=== modified file 'modules/user.module' --- modules/user.module +++ modules/user.module @@ -477,6 +477,10 @@ if ($type == 'validate' && $category == 'account') { return _user_edit_validate(arg(1), $edit); + } + + if ($type == 'submit' && $category == 'account') { + return _user_edit_submit(arg(1), $edit); } if ($type == 'categories') { @@ -1171,7 +1175,7 @@ $form['account']['status'] = array('#type' => 'radios', '#title' => t('Status'), '#default_value' => $edit['status'], '#options' => array(t('Blocked'), t('Active'))); } if (user_access('administer access control')) { - $form['account']['roles'] = array('#type' => 'checkboxes', '#title' => t('Roles'), '#default_value' => array_keys($edit['roles']), '#options' => user_roles(1), '#description' => t('Select at least one role. The user receives the combined permissions of all of the selected roles.'), '#required' => TRUE); + $form['account']['roles'] = array('#type' => 'checkboxes', '#title' => t('Roles'), '#default_value' => array_keys((array)$edit['roles']), '#options' => user_roles(1), '#description' => t('Select at least one role. The user receives the combined permissions of all of the selected roles.'), '#required' => TRUE); } // Picture/avatar: @@ -1188,6 +1192,7 @@ } function _user_edit_validate($uid, &$edit) { + $user = user_load(array('uid' => $uid)); // Validate the username: if (user_access('change own username') || user_access('administer users')) { if ($error = user_validate_name($edit['name'])) { @@ -1200,8 +1205,8 @@ form_set_error('name', t('The name %name has been denied access.', array('%name' => theme('placeholder', $edit['name'])))); } } - else { - unset($edit['name']); + elseif ($edit['name'] != $user->name) { + form_set_error('name', t('You do not have access to change this username')); } // Validate the e-mail address: @@ -1219,18 +1224,15 @@ if (user_access('administer access control') && $_GET['q'] != 'admin/user/create') { if (!$edit['roles']) { form_set_error('roles', t('You must select at least one role.')); - $edit['roles'] = array(); } } // If required, validate the uploaded picture. if ($file = file_check_upload('picture')) { - $user = user_load(array('uid' => $uid)); user_validate_picture($file, $edit, $user); } // Delete picture if requested, and if no replacement picture was given. else if ($edit['picture_delete']) { - $user = user_load(array('uid' => $uid)); if ($user->picture && file_exists($user->picture)) { file_delete($user->picture); } @@ -1241,16 +1243,19 @@ if ($edit['pass1']) { $edit['pass1'] = trim($edit['pass1']); $edit['pass2'] = trim($edit['pass2']); - if ($edit['pass1'] == $edit['pass2']) { - $edit['pass'] = $edit['pass1']; - } - else { + if ($edit['pass1'] != $edit['pass2']) { form_set_error('pass2', t('The specified passwords do not match.')); } } - unset($edit['pass1'], $edit['pass2']); - - return $edit; +} + +function _user_edit_submit($uid, &$edit) { + $pass = trim($edit['pass1']); + if (!empty($pass)) { + $edit['pass'] = $pass; + unset($edit['pass1'], $edit['pass2']); + } + $edit['roles'] = array_filter($edit['roles']); } function user_edit($category = 'account') { @@ -1304,7 +1309,10 @@ function user_edit_submit($form_id, $form_values) { $account = $form_values['_account']; - user_save($account, $form_values, $form_values['_category']); + $category = $form_values['_category']; + unset($form_values['_account'], $form_values['submit'], $form_values['delete'], $form_values['form_id'], $form_values['_category']); + user_module_invoke('submit', $form_values, $form_values, $category); + user_save($account, $form_values, $category); // Delete that user's menu cache. cache_clear_all('menu:'. $account->uid, TRUE); drupal_set_message(t('The changes have been saved.'));