' . t('This page lets you set up your site-wide contact form. To do so, add one or more categories. You can associate different recipients with each category to route e-mails to different people. For example, you can route website feedback to the webmaster and direct product information requests to the sales department. On the settings page, you can customize the information shown above the contact form. This can be useful to provide additional contact information such as your postal address and telephone number.', array('@settings' => url('admin/settings/contact'), '@form' => url('contact'))) . '
'; if (!module_exists('menu')) { $menu_note = t('The menu item can be customized and configured only once the menu module has been enabled.', array('@modules-page' => url('admin/settings/modules'))); - } + } else { $menu_note = ''; } @@ -45,6 +45,10 @@ function contact_perm() { 'title' => t('Access site-wide contact form'), 'description' => t('Send feedback to administrators via e-mail using the site-wide contact form.'), ), + 'access personal contact form' => array( + 'title' => t('Access personal contact form'), + 'description' => t('Send e-mail to registered users via their personal contact form.'), + ), ); } @@ -115,15 +119,27 @@ function contact_menu() { */ function _contact_personal_tab_access($account) { global $user; - if (!isset($account->contact)) { - $account->contact = FALSE; + + // User administrators always have access to the contact form. + if (user_access('administer users')) { + return TRUE; } - return - $account && $user->uid && - ( - ($user->uid != $account->uid && $account->contact) || - user_access('administer users') - ); + + // Do not show the contact form when it is turned off. + if (!isset($account->personal) || $account->personal == 0) { + return FALSE; + } + + // Do not show the form if the user is not allowed to access it. + if (!user_access('access personal contact form')) { + return FALSE; + } + else { + return TRUE; + } + + // For privacy, do not show the contact form by default. + return FALSE; } /** @@ -140,16 +156,18 @@ function contact_load($cid) { */ function contact_user_form(&$edit, &$user, $category = NULL) { if ($category == 'account') { - $form['contact'] = array('#type' => 'fieldset', - '#title' => t('Contact settings'), - '#weight' => 5, - '#collapsible' => TRUE, - ); - $form['contact']['contact'] = array('#type' => 'checkbox', - '#title' => t('Personal contact form'), - '#default_value' => !empty($edit['contact']) ? $edit['contact'] : FALSE, - '#description' => t('Allow other users to contact you via a personal contact form which keeps your e-mail address hidden. Note that some privileged users such as site administrators are still able to contact you even if you choose to disable this feature.', array('@url' => url("user/$user->uid/contact"))), + $form['contact'] = array( + '#type' => 'fieldset', + '#title' => t('Contact form'), + '#weight' => 10, + '#collapsible' => TRUE, ); + $form['contact']['personal'] = array( + '#type' => 'checkbox', + '#title' => t('Enable personal contact form'), + '#default_value' => !empty($edit['personal']) ? $edit['personal'] : FALSE, + '#description' => t('Allow other users to contact you via a personal contact form which keeps your e-mail address hidden. Note that some privileged users such as site administrators are still able to contact you even if you choose to disable this feature.', array('@url' => url("user/$user->uid/contact"))), + ); return $form; } } @@ -158,20 +176,21 @@ function contact_user_form(&$edit, &$use * Implement hook_user_insert(). */ function contact_user_insert(&$edit, &$user, $category = NULL) { - $edit['contact'] = variable_get('contact_default_status', 1); + $edit['personal'] = variable_get('contact_default_status', FALSE); } /** * Implement hook_user_validate(). */ function contact_user_validate(&$edit, &$user, $category = NULL) { - return array('contact' => isset($edit['contact']) ? $edit['contact'] : FALSE); + return array('contact' => isset($edit['contact']['personal']) ? $edit['contact']['personal'] : FALSE); } /** * Implement hook_mail(). */ function contact_mail($key, &$message, $params) { + global $user; $language = $message['language']; switch ($key) { case 'page_mail': Index: modules/contact/contact.pages.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/contact/contact.pages.inc,v retrieving revision 1.21 diff -u -p -r1.21 contact.pages.inc --- modules/contact/contact.pages.inc 10 May 2009 05:06:50 -0000 1.21 +++ modules/contact/contact.pages.inc 17 Jun 2009 02:55:33 -0000 @@ -154,17 +154,22 @@ function contact_site_form_submit($form, function contact_personal_page($account) { global $user; - if (!valid_email_address($user->mail)) { - $output = t('You need to provide a valid e-mail address to contact other users. Please update your user information and try again.', array('@url' => url("user/$user->uid/edit", array('query' => 'destination=' . drupal_get_destination())))); - } - elseif (!flood_is_allowed('contact', variable_get('contact_hourly_threshold', 3)) && !user_access('administer site-wide contact form')) { - $output = t("You cannot send more than %number messages per hour. Please try again later.", array('%number' => variable_get('contact_hourly_threshold', 3))); + if ($user->uid == 0 && flood_is_allowed('contact', variable_get('contact_hourly_threshold', 3))) { + drupal_set_title($account->name); + $output = drupal_get_form('contact_personal_form', $account); } else { - drupal_set_title($account->name); - $output = drupal_get_form('contact_personal_form', $account); + if (!isset($user->mail) || !valid_email_address($user->mail)) { + $output = t('You need to provide a valid e-mail address to contact other users. Please update your user information and try again.', array('@url' => url("user/$user->uid/edit", array('query' => 'destination=' . drupal_get_destination())))); + } + elseif (!flood_is_allowed('contact', variable_get('contact_hourly_threshold', 3)) && !user_access('administer site-wide contact form')) { + $output = t("You cannot send more than %number messages per hour. Please try again later.", array('%number' => variable_get('contact_hourly_threshold', 3))); + } + else { + drupal_set_title($account->name); + $output = drupal_get_form('contact_personal_form', $account); + } } - return $output; } @@ -173,12 +178,34 @@ function contact_personal_page($account) */ function contact_personal_form(&$form_state, $recipient) { global $user; - $form['#token'] = $user->name . $user->mail; + if (!$user->uid == 0) { + $form['#token'] = $user->name . $user->mail; + $form['from'] = array( + '#type' => 'item', + '#title' => t('From'), + '#markup' => check_plain($user->name) . ' <' . check_plain($user->mail) . '>', + ); + $form['mail'] = array( + '#type' => 'value', + '#value' => check_plain($user->mail), + ); + } + else { + $form['#token'] = 'Anonymous' . variable_get('site_mail'); + $form['from'] = array( + '#type' => 'textfield', + '#title' => t('From'), + '#maxlength' => 255, + '#required' => TRUE, + ); + $form['mail'] = array( + '#type' => 'textfield', + '#title' => t('E-mail'), + '#maxlength' => 255, + '#required' => TRUE, + ); + } $form['recipient'] = array('#type' => 'value', '#value' => $recipient); - $form['from'] = array('#type' => 'item', - '#title' => t('From'), - '#markup' => theme('username', $user) . ' <' . check_plain($user->mail) . '>', - ); $form['to'] = array('#type' => 'item', '#title' => t('To'), '#markup' => theme('username', $recipient), @@ -193,9 +220,19 @@ function contact_personal_form(&$form_st '#rows' => 15, '#required' => TRUE, ); - $form['copy'] = array('#type' => 'checkbox', - '#title' => t('Send yourself a copy.'), - ); + if ($user->uid) { + $form['copy'] = array( + '#type' => 'checkbox', + '#title' => t('Send yourself a copy.'), + ); + } + else { + drupal_add_js(drupal_get_path('module', 'contact') . '/contact.js'); + $form['copy'] = array( + '#type' => 'value', + '#value' => FALSE, + ); + } $form['submit'] = array('#type' => 'submit', '#value' => t('Send message'), ); @@ -203,34 +240,56 @@ function contact_personal_form(&$form_st } /** + * Validate the user contact page form submission. + */ +function contact_mail_user_validate($form, &$form_state) { + global $user; + if (!valid_email_address($form_state['values']['mail'])) { + form_set_error('mail', t('You must enter a valid e-mail address.')); + } +} + +/** * Form submission handler for contact_personal_form(). */ function contact_personal_form_submit($form, &$form_state) { global $user, $language; - $account = $form_state['values']['recipient']; + $values = $form_state['values']; + $account = $values['recipient']; // Send from the current user to the requested user. $to = $account->mail; - $from = $user->mail; + if (!$user->uid == 0) { + $from = $user->mail; + $username = $user->name; + } + else { + $from = variable_get('site_mail'); + $username = 'anonymous'; + } // Save both users and all form values for email composition. - $values = $form_state['values']; $values['account'] = $account; + if (!$user->uid) { + $user->mail = $values['mail']; + $user->name = $values['from']; + } $values['user'] = $user; // Send the e-mail in the requested user language. drupal_mail('contact', 'user_mail', $to, user_preferred_language($account), $values, $from); // Send a copy if requested, using current page language. - if ($form_state['values']['copy']) { + if ($values['copy']) { drupal_mail('contact', 'user_copy', $from, $language, $values, $from); } flood_register_event('contact'); - watchdog('mail', '%name-from sent %name-to an e-mail.', array('%name-from' => $user->name, '%name-to' => $account->name)); + watchdog('mail', '%name-from sent %name-to an e-mail.', array('%name-from' => $username, '%name-to' => $account->name)); drupal_set_message(t('Your message has been sent.')); - // Back to the requested users profile page. - $form_state['redirect'] = "user/$account->uid"; + // Back to the requested users profile page or the homepage if the + // user does not have access to user profiles. + $form_state['redirect'] = user_access('access user profiles') ? "user/$account->uid" : ''; } Index: modules/contact/contact.test =================================================================== RCS file: /cvs/drupal/drupal/modules/contact/contact.test,v retrieving revision 1.25 diff -u -p -r1.25 contact.test --- modules/contact/contact.test 13 Jun 2009 20:40:07 -0000 1.25 +++ modules/contact/contact.test 17 Jun 2009 02:55:34 -0000 @@ -328,8 +328,8 @@ class ContactPersonalTestCase extends Dr // Reload variables. $this->drupalLogout(); - // Create web users and attempt to use personal contact forms with default set to true. - $web_user1 = $this->drupalCreateUser(array()); + // Must specify the new 'access personal contact form' permission. + $web_user1 = $this->drupalCreateUser(array('access personal contact form')); $web_user2 = $this->drupalCreateUser(array()); $this->drupalLogin($web_user1); @@ -373,7 +373,7 @@ class ContactPersonalTestCase extends Dr $this->drupalLogout(); // Create web users and attempt to use personal contact forms with default set to false. - $web_user3 = $this->drupalCreateUser(array()); + $web_user3 = $this->drupalCreateUser(array('access personal contact form')); $web_user4 = $this->drupalCreateUser(array()); $this->drupalLogin($web_user3); @@ -381,4 +381,27 @@ class ContactPersonalTestCase extends Dr $this->drupalGet('user/' . $web_user4->uid . '/contact'); $this->assertResponse(403, t('Access to personal contact form denied.')); } + + /** + * Set permission. + * + * @param string $role User role to set permissions for. + * @param array $permissions Key-value array of permissions to set. + */ + function setPermission($role, $permissions) { + // Get role id (rid) for specified role. + $rid = db_result(db_query("SELECT rid FROM {role} WHERE name = '%s'", array($role))); + if ($rid === FALSE) { + $this->fail(t('[permission] Role "' . $role . '" not found.')); + } + + // Create edit array from permission. + $edit = array(); + foreach ($permissions as $name => $value) { + $edit[$rid . '[' . $name . ']'] = $value; + } + + $this->drupalPost('admin/user/permissions', $edit, t('Save permissions')); + $this->assertText(t('The changes have been saved.'), t('[permission] Saved changes.')); + } }