Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
We're running into this problem trying to add profile and field tokens for users. There aren't any field API fields or profile fields loaded into the global user object, and are unavailable when we try to provide tokens for them. We really, really need to provide the result of user_load() rather than just passing global $user;
.
Comment | File | Size | Author |
---|---|---|---|
#7 | 967330-current-user-token-load-D7.patch | 4.79 KB | Dave Reid |
#5 | 967330-current-user-token-load-D7.patch | 4.66 KB | Dave Reid |
#1 | 967330-current-user-token-load-D7.patch | 851 bytes | Dave Reid |
Comments
Comment #1
Dave ReidComment #2
BenK CreditAttribution: BenK commentedSubscribing...
Comment #3
Dave ReidThis is a blocker for both #125640: Profile tokens and #691078: Field tokens in token module.
Comment #4
Dave ReidComment #5
Dave ReidRevised patch that also fixes that format_username() should always be sanitized with check_plain(), since that's exactly what it says in its doc page.
Comment #7
Dave ReidError with what parameter was passed to format_username().
Comment #8
fagoHm, the question is what would one expect when using the [user:name] token - the name the user has input in the user name field or the formatted user name, which may have been altered by modules. I think, it should be the first, while I agree the formatted user name should be available somewhere too, e.g. as [user].
Comment #9
fago@loading the full-account object:
Definitively, passing half-baken objects around is evil.
Comment #10
Dave Reid@fago As per #9 care to RTBC? :)
Comment #11
moshe weitzman CreditAttribution: moshe weitzman commentedLooks good. Thx.
Comment #12
fagoWith that patch, how would I get just the user-name as entered by users if a module implements hook_username_alter()?
Comment #13
Dave ReidSame as before the patch. This had no change to the [user:name] token, just to how it was tested. Realname for D7 adds a [user:name-raw] token if it doesn't already exist.
Comment #14
webchickHm. Does this need to be benchmarked? How often is this going to get called?
Comment #15
Dave ReidIt's only used when people use [current-user:*] tokens and performing token replacement, so not exactly too often.
Comment #16
Dave ReidSo in other words, when this happens in core, it's not on every page, and it's only when responding to certain events. Marking back to RTBC.
Comment #17
moshe weitzman CreditAttribution: moshe weitzman commentedWell, we statically cache users so user_load() would typically run once and even then would be called only if user specifically requested this token. You can imagine scenarios like a mail merge where we load many users but those are not going to be performance sensitive operations. I don't think we have a performance concern here.
Comment #18
webchickOkie doke then.
Committed to HEAD. Thanks!