--- drupal-5.6/modules/profile/profile.module 2007-07-26 14:16:48.000000000 -0500 +++ modules/profile/profile.module 2008-01-24 10:52:22.000000000 -0600 @@ -1,834 +1,883 @@ -'. t('The profile module allows you to define custom fields (such as country, real name, age, ...) in the user profile. This permits users of a site to share more information about themselves, and can help community-based sites to organize users around profile fields.') .'

'; - $output .= t('

The following types of fields can be added to the user profile:

- -'); - $output .= '

'. t('For more information please read the configuration and customization handbook Profile page.', array('@profile' => 'http://drupal.org/handbook/modules/profile/')) .'

'; - return $output; - case 'admin/user/profile': - return '

'. t('Here you can define custom fields that users can fill in as part of their user profile (such as country, real name, age, ...).') .'

'; - } -} - -/** - * Implementation of hook_menu(). - */ -function profile_menu($may_cache) { - $items = array(); - - if ($may_cache) { - $items[] = array('path' => 'profile', - 'title' => t('User list'), - 'callback' => 'profile_browse', - 'access' => user_access('access user profiles'), - 'type' => MENU_SUGGESTED_ITEM); - $items[] = array('path' => 'admin/user/profile', - 'title' => t('Profiles'), - 'description' => t('Create customizable fields for your users.'), - 'callback' => 'profile_admin_overview'); - $items[] = array('path' => 'admin/user/profile/add', - 'title' => t('Add field'), - 'callback' => 'drupal_get_form', - 'callback arguments' => array('profile_field_form'), - 'type' => MENU_CALLBACK); - $items[] = array('path' => 'admin/user/profile/autocomplete', - 'title' => t('Profile category autocomplete'), - 'callback' => 'profile_admin_settings_autocomplete', - 'access' => user_access('administer users'), - 'type' => MENU_CALLBACK); - $items[] = array('path' => 'admin/user/profile/edit', - 'title' => t('Edit field'), - 'callback' => 'drupal_get_form', - 'callback arguments' => array('profile_field_form'), - 'type' => MENU_CALLBACK); - $items[] = array('path' => 'admin/user/profile/delete', - 'title' => t('Delete field'), - 'callback' => 'drupal_get_form', - 'callback arguments' => array('profile_field_delete'), - 'type' => MENU_CALLBACK); - $items[] = array('path' => 'profile/autocomplete', 'title' => t('Profile autocomplete'), - 'callback' => 'profile_autocomplete', - 'access' => 1, - 'type' => MENU_CALLBACK); - } - - return $items; -} - -/** - * Implementation of hook_block(). - */ -function profile_block($op = 'list', $delta = 0, $edit = array()) { - - if ($op == 'list') { - $blocks[0]['info'] = t('Author information'); - - return $blocks; - } - else if ($op == 'configure' && $delta == 0) { - // Compile a list of fields to show - $fields = array(); - $result = db_query('SELECT name, title, weight, visibility FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); - while ($record = db_fetch_object($result)) { - $fields[$record->name] = check_plain($record->title); - } - $fields['user_profile'] = t('Link to full user profile'); - $form['profile_block_author_fields'] = array('#type' => 'checkboxes', - '#title' => t('Profile fields to display'), - '#default_value' => variable_get('profile_block_author_fields', NULL), - '#options' => $fields, - '#description' => t('Select which profile fields you wish to display in the block. Only fields designated as public in the profile field configuration are available.', array('@profile-admin' => url('admin/user/profile'))), - ); - return $form; - } - else if ($op == 'save' && $delta == 0) { - variable_set('profile_block_author_fields', $edit['profile_block_author_fields']); - } - else if ($op == 'view') { - if (user_access('access user profiles')) { - if ((arg(0) == 'node') && is_numeric(arg(1)) && (arg(2) == NULL)) { - $node = node_load(arg(1)); - $account = user_load(array('uid' => $node->uid)); - - if ($use_fields = variable_get('profile_block_author_fields', array())) { - // Compile a list of fields to show. - $fields = array(); - $result = db_query('SELECT name, title, type, visibility, weight FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); - while ($record = db_fetch_object($result)) { - // Ensure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions. - if (isset($use_fields[$record->name]) && $use_fields[$record->name]) { - $fields[] = $record; - } - } - } - - if ($fields) { - $profile = _profile_update_user_fields($fields, $account); - $output .= theme('profile_block', $account, $profile, TRUE); - } - - if (isset($use_fields['user_profile']) && $use_fields['user_profile']) { - $output .= '
'. l(t('View full user profile'), 'user/'. $account->uid) .'
'; - } - } - - if ($output) { - $block['subject'] = t('About %name', array('%name' => $account->name)); - $block['content'] = $output; - return $block; - } - } - } -} - -/** - * Implementation of hook_user(). - */ -function profile_user($type, &$edit, &$user, $category = NULL) { - switch ($type) { - case 'load': - return profile_load_profile($user); - case 'register': - return profile_form_profile($edit, $user, $category, TRUE); - case 'update': - return profile_save_profile($edit, $user, $category); - case 'insert': - return profile_save_profile($edit, $user, $category, TRUE); - case 'view': - return profile_view_profile($user); - case 'form': - return profile_form_profile($edit, $user, $category); - case 'validate': - return profile_validate_profile($edit, $category); - case 'categories': - return profile_categories(); - case 'delete': - db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid); - } -} - -/** - * Menu callback: Generate a form to add/edit a user profile field. - */ -function profile_field_form($arg = NULL) { - if (arg(3) == 'edit') { - if (is_numeric($arg)) { - $fid = $arg; - - $edit = db_fetch_array(db_query('SELECT * FROM {profile_fields} WHERE fid = %d', $fid)); - - if (!$edit) { - drupal_not_found(); - return; - } - drupal_set_title(t('edit %title', array('%title' => $edit['title']))); - $form['fid'] = array('#type' => 'value', - '#value' => $fid, - ); - $type = $edit['type']; - } - else { - drupal_not_found(); - return; - } - } - else { - $types = _profile_field_types(); - if (!isset($types[$arg])) { - drupal_not_found(); - return; - } - $type = $arg; - drupal_set_title(t('add new %type', array('%type' => $types[$type]))); - $edit = array('name' => 'profile_'); - $form['type'] = array('#type' => 'value', '#value' => $type); - } - $form['fields'] = array('#type' => 'fieldset', - '#title' => t('Field settings'), - ); - $form['fields']['category'] = array('#type' => 'textfield', - '#title' => t('Category'), - '#default_value' => $edit['category'], - '#autocomplete_path' => 'admin/user/profile/autocomplete', - '#description' => t('The category the new field should be part of. Categories are used to group fields logically. An example category is "Personal information".'), - '#required' => TRUE, - ); - $form['fields']['title'] = array('#type' => 'textfield', - '#title' => t('Title'), - '#default_value' => $edit['title'], - '#description' => t('The title of the new field. The title will be shown to the user. An example title is "Favorite color".'), - '#required' => TRUE, - ); - $form['fields']['name'] = array('#type' => 'textfield', - '#title' => t('Form name'), - '#default_value' => $edit['name'], - '#description' => t('The name of the field. The form name is not shown to the user but used internally in the HTML code and URLs. -Unless you know what you are doing, it is highly recommended that you prefix the form name with profile_ to avoid name clashes with other fields. Spaces or any other special characters except dash (-) and underscore (_) are not allowed. An example name is "profile_favorite_color" or perhaps just "profile_color".'), - '#required' => TRUE, - ); - $form['fields']['explanation'] = array('#type' => 'textarea', - '#title' => t('Explanation'), - '#default_value' => $edit['explanation'], - '#description' => t('An optional explanation to go with the new field. The explanation will be shown to the user.'), - ); - if ($type == 'selection') { - $form['fields']['options'] = array('#type' => 'textarea', - '#title' => t('Selection options'), - '#default_value' => $edit['options'], - '#description' => t('A list of all options. Put each option on a separate line. Example options are "red", "blue", "green", etc.'), - ); - } - $form['fields']['weight'] = array('#type' => 'weight', - '#title' => t('Weight'), - '#default_value' => $edit['weight'], - '#delta' => 5, - '#description' => t('The weights define the order in which the form fields are shown. Lighter fields "float up" towards the top of the category.'), - ); - $form['fields']['visibility'] = array('#type' => 'radios', - '#title' => t('Visibility'), - '#default_value' => isset($edit['visibility']) ? $edit['visibility'] : PROFILE_PUBLIC, - '#options' => array(PROFILE_HIDDEN => t('Hidden profile field, only accessible by administrators, modules and themes.'), PROFILE_PRIVATE => t('Private field, content only available to privileged users.'), PROFILE_PUBLIC => t('Public field, content shown on profile page but not used on member list pages.'), PROFILE_PUBLIC_LISTINGS => t('Public field, content shown on profile page and on member list pages.')), - ); - if ($type == 'selection' || $type == 'list' || $type == 'textfield') { - $form['fields']['page'] = array('#type' => 'textfield', - '#title' => t('Page title'), - '#default_value' => $edit['page'], - '#description' => t('To enable browsing this field by value, enter a title for the resulting page. The word %value will be substituted with the corresponding value. An example page title is "People whose favorite color is %value". This is only applicable for a public field.'), - ); - } - else if ($type == 'checkbox') { - $form['fields']['page'] = array('#type' => 'textfield', - '#title' => t('Page title'), - '#default_value' => $edit['page'], - '#description' => t('To enable browsing this field by value, enter a title for the resulting page. An example page title is "People who are employed". This is only applicable for a public field.'), - ); - } - $form['fields']['autocomplete'] = array('#type' => 'checkbox', - '#title' => t('Form will auto-complete while user is typing.'), - '#default_value' => $edit['autocomplete'], - ); - $form['fields']['required'] = array('#type' => 'checkbox', - '#title' => t('The user must enter a value.'), - '#default_value' => $edit['required'], - ); - $form['fields']['register'] = array('#type' => 'checkbox', - '#title' => t('Visible in user registration form.'), - '#default_value' => $edit['register'], - ); - $form['submit'] = array('#type' => 'submit', - '#value' => t('Save field'), - ); - return $form; -} - -/** - * Validate profile_field_form submissions. - */ -function profile_field_form_validate($form_id, $form_values) { - // Validate the 'field name': - if (preg_match('/[^a-zA-Z0-9_-]/', $form_values['name'])) { - form_set_error('name', t('The specified form name contains one or more illegal characters. Spaces or any other special characters except dash (-) and underscore (_) are not allowed.')); - } - - if (in_array($form_values['name'], user_fields())) { - form_set_error('name', t('The specified form name is reserved for use by Drupal.')); - } - // Validate the category: - if (!$form_values['category']) { - form_set_error('category', t('You must enter a category.')); - } - if ($form_values['category'] == 'account') { - form_set_error('category', t('The specified category name is reserved for use by Drupal.')); - } - $args1 = array($form_values['title'], $form_values['category']); - $args2 = array($form_values['name']); - $query_suffix = ''; - - if (isset($form_values['fid'])) { - $args1[] = $args2[] = $form_values['fid']; - $query_suffix = ' AND fid != %d'; - } - - if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE title = '%s' AND category = '%s'". $query_suffix, $args1))) { - form_set_error('title', t('The specified title is already in use.')); - } - if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE name = '%s'". $query_suffix, $args2))) { - form_set_error('name', t('The specified name is already in use.')); - } -} - -/** - * Process profile_field_form submissions. - */ -function profile_field_form_submit($form_id, $form_values) { - if (!isset($form_values['fid'])) { - db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, autocomplete, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, '%s', '%s')", $form_values['title'], $form_values['name'], $form_values['explanation'], $form_values['category'], $form_values['type'], $form_values['weight'], $form_values['required'], $form_values['register'], $form_values['visibility'], $form_values['autocomplete'], $form_values['options'], $form_values['page']); - - drupal_set_message(t('The field has been created.')); - watchdog('profile', t('Profile field %field added under category %category.', array('%field' => $form_values['title'], '%category' => $form_values['category'])), WATCHDOG_NOTICE, l(t('view'), 'admin/user/profile')); - } - else { - db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, register = %d, visibility = %d, autocomplete = %d, options = '%s', page = '%s' WHERE fid = %d", $form_values['title'], $form_values['name'], $form_values['explanation'], $form_values['category'], $form_values['weight'], $form_values['required'], $form_values['register'], $form_values['visibility'], $form_values['autocomplete'], $form_values['options'], $form_values['page'], $form_values['fid']); - - drupal_set_message(t('The field has been updated.')); - } - cache_clear_all(); - - return 'admin/user/profile'; -} - -/** - * Menu callback; deletes a field from all user profiles. - */ -function profile_field_delete($fid) { - $field = db_fetch_object(db_query("SELECT title FROM {profile_fields} WHERE fid = %d", $fid)); - if (!$field) { - drupal_not_found(); - return; - } - $form['fid'] = array('#type' => 'value', '#value' => $fid); - $form['title'] = array('#type' => 'value', '#value' => $field->title); - - return confirm_form($form, - t('Are you sure you want to delete the field %field?', array('%field' => $field->title)), 'admin/user/profile', - t('This action cannot be undone. If users have entered values into this field in their profile, these entries will also be deleted. If you want to keep the user-entered data, instead of deleting the field you may wish to edit this field and change it to a hidden profile field so that it may only be accessed by administrators.', array('@edit-field' => url('admin/user/profile/edit/'. $fid))), - t('Delete'), t('Cancel')); -} - -/** - * Process a field delete form submission. - */ -function profile_field_delete_submit($form_id, $form_values) { - db_query('DELETE FROM {profile_fields} WHERE fid = %d', $form_values['fid']); - db_query('DELETE FROM {profile_values} WHERE fid = %d', $form_values['fid']); - - cache_clear_all(); - - drupal_set_message(t('The field %field has been deleted.', array('%field' => $form_values['title']))); - watchdog('profile', t('Profile field %field deleted.', array('%field' => $form_values['title'])), WATCHDOG_NOTICE, l(t('view'), 'admin/user/profile')); - - return 'admin/user/profile'; -} - -/** - * Menu callback; display a listing of all editable profile fields. - */ -function profile_admin_overview() { - - $result = db_query('SELECT title, name, type, category, fid FROM {profile_fields} ORDER BY category, weight'); - $rows = array(); - while ($field = db_fetch_object($result)) { - $rows[] = array(check_plain($field->title), check_plain($field->name), _profile_field_types($field->type), check_plain($field->category), l(t('edit'), "admin/user/profile/edit/$field->fid"), l(t('delete'), "admin/user/profile/delete/$field->fid")); - } - if (count($rows) == 0) { - $rows[] = array(array('data' => t('No fields defined.'), 'colspan' => '6')); - } - - $header = array(t('Title'), t('Name'), t('Type'), t('Category'), array('data' => t('Operations'), 'colspan' => '2')); - - $output = theme('table', $header, $rows); - $output .= '

'. t('Add new field') .'

'; - $output .= ''; - - return $output; -} - -/** - * Menu callback; display a list of user information. - */ -function profile_browse() { - $name = arg(1); - list(, , $value) = explode('/', $_GET['q'], 3); - - $field = db_fetch_object(db_query("SELECT DISTINCT(fid), type, title, page, visibility FROM {profile_fields} WHERE name = '%s'", $name)); - - if ($name && $field->fid) { - // Only allow browsing of fields that have a page title set. - if (empty($field->page)) { - drupal_not_found(); - return; - } - // Do not allow browsing of private and hidden fields by non-admins. - if (!user_access('administer users') && ($field->visibility == PROFILE_PRIVATE || $field->visibility == PROFILE_HIDDEN)) { - drupal_access_denied(); - return; - } - - // Compile a list of fields to show. - $fields = array(); - $result = db_query('SELECT name, title, type, weight, page FROM {profile_fields} WHERE fid != %d AND visibility = %d ORDER BY weight', $field->fid, PROFILE_PUBLIC_LISTINGS); - while ($record = db_fetch_object($result)) { - $fields[] = $record; - } - - // Determine what query to use: - $arguments = array($field->fid); - switch ($field->type) { - case 'checkbox': - $query = 'v.value = 1'; - break; - case 'textfield': - case 'selection': - $query = "v.value = '%s'"; - $arguments[] = $value; - break; - case 'list': - $query = "v.value LIKE '%%%s%%'"; - $arguments[] = $value; - break; - default: - drupal_not_found(); - return; - } - - // Extract the affected users: - $result = pager_query("SELECT u.uid, u.access FROM {users} u INNER JOIN {profile_values} v ON u.uid = v.uid WHERE v.fid = %d AND $query AND u.access != 0 AND u.status != 0 ORDER BY u.access DESC", 20, 0, NULL, $arguments); - - $output = '
'; - while ($account = db_fetch_object($result)) { - $account = user_load(array('uid' => $account->uid)); - $profile = _profile_update_user_fields($fields, $account); - $output .= theme('profile_listing', $account, $profile); - } - $output .= theme('pager', NULL, 20); - - if ($field->type == 'selection' || $field->type == 'list' || $field->type == 'textfield') { - $title = strtr(check_plain($field->page), array('%value' => theme('placeholder', $value))); - } - else { - $title = check_plain($field->page); - } - $output .= '
'; - - drupal_set_title($title); - return $output; - } - else if ($name && !$field->fid) { - drupal_not_found(); - } - else { - // Compile a list of fields to show. - $fields = array(); - $result = db_query('SELECT name, title, type, weight, page FROM {profile_fields} WHERE visibility = %d ORDER BY category, weight', PROFILE_PUBLIC_LISTINGS); - while ($record = db_fetch_object($result)) { - $fields[] = $record; - } - - // Extract the affected users: - $result = pager_query('SELECT uid, access FROM {users} WHERE uid > 0 AND status != 0 AND access != 0 ORDER BY access DESC', 20, 0, NULL); - - $output = '
'; - while ($account = db_fetch_object($result)) { - $account = user_load(array('uid' => $account->uid)); - $profile = _profile_update_user_fields($fields, $account); - $output .= theme('profile_listing', $account, $profile); - } - $output .= '
'; - $output .= theme('pager', NULL, 20); - - drupal_set_title(t('User list')); - return $output; - } -} - -function profile_load_profile(&$user) { - $result = db_query('SELECT f.name, f.type, v.value FROM {profile_fields} f INNER JOIN {profile_values} v ON f.fid = v.fid WHERE uid = %d', $user->uid); - while ($field = db_fetch_object($result)) { - if (empty($user->{$field->name})) { - $user->{$field->name} = _profile_field_serialize($field->type) ? unserialize($field->value) : $field->value; - } - } -} - -function profile_save_profile(&$edit, &$user, $category, $register = FALSE) { - $result = _profile_get_fields($category, $register); - while ($field = db_fetch_object($result)) { - if (_profile_field_serialize($field->type)) { - $edit[$field->name] = serialize($edit[$field->name]); - } - db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid); - db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]); - // Mark field as handled (prevents saving to user->data). - $edit[$field->name] = NULL; - } -} - -function profile_view_field($user, $field) { - // Only allow browsing of private fields for admins, if browsing is enabled, - // and if a user has permission to view profiles. Note that this check is - // necessary because a user may always see their own profile. - $browse = user_access('access user profiles') - && (user_access('administer users') || $field->visibility != PROFILE_PRIVATE) - && !empty($field->page); - - if ($value = $user->{$field->name}) { - switch ($field->type) { - case 'textarea': - return check_markup($value); - case 'textfield': - case 'selection': - return $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value); - case 'checkbox': - return $browse ? l($field->title, 'profile/'. $field->name) : check_plain($field->title); - case 'url': - return ''. check_plain($value) .''; - case 'date': - $format = substr(variable_get('date_format_short', 'm/d/Y - H:i'), 0, 5); - // Note: Avoid PHP's date() because it does not handle dates before - // 1970 on Windows. This would make the date field useless for e.g. - // birthdays. - $replace = array('d' => sprintf('%02d', $value['day']), - 'j' => $value['day'], - 'm' => sprintf('%02d', $value['month']), - 'M' => map_month($value['month']), - 'Y' => $value['year'], - 'H:i' => NULL, - 'g:ia' => NULL); - return strtr($format, $replace); - case 'list': - $values = split("[,\n\r]", $value); - $fields = array(); - foreach ($values as $value) { - if ($value = trim($value)) { - $fields[] = $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value); - } - } - return implode(', ', $fields); - } - } -} - -function profile_view_profile($user) { - - profile_load_profile($user); - - // Show private fields to administrators and people viewing their own account. - if (user_access('administer users') || $GLOBALS['user']->uid == $user->uid) { - $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_HIDDEN); - } - else { - $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN); - } - - while ($field = db_fetch_object($result)) { - if ($value = profile_view_field($user, $field)) { - $title = ($field->type != 'checkbox') ? check_plain($field->title) : NULL; - $item = array('title' => $title, - 'value' => $value, - 'class' => $field->name, - ); - $fields[$field->category][$field->name] = $item; - } - } - return $fields; -} - -function _profile_form_explanation($field) { - $output = $field->explanation; - - if ($field->type == 'list') { - $output .= ' '. t('Put each item on a separate line or separate them by commas. No HTML allowed.'); - } - - if ($field->visibility == PROFILE_PRIVATE) { - $output .= ' '. t('The content of this field is kept private and will not be shown publicly.'); - } - - return $output; -} - -function profile_form_profile($edit, $user, $category, $register = FALSE) { - $result = _profile_get_fields($category, $register); - $w = 1; - while ($field = db_fetch_object($result)) { - $category = $field->category; - if (!isset($fields[$category])) { - $fields[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $w++); - } - switch ($field->type) { - case 'textfield': - case 'url': - $fields[$category][$field->name] = array('#type' => 'textfield', - '#title' => check_plain($field->title), - '#default_value' => $edit[$field->name], - '#maxlength' => 255, - '#description' => _profile_form_explanation($field), - '#required' => $field->required, - ); - if ($field->autocomplete) { - $fields[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/". $field->fid; - } - break; - case 'textarea': - $fields[$category][$field->name] = array('#type' => 'textarea', - '#title' => check_plain($field->title), - '#default_value' => $edit[$field->name], - '#description' => _profile_form_explanation($field), - '#required' => $field->required, - ); - break; - case 'list': - $fields[$category][$field->name] = array('#type' => 'textarea', - '#title' => check_plain($field->title), - '#default_value' => $edit[$field->name], - '#description' => _profile_form_explanation($field), - '#required' => $field->required, - ); - break; - case 'checkbox': - $fields[$category][$field->name] = array('#type' => 'checkbox', - '#title' => check_plain($field->title), - '#default_value' => $edit[$field->name], - '#description' => _profile_form_explanation($field), - '#required' => $field->required, - ); - break; - case 'selection': - $options = $field->required ? array() : array('--'); - $lines = split("[,\n\r]", $field->options); - foreach ($lines as $line) { - if ($line = trim($line)) { - $options[$line] = $line; - } - } - $fields[$category][$field->name] = array('#type' => 'select', - '#title' => check_plain($field->title), - '#default_value' => $edit[$field->name], - '#options' => $options, - '#description' => _profile_form_explanation($field), - '#required' => $field->required, - ); - break; - case 'date': - $fields[$category][$field->name] = array('#type' => 'date', - '#title' => check_plain($field->title), - '#default_value' => $edit[$field->name], - '#description' => _profile_form_explanation($field), - '#required' => $field->required, - ); - break; - } - } - return $fields; -} - -/** - * Callback to allow autocomplete of profile text fields. - */ -function profile_autocomplete($field, $string) { - if (db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE fid = %d AND autocomplete = 1", $field))) { - $matches = array(); - $result = db_query_range("SELECT value FROM {profile_values} WHERE fid = %d AND LOWER(value) LIKE LOWER('%s%%') GROUP BY value ORDER BY value ASC", $field, $string, 0, 10); - while ($data = db_fetch_object($result)) { - $matches[$data->value] = check_plain($data->value); - } - - print drupal_to_js($matches); - } - exit(); -} - -/** - * Helper function: update an array of user fields by calling profile_view_field - */ -function _profile_update_user_fields($fields, $account) { - foreach ($fields as $key => $field) { - $fields[$key]->value = profile_view_field($account, $field); - } - return $fields; -} - -function profile_validate_profile($edit, $category) { - $result = _profile_get_fields($category); - while ($field = db_fetch_object($result)) { - if ($edit[$field->name]) { - if ($field->type == 'url') { - if (!valid_url($edit[$field->name], TRUE)) { - form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title))); - } - } - } - else if ($field->required && !user_access('administer users')) { - form_set_error($field->name, t('The field %field is required.', array('%field' => $field->title))); - } - } - - return $edit; -} - -function profile_categories() { - $result = db_query("SELECT DISTINCT(category) FROM {profile_fields}"); - while ($category = db_fetch_object($result)) { - $data[] = array('name' => $category->category, 'title' => $category->category, 'weight' => 3); - } - return $data; -} - -function theme_profile_block($account, $fields = array()) { - - $output .= theme('user_picture', $account); - - foreach ($fields as $field) { - if ($field->value) { - if ($field->type == 'checkbox') { - $output .= "

$field->value

\n"; - } - else { - $output .= '

'. check_plain($field->title) ."
$field->value

\n"; - } - } - } - - return $output; -} - -function theme_profile_listing($account, $fields = array()) { - - $output = "
\n"; - $output .= theme('user_picture', $account); - $output .= '
'. theme('username', $account) ."
\n"; - - foreach ($fields as $field) { - if ($field->value) { - $output .= "
$field->value
\n"; - } - } - - $output .= "
\n"; - - return $output; -} - -function _profile_field_types($type = NULL) { - $types = array('textfield' => t('single-line textfield'), - 'textarea' => t('multi-line textfield'), - 'checkbox' => t('checkbox'), - 'selection' => t('list selection'), - 'list' => t('freeform list'), - 'url' => t('URL'), - 'date' => t('date')); - return isset($type) ? $types[$type] : $types; -} - -function _profile_field_serialize($type = NULL) { - return $type == 'date'; -} - -function _profile_get_fields($category, $register = FALSE) { - $args = array(); - $sql = 'SELECT * FROM {profile_fields} WHERE '; - $filters = array(); - if ($register) { - $filters[] = 'register = 1'; - } - else { - // Use LOWER('%s') instead of PHP's strtolower() to avoid UTF-8 conversion issues. - $filters[] = "LOWER(category) = LOWER('%s')"; - $args[] = $category; - } - if (!user_access('administer users')) { - $filters[] = 'visibility != %d'; - $args[] = PROFILE_HIDDEN; - } - $sql .= implode(' AND ', $filters); - $sql .= ' ORDER BY category, weight'; - return db_query($sql, $args); -} - -/** - * Retrieve a pipe delimited string of autocomplete suggestions for profile categories - */ -function profile_admin_settings_autocomplete($string) { - $matches = array(); - $result = db_query_range("SELECT category FROM {profile_fields} WHERE LOWER(category) LIKE LOWER('%s%%')", $string, 0, 10); - while ($data = db_fetch_object($result)) { - $matches[$data->category] = check_plain($data->category); - } - print drupal_to_js($matches); - exit(); -} +'. t('The profile module allows you to define custom fields (such as country, real name, age, ...) in the user profile. This permits users of a site to share more information about themselves, and can help community-based sites to organize users around profile fields.') .'

'; + $output .= t('

The following types of fields can be added to the user profile:

+ +'); + $output .= '

'. t('For more information please read the configuration and customization handbook Profile page.', array('@profile' => 'http://drupal.org/handbook/modules/profile/')) .'

'; + return $output; + case 'admin/user/profile': + return '

'. t('Here you can define custom fields that users can fill in as part of their user profile (such as country, real name, age, ...).') .'

'; + } +} + +/** + * Implementation of hook_menu(). + */ +function profile_menu($may_cache) { + $items = array(); + + if ($may_cache) { + $items[] = array('path' => 'profile', + 'title' => t('User list'), + 'callback' => 'profile_browse', + 'access' => user_access('access user profiles'), + 'type' => MENU_SUGGESTED_ITEM); + $items[] = array('path' => 'admin/user/profile', + 'title' => t('Profiles'), + 'description' => t('Create customizable fields for your users.'), + 'callback' => 'profile_admin_overview'); + $items[] = array('path' => 'admin/user/profile/add', + 'title' => t('Add field'), + 'callback' => 'drupal_get_form', + 'callback arguments' => array('profile_field_form'), + 'type' => MENU_CALLBACK); + $items[] = array('path' => 'admin/user/profile/autocomplete', + 'title' => t('Profile category autocomplete'), + 'callback' => 'profile_admin_settings_autocomplete', + 'access' => user_access('administer users'), + 'type' => MENU_CALLBACK); + $items[] = array('path' => 'admin/user/profile/edit', + 'title' => t('Edit field'), + 'callback' => 'drupal_get_form', + 'callback arguments' => array('profile_field_form'), + 'type' => MENU_CALLBACK); + $items[] = array('path' => 'admin/user/profile/delete', + 'title' => t('Delete field'), + 'callback' => 'drupal_get_form', + 'callback arguments' => array('profile_field_delete'), + 'type' => MENU_CALLBACK); + $items[] = array('path' => 'profile/autocomplete', 'title' => t('Profile autocomplete'), + 'callback' => 'profile_autocomplete', + 'access' => 1, + 'type' => MENU_CALLBACK); + } + + return $items; +} + +/** + * Implementation of hook_block(). + */ +function profile_block($op = 'list', $delta = 0, $edit = array()) { + + if ($op == 'list') { + $blocks[0]['info'] = t('Author information'); + + return $blocks; + } + else if ($op == 'configure' && $delta == 0) { + // Compile a list of fields to show + $fields = array(); + $result = db_query('SELECT name, title, weight, visibility FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + $fields[$record->name] = check_plain($record->title); + } + $fields['user_profile'] = t('Link to full user profile'); + $form['profile_block_author_fields'] = array('#type' => 'checkboxes', + '#title' => t('Profile fields to display'), + '#default_value' => variable_get('profile_block_author_fields', NULL), + '#options' => $fields, + '#description' => t('Select which profile fields you wish to display in the block. Only fields designated as public in the profile field configuration are available.', array('@profile-admin' => url('admin/user/profile'))), + ); + return $form; + } + else if ($op == 'save' && $delta == 0) { + variable_set('profile_block_author_fields', $edit['profile_block_author_fields']); + } + else if ($op == 'view') { + if (user_access('access user profiles')) { + if ((arg(0) == 'node') && is_numeric(arg(1)) && (arg(2) == NULL)) { + $node = node_load(arg(1)); + $account = user_load(array('uid' => $node->uid)); + + if ($use_fields = variable_get('profile_block_author_fields', array())) { + // Compile a list of fields to show. + $fields = array(); + $result = db_query('SELECT name, title, type, visibility, weight FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + // Ensure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions. + if (isset($use_fields[$record->name]) && $use_fields[$record->name]) { + $fields[] = $record; + } + } + } + + if ($fields) { + $profile = _profile_update_user_fields($fields, $account); + $output .= theme('profile_block', $account, $profile, TRUE); + } + + if (isset($use_fields['user_profile']) && $use_fields['user_profile']) { + $output .= '
'. l(t('View full user profile'), 'user/'. $account->uid) .'
'; + } + } + + if ($output) { + $block['subject'] = t('About %name', array('%name' => $account->name)); + $block['content'] = $output; + return $block; + } + } + } +} + +/** + * Implementation of hook_user(). + */ +function profile_user($type, &$edit, &$user, $category = NULL) { + switch ($type) { + case 'load': + return profile_load_profile($user); + case 'register': + return profile_form_profile($edit, $user, $category, TRUE); + case 'update': + return profile_save_profile($edit, $user, $category); + case 'insert': + return profile_save_profile($edit, $user, $category, TRUE); + case 'view': + return profile_view_profile($user); + case 'form': + return profile_form_profile($edit, $user, $category); + case 'validate': + return profile_validate_profile($edit, $category); + case 'categories': + return profile_categories(); + case 'delete': + db_query('DELETE FROM {profile_values} WHERE uid = %d', $user->uid); + } +} + +/** + * Menu callback: Generate a form to add/edit a user profile field. + */ +function profile_field_form($arg = NULL) { + if (arg(3) == 'edit') { + if (is_numeric($arg)) { + $fid = $arg; + + $edit = db_fetch_array(db_query('SELECT * FROM {profile_fields} WHERE fid = %d', $fid)); + + if (!$edit) { + drupal_not_found(); + return; + } + drupal_set_title(t('edit %title', array('%title' => $edit['title']))); + $form['fid'] = array('#type' => 'value', + '#value' => $fid, + ); + $type = $edit['type']; + } + else { + drupal_not_found(); + return; + } + } + else { + $types = _profile_field_types(); + if (!isset($types[$arg])) { + drupal_not_found(); + return; + } + $type = $arg; + drupal_set_title(t('add new %type', array('%type' => $types[$type]))); + $edit = array('name' => 'profile_'); + $form['type'] = array('#type' => 'value', '#value' => $type); + } + $form['fields'] = array('#type' => 'fieldset', + '#title' => t('Field settings'), + ); + $form['fields']['category'] = array('#type' => 'textfield', + '#title' => t('Category'), + '#default_value' => $edit['category'], + '#autocomplete_path' => 'admin/user/profile/autocomplete', + '#description' => t('The category the new field should be part of. Categories are used to group fields logically. An example category is "Personal information".'), + '#required' => TRUE, + ); + $form['fields']['title'] = array('#type' => 'textfield', + '#title' => t('Title'), + '#default_value' => $edit['title'], + '#description' => t('The title of the new field. The title will be shown to the user. An example title is "Favorite color".'), + '#required' => TRUE, + ); + $form['fields']['name'] = array('#type' => 'textfield', + '#title' => t('Form name'), + '#default_value' => $edit['name'], + '#description' => t('The name of the field. The form name is not shown to the user but used internally in the HTML code and URLs. +Unless you know what you are doing, it is highly recommended that you prefix the form name with profile_ to avoid name clashes with other fields. Spaces or any other special characters except dash (-) and underscore (_) are not allowed. An example name is "profile_favorite_color" or perhaps just "profile_color".'), + '#required' => TRUE, + ); + $form['fields']['explanation'] = array('#type' => 'textarea', + '#title' => t('Explanation'), + '#default_value' => $edit['explanation'], + '#description' => t('An optional explanation to go with the new field. The explanation will be shown to the user.'), + ); + if ($type == 'selection') { + $form['fields']['options'] = array('#type' => 'textarea', + '#title' => t('Selection options'), + '#default_value' => $edit['options'], + '#description' => t('A list of all options. Put each option on a separate line. Example options are "red", "blue", "green", etc.'), + ); + } else if ( $type == 'node_reference' ) { + + // Get array of node types + $result = db_query( 'SELECT type, name FROM {node_type} ORDER BY name' ); + while( $record = db_fetch_array( $result ) ) { + $node_type_options[ $record['type'] ] = $record['name']; + } + + // Add the form element + $form['fields']['options'] = array('#type' => 'select', + '#title' => t('Node Reference options'), + '#default_value' => $edit['options'], + '#options' => $node_type_options, + '#description' => t('Select which type of nodes can be referenced for this profile field.'), + //'#multiple' => TRUE + ); + } + $form['fields']['weight'] = array('#type' => 'weight', + '#title' => t('Weight'), + '#default_value' => $edit['weight'], + '#delta' => 5, + '#description' => t('The weights define the order in which the form fields are shown. Lighter fields "float up" towards the top of the category.'), + ); + $form['fields']['visibility'] = array('#type' => 'radios', + '#title' => t('Visibility'), + '#default_value' => isset($edit['visibility']) ? $edit['visibility'] : PROFILE_PUBLIC, + '#options' => array(PROFILE_HIDDEN => t('Hidden profile field, only accessible by administrators, modules and themes.'), PROFILE_PRIVATE => t('Private field, content only available to privileged users.'), PROFILE_PUBLIC => t('Public field, content shown on profile page but not used on member list pages.'), PROFILE_PUBLIC_LISTINGS => t('Public field, content shown on profile page and on member list pages.')), + ); + if ($type == 'selection' || $type == 'list' || $type == 'textfield') { + $form['fields']['page'] = array('#type' => 'textfield', + '#title' => t('Page title'), + '#default_value' => $edit['page'], + '#description' => t('To enable browsing this field by value, enter a title for the resulting page. The word %value will be substituted with the corresponding value. An example page title is "People whose favorite color is %value". This is only applicable for a public field.'), + ); + } + else if ($type == 'checkbox') { + $form['fields']['page'] = array('#type' => 'textfield', + '#title' => t('Page title'), + '#default_value' => $edit['page'], + '#description' => t('To enable browsing this field by value, enter a title for the resulting page. An example page title is "People who are employed". This is only applicable for a public field.'), + ); + } + $form['fields']['autocomplete'] = array('#type' => 'checkbox', + '#title' => t('Form will auto-complete while user is typing.'), + '#default_value' => $edit['autocomplete'], + ); + $form['fields']['required'] = array('#type' => 'checkbox', + '#title' => t('The user must enter a value.'), + '#default_value' => $edit['required'], + ); + $form['fields']['register'] = array('#type' => 'checkbox', + '#title' => t('Visible in user registration form.'), + '#default_value' => $edit['register'], + ); + $form['submit'] = array('#type' => 'submit', + '#value' => t('Save field'), + ); + return $form; +} + +/** + * Validate profile_field_form submissions. + */ +function profile_field_form_validate($form_id, $form_values) { + // Validate the 'field name': + if (preg_match('/[^a-zA-Z0-9_-]/', $form_values['name'])) { + form_set_error('name', t('The specified form name contains one or more illegal characters. Spaces or any other special characters except dash (-) and underscore (_) are not allowed.')); + } + + if (in_array($form_values['name'], user_fields())) { + form_set_error('name', t('The specified form name is reserved for use by Drupal.')); + } + // Validate the category: + if (!$form_values['category']) { + form_set_error('category', t('You must enter a category.')); + } + if ($form_values['category'] == 'account') { + form_set_error('category', t('The specified category name is reserved for use by Drupal.')); + } + $args1 = array($form_values['title'], $form_values['category']); + $args2 = array($form_values['name']); + $query_suffix = ''; + + if (isset($form_values['fid'])) { + $args1[] = $args2[] = $form_values['fid']; + $query_suffix = ' AND fid != %d'; + } + + if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE title = '%s' AND category = '%s'". $query_suffix, $args1))) { + form_set_error('title', t('The specified title is already in use.')); + } + if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE name = '%s'". $query_suffix, $args2))) { + form_set_error('name', t('The specified name is already in use.')); + } +} + +/** + * Process profile_field_form submissions. + */ +function profile_field_form_submit($form_id, $form_values) { + +// // If option is multi-select, it will return an array. +// // Convert array into CSV +// if( isset( $form_values['options'] ) && is_array( $form_values['options'] ) ) { +// $form_values['options'] = implode( ',', $form_values['options'] ); +// } + + if (!isset($form_values['fid'])) { + db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, autocomplete, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, '%s', '%s')", $form_values['title'], $form_values['name'], $form_values['explanation'], $form_values['category'], $form_values['type'], $form_values['weight'], $form_values['required'], $form_values['register'], $form_values['visibility'], $form_values['autocomplete'], $form_values['options'], $form_values['page']); + + drupal_set_message(t('The field has been created.')); + watchdog('profile', t('Profile field %field added under category %category.', array('%field' => $form_values['title'], '%category' => $form_values['category'])), WATCHDOG_NOTICE, l(t('view'), 'admin/user/profile')); + } + else { + db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, register = %d, visibility = %d, autocomplete = %d, options = '%s', page = '%s' WHERE fid = %d", $form_values['title'], $form_values['name'], $form_values['explanation'], $form_values['category'], $form_values['weight'], $form_values['required'], $form_values['register'], $form_values['visibility'], $form_values['autocomplete'], $form_values['options'], $form_values['page'], $form_values['fid']); + + drupal_set_message(t('The field has been updated.')); + } + cache_clear_all(); + + return 'admin/user/profile'; +} + +/** + * Menu callback; deletes a field from all user profiles. + */ +function profile_field_delete($fid) { + $field = db_fetch_object(db_query("SELECT title FROM {profile_fields} WHERE fid = %d", $fid)); + if (!$field) { + drupal_not_found(); + return; + } + $form['fid'] = array('#type' => 'value', '#value' => $fid); + $form['title'] = array('#type' => 'value', '#value' => $field->title); + + return confirm_form($form, + t('Are you sure you want to delete the field %field?', array('%field' => $field->title)), 'admin/user/profile', + t('This action cannot be undone. If users have entered values into this field in their profile, these entries will also be deleted. If you want to keep the user-entered data, instead of deleting the field you may wish to edit this field and change it to a hidden profile field so that it may only be accessed by administrators.', array('@edit-field' => url('admin/user/profile/edit/'. $fid))), + t('Delete'), t('Cancel')); +} + +/** + * Process a field delete form submission. + */ +function profile_field_delete_submit($form_id, $form_values) { + db_query('DELETE FROM {profile_fields} WHERE fid = %d', $form_values['fid']); + db_query('DELETE FROM {profile_values} WHERE fid = %d', $form_values['fid']); + + cache_clear_all(); + + drupal_set_message(t('The field %field has been deleted.', array('%field' => $form_values['title']))); + watchdog('profile', t('Profile field %field deleted.', array('%field' => $form_values['title'])), WATCHDOG_NOTICE, l(t('view'), 'admin/user/profile')); + + return 'admin/user/profile'; +} + +/** + * Menu callback; display a listing of all editable profile fields. + */ +function profile_admin_overview() { + + $result = db_query('SELECT title, name, type, category, fid FROM {profile_fields} ORDER BY category, weight'); + $rows = array(); + while ($field = db_fetch_object($result)) { + $rows[] = array(check_plain($field->title), check_plain($field->name), _profile_field_types($field->type), check_plain($field->category), l(t('edit'), "admin/user/profile/edit/$field->fid"), l(t('delete'), "admin/user/profile/delete/$field->fid")); + } + if (count($rows) == 0) { + $rows[] = array(array('data' => t('No fields defined.'), 'colspan' => '6')); + } + + $header = array(t('Title'), t('Name'), t('Type'), t('Category'), array('data' => t('Operations'), 'colspan' => '2')); + + $output = theme('table', $header, $rows); + $output .= '

'. t('Add new field') .'

'; + $output .= ''; + + return $output; +} + +/** + * Menu callback; display a list of user information. + */ +function profile_browse() { + $name = arg(1); + list(, , $value) = explode('/', $_GET['q'], 3); + + $field = db_fetch_object(db_query("SELECT DISTINCT(fid), type, title, page, visibility FROM {profile_fields} WHERE name = '%s'", $name)); + + if ($name && $field->fid) { + // Only allow browsing of fields that have a page title set. + if (empty($field->page)) { + drupal_not_found(); + return; + } + // Do not allow browsing of private and hidden fields by non-admins. + if (!user_access('administer users') && ($field->visibility == PROFILE_PRIVATE || $field->visibility == PROFILE_HIDDEN)) { + drupal_access_denied(); + return; + } + + // Compile a list of fields to show. + $fields = array(); + $result = db_query('SELECT name, title, type, weight, page FROM {profile_fields} WHERE fid != %d AND visibility = %d ORDER BY weight', $field->fid, PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + $fields[] = $record; + } + + // Determine what query to use: + $arguments = array($field->fid); + switch ($field->type) { + case 'checkbox': + $query = 'v.value = 1'; + break; + case 'textfield': + case 'selection': + $query = "v.value = '%s'"; + $arguments[] = $value; + break; + case 'list': + $query = "v.value LIKE '%%%s%%'"; + $arguments[] = $value; + break; + default: + drupal_not_found(); + return; + } + + // Extract the affected users: + $result = pager_query("SELECT u.uid, u.access FROM {users} u INNER JOIN {profile_values} v ON u.uid = v.uid WHERE v.fid = %d AND $query AND u.access != 0 AND u.status != 0 ORDER BY u.access DESC", 20, 0, NULL, $arguments); + + $output = '
'; + while ($account = db_fetch_object($result)) { + $account = user_load(array('uid' => $account->uid)); + $profile = _profile_update_user_fields($fields, $account); + $output .= theme('profile_listing', $account, $profile); + } + $output .= theme('pager', NULL, 20); + + if ($field->type == 'selection' || $field->type == 'list' || $field->type == 'textfield') { + $title = strtr(check_plain($field->page), array('%value' => theme('placeholder', $value))); + } + else { + $title = check_plain($field->page); + } + $output .= '
'; + + drupal_set_title($title); + return $output; + } + else if ($name && !$field->fid) { + drupal_not_found(); + } + else { + // Compile a list of fields to show. + $fields = array(); + $result = db_query('SELECT name, title, type, weight, page FROM {profile_fields} WHERE visibility = %d ORDER BY category, weight', PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + $fields[] = $record; + } + + // Extract the affected users: + $result = pager_query('SELECT uid, access FROM {users} WHERE uid > 0 AND status != 0 AND access != 0 ORDER BY access DESC', 20, 0, NULL); + + $output = '
'; + while ($account = db_fetch_object($result)) { + $account = user_load(array('uid' => $account->uid)); + $profile = _profile_update_user_fields($fields, $account); + $output .= theme('profile_listing', $account, $profile); + } + $output .= '
'; + $output .= theme('pager', NULL, 20); + + drupal_set_title(t('User list')); + return $output; + } +} + +function profile_load_profile(&$user) { + $result = db_query('SELECT f.name, f.type, v.value FROM {profile_fields} f INNER JOIN {profile_values} v ON f.fid = v.fid WHERE uid = %d', $user->uid); + while ($field = db_fetch_object($result)) { + if (empty($user->{$field->name})) { + $user->{$field->name} = _profile_field_serialize($field->type) ? unserialize($field->value) : $field->value; + } + } +} + +function profile_save_profile(&$edit, &$user, $category, $register = FALSE) { + $result = _profile_get_fields($category, $register); + while ($field = db_fetch_object($result)) { + if (_profile_field_serialize($field->type)) { + $edit[$field->name] = serialize($edit[$field->name]); + } + db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid); + db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]); + // Mark field as handled (prevents saving to user->data). + $edit[$field->name] = NULL; + } +} + +function profile_view_field($user, $field) { + // Only allow browsing of private fields for admins, if browsing is enabled, + // and if a user has permission to view profiles. Note that this check is + // necessary because a user may always see their own profile. + $browse = user_access('access user profiles') + && (user_access('administer users') || $field->visibility != PROFILE_PRIVATE) + && !empty($field->page); + + if ($value = $user->{$field->name}) { + switch ($field->type) { + case 'textarea': + return check_markup($value); + case 'textfield': + case 'selection': + return $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value); + case 'checkbox': + return $browse ? l($field->title, 'profile/'. $field->name) : check_plain($field->title); + case 'url': + return ''. check_plain($value) .''; + case 'date': + $format = substr(variable_get('date_format_short', 'm/d/Y - H:i'), 0, 5); + // Note: Avoid PHP's date() because it does not handle dates before + // 1970 on Windows. This would make the date field useless for e.g. + // birthdays. + $replace = array('d' => sprintf('%02d', $value['day']), + 'j' => $value['day'], + 'm' => sprintf('%02d', $value['month']), + 'M' => map_month($value['month']), + 'Y' => $value['year'], + 'H:i' => NULL, + 'g:ia' => NULL); + return strtr($format, $replace); + case 'list': + $values = split("[,\n\r]", $value); + $fields = array(); + foreach ($values as $value) { + if ($value = trim($value)) { + $fields[] = $browse ? l($value, 'profile/'. $field->name .'/'. $value) : check_plain($value); + } + } + return implode(', ', $fields); + case 'node_reference': + $referenced_node = db_fetch_array( db_query( 'SELECT nid, title FROM {node} WHERE nid='.$value ) ); + + if( empty( $referenced_node ) ) { + return 'Node not found.'; + } else { + return l($referenced_node['title'], 'node/'.$referenced_node['nid']); +// return $browse ? l($referenced_node['title'], 'node/'.$referenced_node['nid']) : check_plain($referenced_node['title']); + } + } + } +} + +function profile_view_profile($user) { + + profile_load_profile($user); + + // Show private fields to administrators and people viewing their own account. + if (user_access('administer users') || $GLOBALS['user']->uid == $user->uid) { + $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d ORDER BY category, weight', PROFILE_HIDDEN); + } + else { + $result = db_query('SELECT * FROM {profile_fields} WHERE visibility != %d AND visibility != %d ORDER BY category, weight', PROFILE_PRIVATE, PROFILE_HIDDEN); + } + + while ($field = db_fetch_object($result)) { + if ($value = profile_view_field($user, $field)) { + $title = ($field->type != 'checkbox') ? check_plain($field->title) : NULL; + $item = array('title' => $title, + 'value' => $value, + 'class' => $field->name, + ); + $fields[$field->category][$field->name] = $item; + } + } + return $fields; +} + +function _profile_form_explanation($field) { + $output = $field->explanation; + + if ($field->type == 'list') { + $output .= ' '. t('Put each item on a separate line or separate them by commas. No HTML allowed.'); + } + + if ($field->visibility == PROFILE_PRIVATE) { + $output .= ' '. t('The content of this field is kept private and will not be shown publicly.'); + } + + return $output; +} + +function profile_form_profile($edit, $user, $category, $register = FALSE) { + $result = _profile_get_fields($category, $register); + $w = 1; + while ($field = db_fetch_object($result)) { + $category = $field->category; + if (!isset($fields[$category])) { + $fields[$category] = array('#type' => 'fieldset', '#title' => check_plain($category), '#weight' => $w++); + } + switch ($field->type) { + case 'textfield': + case 'url': + $fields[$category][$field->name] = array('#type' => 'textfield', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#maxlength' => 255, + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + if ($field->autocomplete) { + $fields[$category][$field->name]['#autocomplete_path'] = "profile/autocomplete/". $field->fid; + } + break; + case 'textarea': + $fields[$category][$field->name] = array('#type' => 'textarea', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'list': + $fields[$category][$field->name] = array('#type' => 'textarea', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'checkbox': + $fields[$category][$field->name] = array('#type' => 'checkbox', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'selection': + $options = $field->required ? array() : array('--'); + $lines = split("[,\n\r]", $field->options); + foreach ($lines as $line) { + if ($line = trim($line)) { + $options[$line] = $line; + } + } + $fields[$category][$field->name] = array('#type' => 'select', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#options' => $options, + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'date': + $fields[$category][$field->name] = array('#type' => 'date', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + case 'node_reference': + $options = $field->required ? array() : array('--'); + $result = db_query( 'SELECT nid, title FROM {node} WHERE type=\''.$field->options.'\'' ); + while( $record = db_fetch_array( $result ) ) { + $options[ $record['nid'] ] = $record['title']; + } + $fields[$category][$field->name] = array('#type' => 'select', + '#title' => check_plain($field->title), + '#default_value' => $edit[$field->name], + '#options' => $options, + '#description' => _profile_form_explanation($field), + '#required' => $field->required, + ); + break; + } + } + return $fields; +} + +/** + * Callback to allow autocomplete of profile text fields. + */ +function profile_autocomplete($field, $string) { + if (db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE fid = %d AND autocomplete = 1", $field))) { + $matches = array(); + $result = db_query_range("SELECT value FROM {profile_values} WHERE fid = %d AND LOWER(value) LIKE LOWER('%s%%') GROUP BY value ORDER BY value ASC", $field, $string, 0, 10); + while ($data = db_fetch_object($result)) { + $matches[$data->value] = check_plain($data->value); + } + + print drupal_to_js($matches); + } + exit(); +} + +/** + * Helper function: update an array of user fields by calling profile_view_field + */ +function _profile_update_user_fields($fields, $account) { + foreach ($fields as $key => $field) { + $fields[$key]->value = profile_view_field($account, $field); + } + return $fields; +} + +function profile_validate_profile($edit, $category) { + $result = _profile_get_fields($category); + while ($field = db_fetch_object($result)) { + if ($edit[$field->name]) { + if ($field->type == 'url') { + if (!valid_url($edit[$field->name], TRUE)) { + form_set_error($field->name, t('The value provided for %field is not a valid URL.', array('%field' => $field->title))); + } + } + } + else if ($field->required && !user_access('administer users')) { + form_set_error($field->name, t('The field %field is required.', array('%field' => $field->title))); + } + } + + return $edit; +} + +function profile_categories() { + $result = db_query("SELECT DISTINCT(category) FROM {profile_fields}"); + while ($category = db_fetch_object($result)) { + $data[] = array('name' => $category->category, 'title' => $category->category, 'weight' => 3); + } + return $data; +} + +function theme_profile_block($account, $fields = array()) { + + $output .= theme('user_picture', $account); + + foreach ($fields as $field) { + if ($field->value) { + if ($field->type == 'checkbox') { + $output .= "

$field->value

\n"; + } + else { + $output .= '

'. check_plain($field->title) ."
$field->value

\n"; + } + } + } + + return $output; +} + +function theme_profile_listing($account, $fields = array()) { + + $output = "
\n"; + $output .= theme('user_picture', $account); + $output .= '
'. theme('username', $account) ."
\n"; + + foreach ($fields as $field) { + if ($field->value) { + $output .= "
$field->value
\n"; + } + } + + $output .= "
\n"; + + return $output; +} + +function _profile_field_types($type = NULL) { + $types = array('textfield' => t('single-line textfield'), + 'textarea' => t('multi-line textfield'), + 'checkbox' => t('checkbox'), + 'selection' => t('list selection'), + 'list' => t('freeform list'), + 'url' => t('URL'), + 'date' => t('date'), + 'node_reference' => t('node reference') ); + return isset($type) ? $types[$type] : $types; +} + +function _profile_field_serialize($type = NULL) { + return $type == 'date'; +} + +function _profile_get_fields($category, $register = FALSE) { + $args = array(); + $sql = 'SELECT * FROM {profile_fields} WHERE '; + $filters = array(); + if ($register) { + $filters[] = 'register = 1'; + } + else { + // Use LOWER('%s') instead of PHP's strtolower() to avoid UTF-8 conversion issues. + $filters[] = "LOWER(category) = LOWER('%s')"; + $args[] = $category; + } + if (!user_access('administer users')) { + $filters[] = 'visibility != %d'; + $args[] = PROFILE_HIDDEN; + } + $sql .= implode(' AND ', $filters); + $sql .= ' ORDER BY category, weight'; + + return db_query($sql, $args); +} + +/** + * Retrieve a pipe delimited string of autocomplete suggestions for profile categories + */ +function profile_admin_settings_autocomplete($string) { + $matches = array(); + $result = db_query_range("SELECT category FROM {profile_fields} WHERE LOWER(category) LIKE LOWER('%s%%')", $string, 0, 10); + while ($data = db_fetch_object($result)) { + $matches[$data->category] = check_plain($data->category); + } + print drupal_to_js($matches); + exit(); +}