1 | <?php |
---|
2 | |
---|
3 | /** |
---|
4 | * Validate whether an argument is a valid user. |
---|
5 | * |
---|
6 | * This supports either numeric arguments (UID) or strings (username) and |
---|
7 | * converts either one into the user's UID. This validator also sets the |
---|
8 | * argument's title to the username. |
---|
9 | */ |
---|
10 | class views_plugin_argument_validate_user extends views_plugin_argument_validate { |
---|
11 | function validate_form(&$form, &$form_state) { |
---|
12 | // We are unable to rely on options having already been set, so let's make |
---|
13 | // sure defaults are here: |
---|
14 | if (!isset($this->argument->options['validate_user_argument_type'])) { |
---|
15 | $this->argument->options['validate_user_argument_type'] = 'uid'; |
---|
16 | $this->argument->options['validate_user_roles'] = array(); |
---|
17 | } |
---|
18 | |
---|
19 | $form['validate_user_argument_type'] = array( |
---|
20 | '#type' => 'radios', |
---|
21 | '#title' => t('Type of user argument to allow'), |
---|
22 | '#options' => array( |
---|
23 | 'uid' => t('Only allow numeric UIDs'), |
---|
24 | 'name' => t('Only allow string usernames'), |
---|
25 | 'either' => t('Allow both numeric UIDs and string usernames'), |
---|
26 | ), |
---|
27 | '#default_value' => $this->argument->options['validate_user_argument_type'], |
---|
28 | '#process' => array('expand_radios', 'views_process_dependency'), |
---|
29 | '#dependency' => array('edit-options-validate-type' => array($this->id)), |
---|
30 | '#prefix' => '<div id="edit-options-validate-user-argument-type-wrapper">', |
---|
31 | '#suffix' => '</div>', |
---|
32 | ); |
---|
33 | |
---|
34 | $form['validate_user_restrict_roles'] = array( |
---|
35 | '#type' => 'checkbox', |
---|
36 | '#title' => t('Restrict user based on role'), |
---|
37 | '#default_value' => !empty($this->argument->options['validate_user_restrict_roles']), |
---|
38 | '#process' => array('views_process_dependency'), |
---|
39 | '#dependency' => array('edit-options-validate-type' => array($this->id)), |
---|
40 | ); |
---|
41 | |
---|
42 | $form['validate_user_roles'] = array( |
---|
43 | '#type' => 'checkboxes', |
---|
44 | '#prefix' => '<div id="edit-options-validate-user-roles-wrapper">', |
---|
45 | '#suffix' => '</div>', |
---|
46 | '#title' => t('Restrict to the selected roles'), |
---|
47 | '#options' => user_roles(TRUE), |
---|
48 | '#default_value' => $this->argument->options['validate_user_roles'], |
---|
49 | '#description' => t('If no roles are selected, users from any role will be allowed.'), |
---|
50 | '#process' => array('expand_checkboxes', 'views_process_dependency'), |
---|
51 | '#dependency' => array( |
---|
52 | 'edit-options-validate-type' => array($this->id), |
---|
53 | 'edit-options-validate-user-restrict-roles' => array(1), |
---|
54 | ), |
---|
55 | '#dependency_count' => 2, |
---|
56 | ); |
---|
57 | } |
---|
58 | |
---|
59 | function validate_argument($argument) { |
---|
60 | $type = $this->argument->options['validate_user_argument_type']; |
---|
61 | // is_numeric() can return false positives, so we ensure it's an integer. |
---|
62 | // However, is_integer() will always fail, since $argument is a string. |
---|
63 | if (is_numeric($argument) && $argument == (int)$argument) { |
---|
64 | if ($type == 'uid' || $type == 'either') { |
---|
65 | if ($argument == $GLOBALS['user']->uid) { |
---|
66 | // If you assign an object to a variable in PHP, the variable |
---|
67 | // automatically acts as a reference, not a copy, so we use |
---|
68 | // drupal_clone() to ensure that we don't actually mess with the |
---|
69 | // real global $user object. |
---|
70 | $account = drupal_clone($GLOBALS['user']); |
---|
71 | } |
---|
72 | $where = 'uid = %d'; |
---|
73 | } |
---|
74 | } |
---|
75 | else { |
---|
76 | if ($type == 'name' || $type == 'either') { |
---|
77 | if ($argument == $GLOBALS['user']->name) { |
---|
78 | $account = drupal_clone($GLOBALS['user']); |
---|
79 | } |
---|
80 | $where = "name = '%s'"; |
---|
81 | } |
---|
82 | } |
---|
83 | |
---|
84 | // If we don't have a WHERE clause, the argument is invalid. |
---|
85 | if (empty($where)) { |
---|
86 | return FALSE; |
---|
87 | } |
---|
88 | |
---|
89 | if (!isset($account)) { |
---|
90 | $query = "SELECT uid, name FROM {users} WHERE $where"; |
---|
91 | $account = db_fetch_object(db_query($query, $argument)); |
---|
92 | } |
---|
93 | if (empty($account)) { |
---|
94 | // User not found. |
---|
95 | return FALSE; |
---|
96 | } |
---|
97 | |
---|
98 | // See if we're filtering users based on roles. |
---|
99 | if (!empty($this->argument->options['validate_user_restrict_roles']) && !empty($this->argument->options['validate_user_roles'])) { |
---|
100 | $roles = $this->argument->options['validate_user_roles']; |
---|
101 | $account->roles = array(); |
---|
102 | $account->roles[] = $account->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID; |
---|
103 | $result = db_query('SELECT rid FROM {users_roles} WHERE uid = %d', $account->uid); |
---|
104 | while ($role = db_fetch_object($result)) { |
---|
105 | $account->roles[] = $role->rid; |
---|
106 | } |
---|
107 | if (!(bool)array_intersect($account->roles, $roles)) { |
---|
108 | return FALSE; |
---|
109 | } |
---|
110 | } |
---|
111 | |
---|
112 | $this->argument->argument = $account->uid; |
---|
113 | $this->argument->validated_title = check_plain($account->name); |
---|
114 | return TRUE; |
---|
115 | } |
---|
116 | } |
---|
117 | |
---|