--- profile.module.orig	2006-03-14 05:14:49.000000000 +0700
+++ profile.module	2006-03-27 23:02:54.730000000 +0700
@@ -13,6 +13,17 @@
 define('PROFILE_PUBLIC', 2);
 define('PROFILE_PUBLIC_LISTINGS', 3);
 
+
+function profile_perm(){
+  $perms = array();
+  $result = db_query('SELECT DISTINCT category FROM {profile_fields}');
+  while ($record = db_fetch_object($result)) {
+    $perms[] = 'edit ' . $record->category;
+  }
+  $perms[] = 'edit administrator field';
+  return $perms;
+}
+
 /**
  * Implementation of hook_help().
  */
@@ -264,6 +275,7 @@
   $fields = array();
   while ($field = db_fetch_object($result)) {
     $category = $field->category;
+    if( $field->profile_admin_field == 0 or user_access('edit administrator field') )
     switch ($field->type) {
       case 'textfield':
       case 'url':
@@ -380,7 +392,8 @@
 function profile_categories() {
   $result = db_query("SELECT DISTINCT(category) FROM {profile_fields}");
   while ($category = db_fetch_object($result)) {
-    $data[] = array('name' => check_plain($category->category), 'title' => $category->category, 'weight' => 3);
+    if( user_access('edit ' . $category->category) )
+      $data[] = array('name' => check_plain($category->category), 'title' => $category->category, 'weight' => 3);
   }
   return $data;
 }
@@ -451,7 +464,7 @@
     }
 
     if (!form_get_errors()) {
-      db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['register'], $data['visibility'], $data['options'], $data['page']);
+      db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, options, page, profile_admin_field) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['register'], $data['visibility'], $data['options'], $data['page'], $data['profile_admin_field']);
 
       cache_clear_all();
 
@@ -479,7 +492,7 @@
     profile_validate_form($data);
 
     if (!form_get_errors()) {
-      db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, register = %d, visibility = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['register'], $data['visibility'], $data['options'], $data['page'], $fid);
+      db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, register = %d, profile_admin_field = %d, visibility = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['register'], $data['profile_admin_field'], $data['visibility'], $data['options'], $data['page'], $fid);
 
       cache_clear_all();
 
@@ -527,6 +540,10 @@
   }
   $group .= form_checkbox(t('The user must enter a value.'), 'required', 1, $edit['required']);
   $group .= form_checkbox(t('Visible in user registration form.'), 'register', 1, $edit['register']);
+  $group .= form_checkbox(t('Only profile administrator can edit this field'),
+			  'profile_admin_field',
+			  1,
+			  $edit['profile_admin_field']);
 
   $output  = form_group(t('Field settings'), $group);
   $output .= form_submit(t('Save field'));
