($error = user_validate_name($form_state['values']['name'])) { form_set_error('name', $error); } - elseif ((bool) db_select('users')->fields('users', array('uid'))->condition('uid', $account->uid, '<>')->condition('name', db_like($form_state['values']['name']), 'LIKE')->range(0, 1)->execute()->fetchField()) { + // Force user id to integer as it might have been set to NULL which causes + // unexpected results. + elseif ((bool) db_select('users')->fields('users', array('uid'))->condition('uid', (int) $account->uid, '<>')->condition('name', db_like($form_state['values']['name']), 'LIKE')->range(0, 1)->execute()->fetchField()) { form_set_error('name', t('The name %name is already taken.', array('%name' => $form_state['values']['name']))); } } $mail = $form_state['values']['mail']; - if ((bool) db_select('users')->fields('users', array('uid'))->condition('uid', $account->uid, '<>')->condition('mail', db_like($mail), 'LIKE')->range(0, 1)->execute()->fetchField()) { + if ((bool) db_select('users')->fields('users', array('uid'))->condition('uid', (int) $account->uid, '<>')->condition('mail', db_like($mail), 'LIKE')->range(0, 1)->execute()->fetchField()) { // Format error message dependent on whether the user is logged in or not. if ($GLOBALS['user']->uid) { form_set_error('mail', t('The e-mail address %email is already taken.', array('%email' => $mail))); @@ -1158,30 +942,6 @@ function user_account_form_validate($form, &$form_state) { } } -/** - * Implements hook_user_presave(). - */ -function user_user_presave(&$edit, $account) { - if (!empty($edit['picture_upload'])) { - $edit['picture'] = $edit['picture_upload']; - } - // Delete picture if requested, and if no replacement picture was given. - elseif (!empty($edit['picture_delete'])) { - $edit['picture'] = NULL; - } - // Prepare user roles. - if (isset($edit['roles'])) { - $edit['roles'] = array_filter($edit['roles']); - } - - // Move account cancellation information into $user->data. - foreach (array('user_cancel_method', 'user_cancel_notify') as $key) { - if (isset($edit[$key])) { - $edit['data'][$key] = $edit[$key]; - } - } -} - function user_login_block($form) { $form['#action'] = url($_GET['q'], array('query' => drupal_get_destination())); $form['#id'] = 'user-login-form'; @@ -2181,7 +1941,8 @@ function user_authenticate($name, $password) { // Update user to new password scheme if needed. if (user_needs_new_hash($account)) { - user_save($account, array('pass' => $password)); + $account->pass = $password; + $account->save(); } } } @@ -2236,16 +1997,16 @@ function user_external_login_register($name, $module) { $account = user_external_load($name); if (!$account) { // Register this new user. - $userinfo = array( + $account = entity_create('user', array( 'name' => $name, 'pass' => user_password(), 'init' => $name, 'status' => 1, 'access' => REQUEST_TIME - ); - $account = user_save(drupal_anonymous_user(), $userinfo); - // Terminate if an error occurred during user_save(). - if (!$account) { + )); + $status = $account->save(); + // Terminate if an error occurred while saving the account. + if ($status != SAVED_NEW) { drupal_set_message(t("Error saving user account."), 'error'); return; } @@ -2393,7 +2154,8 @@ function _user_cancel($edit, $account, $method) { if (!empty($edit['user_cancel_notify'])) { _user_mail_notify('status_blocked', $account); } - user_save($account, array('status' => 0)); + $account->status = 0; + $account->save(); drupal_set_message(t('%name has been disabled.', array('%name' => $account->name))); watchdog('user', 'Blocked user: %name %email.', array('%name' => $account->name, '%email' => '<' . $account->mail . '>'), WATCHDOG_NOTICE); break; @@ -3147,7 +2909,8 @@ function user_user_operations_unblock($accounts) { foreach ($accounts as $account) { // Skip unblocking user if they are already unblocked. if ($account !== FALSE && $account->status == 0) { - user_save($account, array('status' => 1)); + $account->status = 1; + $account->save(); } } } @@ -3163,7 +2926,8 @@ function user_user_operations_block($accounts) { // For efficiency manually save the original account before applying any // changes. $account->original = clone $account; - user_save($account, array('status' => 0)); + $account->status = 0; + $account->save(); } } } @@ -3172,8 +2936,6 @@ function user_user_operations_block($accounts) { * Callback function for admin mass adding/deleting a user role. */ function user_multiple_role_edit($accounts, $operation, $rid) { - // The role name is not necessary as user_save() will reload the user - // object, but some modules' hook_user() may look at this first. $role_name = db_query('SELECT name FROM {role} WHERE rid = :rid', array(':rid' => $rid))->fetchField(); switch ($operation) { @@ -3186,7 +2948,8 @@ function user_multiple_role_edit($accounts, $operation, $rid) { // For efficiency manually save the original account before applying // any changes. $account->original = clone $account; - user_save($account, array('roles' => $roles)); + $account->roles = $roles; + $account->save(); } } break; @@ -3199,7 +2962,8 @@ function user_multiple_role_edit($accounts, $operation, $rid) { // For efficiency manually save the original account before applying // any changes. $account->original = clone $account; - user_save($account, array('roles' => $roles)); + $account->roles = $roles; + $account->save(); } } break; @@ -3289,7 +3053,7 @@ function user_multiple_cancel_confirm_submit($form, &$form_state) { if ($uid == $user->uid) { $admin_form_state = $form_state; unset($admin_form_state['values']['user_cancel_confirm']); - $admin_form_state['values']['_account'] = $user; + $admin_form_state['values']['_account'] = user_load($user->uid); user_cancel_confirm_form_submit(array(), $admin_form_state); } else { @@ -3363,7 +3127,7 @@ function user_build_filter_query(SelectInterface $query) { // the authenticated role. If so, then all users would be listed, and we can // skip adding it to the filter query. if ($key == 'permission') { - $account = new stdClass(); + $account = entity_create('user', array()); $account->uid = 'user_filter'; $account->roles = array(DRUPAL_AUTHENTICATED_RID => 1); if (user_access($value, $account)) { @@ -3609,7 +3373,8 @@ function user_block_user_action(&$entity, $context = array()) { $uid = $GLOBALS['user']->uid; } $account = user_load($uid); - $account = user_save($account, array('status' => 0)); + $account->status = 0; + $account->save(); watchdog('action', 'Blocked user %name.', array('%name' => $account->name)); } @@ -3688,7 +3453,7 @@ function user_register_form($form, &$form_state) { drupal_goto('user/' . $user->uid); } - $form['#user'] = drupal_anonymous_user(); + $form['#user'] = entity_create('user', array()); $form['#attached']['library'][] = array('system', 'jquery.cookie'); $form['#attributes']['class'][] = 'user-info-from-cookie'; @@ -3759,14 +3524,10 @@ function user_register_submit($form, &$form_state) { $account = $form['#user']; entity_form_submit_build_entity('user', $account, $form, $form_state); + $status = $account->save(); - // Populate $edit with the properties of $account, which have been edited on - // this form by taking over all values, which appear in the form values too. - $edit = array_intersect_key((array) $account, $form_state['values']); - $account = user_save($account, $edit); - - // Terminate if an error occurred during user_save(). - if (!$account) { + // Terminate if an error occurred during saving the account. + if ($status =! SAVED_NEW) { drupal_set_message(t("Error saving user account."), 'error'); $form_state['redirect'] = ''; return; diff --git a/core/modules/user/user.pages.inc b/core/modules/user/user.pages.inc index c54bd4c..781d452 100644 --- a/core/modules/user/user.pages.inc +++ b/core/modules/user/user.pages.inc @@ -263,19 +263,8 @@ function user_profile_form_submit($form, &$form_state) { // Remove unneeded values. form_state_values_clean($form_state); - // Before updating the account entity, keep an unchanged copy for use with - // user_save() later. This is necessary for modules implementing the user - // hooks to be able to react on changes by comparing the values of $account - // and $edit. - $account_unchanged = clone $account; - entity_form_submit_build_entity('user', $account, $form, $form_state); - - // Populate $edit with the properties of $account, which have been edited on - // this form by taking over all values, which appear in the form values too. - $edit = array_intersect_key((array) $account, $form_state['values']); - - user_save($account_unchanged, $edit); + $account->save(); $form_state['values']['uid'] = $account->uid; if (!empty($edit['pass'])) { @@ -399,11 +388,9 @@ function user_cancel_confirm_form_submit($form, &$form_state) { else { // Store cancelling method and whether to notify the user in $account for // user_cancel_confirm(). - $edit = array( - 'user_cancel_method' => $form_state['values']['user_cancel_method'], - 'user_cancel_notify' => $form_state['values']['user_cancel_notify'], - ); - $account = user_save($account, $edit); + $account->user_cancel_method = $form_state['values']['user_cancel_method']; + $account->user_cancel_notify = $form_state['values']['user_cancel_notify']; + $account->save(); _user_mail_notify('cancel_confirm', $account); drupal_set_message(t('A confirmation request to cancel your account has been sent to your e-mail address.')); watchdog('user', 'Sent account cancellation request to %name %email.', array('%name' => $account->name, '%email' => '<' . $account->mail . '>'), WATCHDOG_NOTICE); diff --git a/core/modules/user/user.test b/core/modules/user/user.test index 95b3cce..e1e07d6 100644 --- a/core/modules/user/user.test +++ b/core/modules/user/user.test @@ -501,7 +501,7 @@ class UserCancelTestCase extends DrupalWebTestCase { 'name' => 'user1', 'pass' => user_hash_password(trim($password)), ); - // We cannot use user_save() here or the password would be hashed again. + // We cannot use $account->save() here or the password would be hashed again. db_update('users') ->fields($account) ->condition('uid', 1) @@ -1572,14 +1572,14 @@ class UserBlocksUnitTests extends DrupalWebTestCase { } /** - * Test case to test user_save() behaviour. + * Test case to test account saving behaviour. */ class UserSaveTestCase extends DrupalWebTestCase { public static function getInfo() { return array( 'name' => 'User save test', - 'description' => 'Test user_save() for arbitrary new uid.', + 'description' => 'Test account saving for arbitrary new uid.', 'group' => 'User', ); } @@ -1594,16 +1594,15 @@ class UserSaveTestCase extends DrupalWebTestCase { $test_name = $this->randomName(); // Create the base user, based on drupalCreateUser(). - $user = array( + $user = entity_create('user', array( 'name' => $test_name, 'uid' => $test_uid, 'mail' => $test_name . '@example.com', 'is_new' => TRUE, 'pass' => user_password(), 'status' => 1, - ); - $user_by_return = user_save(drupal_anonymous_user(), $user); - $this->assertTrue($user_by_return, t('Loading user by return of user_save().')); + )); + $user->save(); // Test if created user exists. $user_by_uid = user_load($test_uid); @@ -1661,7 +1660,7 @@ class UserCreateTestCase extends DrupalWebTestCase { } /** - * Test case to test user_save() behaviour. + * Test case to test account saving behaviour. */ class UserEditTestCase extends DrupalWebTestCase {