Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.1021
diff -u -p -r1.1021 common.inc
--- includes/common.inc 15 Oct 2009 21:19:30 -0000 1.1021
+++ includes/common.inc 16 Oct 2009 06:58:38 -0000
@@ -1289,14 +1289,14 @@ function fix_gpc_magic() {
* check_plain, to escape HTML characters. Use this for any output that's
* displayed within a Drupal page.
* @code
- * drupal_set_title($title = t("@name's blog", array('@name' => $account->name)), PASS_THROUGH);
+ * drupal_set_title($title = t("@name's blog", array('@name' => format_username($account))), PASS_THROUGH);
* @endcode
*
* - %variable, which indicates that the string should be HTML escaped and
* highlighted with theme_placeholder() which shows up by default as
* emphasized.
* @code
- * $message = t('%name-from sent %name-to an e-mail.', array('%name-from' => $user->name, '%name-to' => $account->name));
+ * $message = t('%name-from sent %name-to an e-mail.', array('%name-from' => format_username($user), '%name-to' => format_username($account)));
* @endcode
*
* When using t(), try to put entire sentences and strings in one t() call.
@@ -2308,6 +2308,33 @@ function _format_date_callback(array $ma
}
/**
+ * Format a username.
+ *
+ * By default, the passed in object's 'name' property is used if it exists, or
+ * else, the site-defined value for the 'anonymous' variable. However, a module
+ * may override this by implementing hook_username_alter(&$name, $account).
+ *
+ * @see hook_username_alter()
+ *
+ * @param $account
+ * The account object for the user whose name is to be formatted.
+ *
+ * @return
+ * An unsanitized string with the username to display. The code receiving
+ * this result must ensure that check_plain() is called on it before it is
+ * printed to the page.
+ */
+function format_username($account) {
+ $name = !empty($account->name) ? $account->name : variable_get('anonymous', t('Anonymous'));
+ // Faster than drupal_alter(), and format_username() gets called a lot.
+ foreach (module_implements('username_alter') as $module) {
+ $function = $module . '_username_alter';
+ $function($name, $account);
+ }
+ return $name;
+}
+
+/**
* @} End of "defgroup format".
*/
Index: includes/theme.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/theme.inc,v
retrieving revision 1.536
diff -u -p -r1.536 theme.inc
--- includes/theme.inc 15 Oct 2009 12:27:34 -0000 1.536
+++ includes/theme.inc 16 Oct 2009 06:58:38 -0000
@@ -1912,12 +1912,17 @@ function template_preprocess_username(&$
else {
$variables['uid'] = (int)$account->uid;
}
- if (empty($account->name)) {
- $variables['name'] = variable_get('anonymous', t('Anonymous'));
- }
- else {
- $variables['name'] = $account->name;
+
+ // Set the name to a formatted name that is safe for printing and
+ // that won't break tables by being too long. Keep an unshortened,
+ // unsanitized version, in case other preproces functions want to implement
+ // their own shortening logic or add markup. If they do so, they must ensure
+ // that $variables['name'] is safe for printing.
+ $name = $variables['name_unsafe'] = format_username($account);
+ if (drupal_strlen($name) > 20) {
+ $name = drupal_substr($name, 0, 15) . '...';
}
+ $variables['name'] = check_plain($name);
$variables['profile_access'] = user_access('access user profiles');
$variables['link_attributes'] = array();
@@ -1936,12 +1941,6 @@ function template_preprocess_username(&$
$variables['link_options']['html'] = TRUE;
// Set a default class.
$variables['attributes_array'] = array('class' => array('username'));
- // Shorten the name when it is too long or it will break many tables.
- if (drupal_strlen($variables['name']) > 20) {
- $variables['name'] = drupal_substr($variables['name'], 0, 15) . '...';
- }
- // Make sure name is safe for use in the theme function.
- $variables['name'] = check_plain($variables['name']);
}
/**
Index: modules/blog/blog.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/blog/blog.module,v
retrieving revision 1.336
diff -u -p -r1.336 blog.module
--- modules/blog/blog.module 9 Oct 2009 00:59:55 -0000 1.336
+++ modules/blog/blog.module 16 Oct 2009 06:58:38 -0000
@@ -27,7 +27,7 @@ function blog_user_view($account) {
$account->content['summary']['blog'] = array(
'#type' => 'user_profile_item',
'#title' => t('Blog'),
- '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $account->name))))),
+ '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($account)))))),
'#attributes' => array('class' => array('blog')),
);
}
@@ -60,7 +60,7 @@ function blog_form($node, $form_state) {
function blog_view($node, $build_mode) {
if ((bool)menu_get_object()) {
// Breadcrumb navigation.
- drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('Blogs'), 'blog'), l(t("!name's blog", array('!name' => $node->name)), 'blog/' . $node->uid)));
+ drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('Blogs'), 'blog'), l(t("!name's blog", array('!name' => format_username($node))), 'blog/' . $node->uid)));
}
return $node;
}
@@ -72,9 +72,9 @@ function blog_node_view($node, $build_mo
if ($build_mode != 'rss') {
if ($node->type == 'blog' && arg(0) != 'blog' || arg(1) != $node->uid) {
$links['blog_usernames_blog'] = array(
- 'title' => t("!username's blog", array('!username' => $node->name)),
+ 'title' => t("!username's blog", array('!username' => format_username($node))),
'href' => "blog/$node->uid",
- 'attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $node->name))),
+ 'attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($node)))),
);
$node->content['links']['blog'] = array(
'#theme' => 'links',
Index: modules/blog/blog.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/blog/blog.pages.inc,v
retrieving revision 1.23
diff -u -p -r1.23 blog.pages.inc
--- modules/blog/blog.pages.inc 9 Oct 2009 00:59:55 -0000 1.23
+++ modules/blog/blog.pages.inc 16 Oct 2009 06:58:38 -0000
@@ -12,7 +12,7 @@
function blog_page_user($account) {
global $user;
- drupal_set_title($title = t("@name's blog", array('@name' => $account->name)), PASS_THROUGH);
+ drupal_set_title($title = t("@name's blog", array('@name' => format_username($account))), PASS_THROUGH);
$items = array();
@@ -123,7 +123,7 @@ function blog_feed_user($account) {
->execute()
->fetchCol();
- $channel['title'] = t("!name's blog", array('!name' => $account->name));
+ $channel['title'] = t("!name's blog", array('!name' => format_username($account)));
$channel['link'] = url('blog/' . $account->uid, array('absolute' => TRUE));
node_feed($nids, $channel);
Index: modules/blog/blog.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/blog/blog.test,v
retrieving revision 1.19
diff -u -p -r1.19 blog.test
--- modules/blog/blog.test 11 Oct 2009 03:07:16 -0000 1.19
+++ modules/blog/blog.test 16 Oct 2009 06:58:38 -0000
@@ -38,7 +38,7 @@ class BlogTestCase extends DrupalWebTest
$this->drupalGet('blog/' . $this->big_user->uid);
$this->assertResponse(200);
- $this->assertTitle(t("@name's blog", array('@name' => $this->big_user->name)) . ' | Drupal', t('Blog title was displayed'));
+ $this->assertTitle(t("@name's blog", array('@name' => format_username($this->big_user))) . ' | Drupal', t('Blog title was displayed'));
$this->assertText(t('You are not allowed to post a new blog entry.'), t('No new entries can be posted without the right permission'));
}
@@ -50,8 +50,8 @@ class BlogTestCase extends DrupalWebTest
$this->drupalGet('blog/' . $this->own_user->uid);
$this->assertResponse(200);
- $this->assertTitle(t("@name's blog", array('@name' => $this->own_user->name)) . ' | Drupal', t('Blog title was displayed'));
- $this->assertText(t('!author has not created any blog entries.', array('!author' => $this->own_user->name)), t('Users blog displayed with no entries'));
+ $this->assertTitle(t("@name's blog", array('@name' => format_username($this->own_user))) . ' | Drupal', t('Blog title was displayed'));
+ $this->assertText(t('@author has not created any blog entries.', array('@author' => format_username($this->own_user))), t('Users blog displayed with no entries'));
}
/**
@@ -139,7 +139,7 @@ class BlogTestCase extends DrupalWebTest
$this->drupalGet('node/' . $node->nid);
$this->assertResponse(200);
$this->assertTitle($node->title[FIELD_LANGUAGE_NONE][0]['value'] . ' | Drupal', t('Blog node was displayed'));
- $this->assertText(t('Home ' . $crumb . ' Blogs ' . $crumb . ' @name' . $quote . 's blog', array('@name' => $node_user->name)), t('Breadcrumbs were displayed'));
+ $this->assertText(t('Home ' . $crumb . ' Blogs ' . $crumb . ' @name' . $quote . 's blog', array('@name' => format_username($node_user))), t('Breadcrumbs were displayed'));
// View blog edit node.
$this->drupalGet('node/' . $node->nid . '/edit');
@@ -180,7 +180,7 @@ class BlogTestCase extends DrupalWebTest
// Confirm the recent blog entries link goes to the user's blog page.
$this->clickLink('View recent blog entries');
- $this->assertTitle(t("@name's blog | Drupal", array('@name' => $user->name)), t('View recent blog entries link target was correct'));
+ $this->assertTitle(t("@name's blog | Drupal", array('@name' => format_username($user))), t('View recent blog entries link target was correct'));
// Confirm a blog page was displayed.
$this->drupalGet('blog');
@@ -191,7 +191,7 @@ class BlogTestCase extends DrupalWebTest
// Confirm a blog page was displayed per user.
$this->drupalGet('blog/' . $user->uid);
- $this->assertTitle(t("@name's blog | Drupal", array('@name' => $user->name)), t('User blog node was displayed'));
+ $this->assertTitle(t("@name's blog | Drupal", array('@name' => format_username($user))), t('User blog node was displayed'));
// Confirm a blog feed was displayed.
$this->drupalGet('blog/feed');
@@ -199,6 +199,6 @@ class BlogTestCase extends DrupalWebTest
// Confirm a blog feed was displayed per user.
$this->drupalGet('blog/' . $user->uid . '/feed');
- $this->assertTitle(t("@name's blog", array('@name' => $user->name)), t('User blog feed was displayed'));
+ $this->assertTitle(t("@name's blog", array('@name' => format_username($user))), t('User blog feed was displayed'));
}
}
Index: modules/contact/contact.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/contact/contact.module,v
retrieving revision 1.134
diff -u -p -r1.134 contact.module
--- modules/contact/contact.module 11 Oct 2009 18:34:10 -0000 1.134
+++ modules/contact/contact.module 16 Oct 2009 06:58:39 -0000
@@ -174,7 +174,7 @@ function contact_mail($key, &$message, $
'!subject' => $params['subject'],
'!category' => isset($params['category']['category']) ? $params['category']['category'] : '',
'!form-url' => url($_GET['q'], array('absolute' => TRUE, 'language' => $language)),
- '!sender-name' => $params['sender']->name,
+ '!sender-name' => format_username($params['sender']),
'!sender-url' => $params['sender']->uid ? url('user/' . $params['sender']->uid, array('absolute' => TRUE, 'language' => $language)) : $params['sender']->mail,
);
@@ -194,7 +194,7 @@ function contact_mail($key, &$message, $
case 'user_mail':
case 'user_copy':
$variables += array(
- '!recipient-name' => $params['recipient']->name,
+ '!recipient-name' => format_username($params['recipient']),
'!recipient-edit-url' => url('user/' . $params['recipient']->uid . '/edit', array('absolute' => TRUE, 'language' => $language)),
);
$message['subject'] .= t('[!site-name] !subject', $variables, array('langcode' => $language->language));
Index: modules/contact/contact.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/contact/contact.pages.inc,v
retrieving revision 1.32
diff -u -p -r1.32 contact.pages.inc
--- modules/contact/contact.pages.inc 11 Oct 2009 18:34:10 -0000 1.32
+++ modules/contact/contact.pages.inc 16 Oct 2009 06:58:39 -0000
@@ -58,7 +58,7 @@ function contact_site_form($form, &$form
'#type' => 'textfield',
'#title' => t('Your name'),
'#maxlength' => 255,
- '#default_value' => $user->uid ? $user->name : '',
+ '#default_value' => $user->uid ? format_username($user) : '',
'#required' => TRUE,
);
$form['mail'] = array(
@@ -174,7 +174,7 @@ function contact_personal_form($form, &$
return drupal_access_denied();
}
- drupal_set_title(t('Contact @username', array('@username' => $recipient->name)), PASS_THROUGH);
+ drupal_set_title(t('Contact @username', array('@username' => format_username($recipient))), PASS_THROUGH);
if (!$user->uid) {
$form['#attached']['library'][] = array('system', 'cookie');
@@ -190,7 +190,7 @@ function contact_personal_form($form, &$
'#type' => 'textfield',
'#title' => t('Your name'),
'#maxlength' => 255,
- '#default_value' => $user->uid ? $user->name : '',
+ '#default_value' => $user->uid ? format_username($user) : '',
'#required' => TRUE,
);
$form['mail'] = array(
Index: modules/openid/openid.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/openid/openid.pages.inc,v
retrieving revision 1.22
diff -u -p -r1.22 openid.pages.inc
--- modules/openid/openid.pages.inc 21 Sep 2009 06:44:14 -0000 1.22
+++ modules/openid/openid.pages.inc 16 Oct 2009 06:58:39 -0000
@@ -28,7 +28,7 @@ function openid_authentication_page() {
* Menu callback; Manage OpenID identities for the specified user.
*/
function openid_user_identities($account) {
- drupal_set_title($account->name);
+ drupal_set_title(format_username($account));
drupal_add_css(drupal_get_path('module', 'openid') . '/openid.css');
// Check to see if we got a response
Index: modules/php/php.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/php/php.module,v
retrieving revision 1.21
diff -u -p -r1.21 php.module
--- modules/php/php.module 28 Sep 2009 22:22:54 -0000 1.21
+++ modules/php/php.module 16 Oct 2009 06:58:39 -0000
@@ -105,7 +105,7 @@ print t(\'Welcome visitor! Thank you for
global $user;
if ($user->uid) {
- print t(\'Welcome @name! Thank you for visiting.\', array(\'@name\' => $user->name));
+ print t(\'Welcome @name! Thank you for visiting.\', array(\'@name\' => format_username($user)));
}
else {
print t(\'Welcome visitor! Thank you for visiting.\');
Index: modules/profile/profile.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/profile/profile.module,v
retrieving revision 1.279
diff -u -p -r1.279 profile.module
--- modules/profile/profile.module 10 Oct 2009 21:39:03 -0000 1.279
+++ modules/profile/profile.module 16 Oct 2009 06:58:39 -0000
@@ -202,7 +202,7 @@ function profile_block_view($delta = '')
}
if ($output) {
- $block['subject'] = t('About %name', array('%name' => $account->name));
+ $block['subject'] = t('About %name', array('%name' => format_username($account)));
$block['content'] = $output;
return $block;
}
Index: modules/statistics/statistics.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/statistics/statistics.pages.inc,v
retrieving revision 1.18
diff -u -p -r1.18 statistics.pages.inc
--- modules/statistics/statistics.pages.inc 11 Oct 2009 03:07:20 -0000 1.18
+++ modules/statistics/statistics.pages.inc 16 Oct 2009 06:58:39 -0000
@@ -83,7 +83,7 @@ function statistics_user_tracker() {
$rows[] = array(array('data' => t('No statistics available.'), 'colspan' => 3));
}
- drupal_set_title($account->name);
+ drupal_set_title(format_username($account));
$build['statistics_table'] = array(
'#theme' => 'table',
'#header' => $header,
Index: modules/system/system.api.php
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.api.php,v
retrieving revision 1.92
diff -u -p -r1.92 system.api.php
--- modules/system/system.api.php 16 Oct 2009 03:47:14 -0000 1.92
+++ modules/system/system.api.php 16 Oct 2009 06:58:39 -0000
@@ -1150,7 +1150,7 @@ function hook_mail($key, &$message, $par
$context = $params['context'];
$variables = array(
'%site_name' => variable_get('site_name', 'Drupal'),
- '%username' => $account->name,
+ '%username' => format_username($account),
);
if ($context['hook'] == 'taxonomy') {
$object = $params['object'];
@@ -2654,5 +2654,27 @@ function hook_page_delivery_callback_alt
}
/**
+ * Alter the username that is displayed for a user.
+ *
+ * Called by format_username() to allow modules to alter the username that's
+ * displayed. Can be used to ensure user privacy in situations where
+ * $account->name is too revealing.
+ *
+ * @param &$name
+ * The string that format_username() will return.
+ *
+ * @param $account
+ * The account object passed to format_username().
+ *
+ * @see format_username()
+ */
+function hook_username_alter(&$name, $account) {
+ // Display the user's uid instead of name.
+ if (isset($account->uid)) {
+ $name = t('User !uid', array('!uid' => $account->uid));
+ }
+}
+
+/**
* @} End of "addtogroup hooks".
*/
Index: modules/toolbar/toolbar.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/toolbar/toolbar.module,v
retrieving revision 1.13
diff -u -p -r1.13 toolbar.module
--- modules/toolbar/toolbar.module 15 Sep 2009 20:50:48 -0000 1.13
+++ modules/toolbar/toolbar.module 16 Oct 2009 06:58:39 -0000
@@ -89,7 +89,7 @@ function toolbar_build() {
'#theme' => 'links',
'#links' => array(
'account' => array(
- 'title' => t('Hello @username', array('@username' => $user->name)),
+ 'title' => t('Hello @username', array('@username' => format_username($user))),
'href' => 'user',
'html' => TRUE,
),
Index: modules/tracker/tracker.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/tracker/tracker.pages.inc,v
retrieving revision 1.26
diff -u -p -r1.26 tracker.pages.inc
--- modules/tracker/tracker.pages.inc 9 Oct 2009 01:00:06 -0000 1.26
+++ modules/tracker/tracker.pages.inc 16 Oct 2009 06:58:39 -0000
@@ -19,7 +19,7 @@ function tracker_page($account = NULL, $
// When viewed from user/%user/track, display the name of the user
// as page title -- the tab title remains Track so this needs to be done
// here and not in the menu definition.
- drupal_set_title($account->name);
+ drupal_set_title(format_username($account));
}
}
else {
Index: modules/user/user.api.php
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.api.php,v
retrieving revision 1.14
diff -u -p -r1.14 user.api.php
--- modules/user/user.api.php 10 Oct 2009 16:48:39 -0000 1.14
+++ modules/user/user.api.php 16 Oct 2009 06:58:39 -0000
@@ -320,7 +320,7 @@ function hook_user_view($account) {
$account->content['summary']['blog'] = array(
'#type' => 'user_profile_item',
'#title' => t('Blog'),
- '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $account->name))))),
+ '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($account)))))),
'#attributes' => array('class' => array('blog')),
);
}
Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.1066
diff -u -p -r1.1066 user.module
--- modules/user/user.module 16 Oct 2009 03:21:23 -0000 1.1066
+++ modules/user/user.module 16 Oct 2009 06:58:40 -0000
@@ -1246,7 +1246,7 @@ function template_preprocess_user_pictur
$filepath = variable_get('user_picture_default', '');
}
if (isset($filepath)) {
- $alt = t("@user's picture", array('@user' => $account->name ? $account->name : variable_get('anonymous', t('Anonymous'))));
+ $alt = t("@user's picture", array('@user' => format_username($account)));
if (module_exists('image') && $style = variable_get('user_picture_style', '')) {
$variables['user_picture'] = theme('image_style', array('style_name' => $style, 'path' => $filepath, 'alt' => $alt, 'title' => $alt, 'attributes' => array(), 'getsize' => FALSE));
}
@@ -1620,7 +1620,7 @@ function user_uid_optional_to_arg($arg)
* Menu item title callback - use the user name.
*/
function user_page_title($account) {
- return $account->name;
+ return format_username($account);
}
/**
Index: modules/user/user.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.test,v
retrieving revision 1.64
diff -u -p -r1.64 user.test
--- modules/user/user.test 12 Oct 2009 18:37:31 -0000 1.64
+++ modules/user/user.test 16 Oct 2009 06:58:41 -0000
@@ -701,7 +701,7 @@ class UserPictureTestCase extends Drupal
// user's profile page.
$text = t('The image was resized to fit within the maximum allowed dimensions of %dimensions pixels.', array('%dimensions' => $test_dim));
$this->assertRaw($text, t('Image was resized.'));
- $alt = t("@user's picture", array('@user' => $this->user->name));
+ $alt = t("@user's picture", array('@user' => format_username($this->user)));
$style = variable_get('user_picture_style', '');
$this->assertRaw(image_style_url($style, $pic_path), t("Image is displayed in user's edit page"));