1 | <?php |
---|
2 | |
---|
3 | /** |
---|
4 | * Validate whether an argument is a valid user. |
---|
5 | * |
---|
6 | * This supports either numeric arguments (UID) or strings (username) and |
---|
7 | * converts either one into the user's UID. This validator also sets the |
---|
8 | * argument's title to the username. |
---|
9 | */ |
---|
10 | class views_plugin_argument_validate_user extends views_plugin_argument_validate { |
---|
11 | function option_definition() { |
---|
12 | $options = parent::option_definition(); |
---|
13 | $options['type'] = array('default' => 'uid'); |
---|
14 | $options['restrict_roles'] = array('default' => FALSE); |
---|
15 | $options['roles'] = array('default' => array()); |
---|
16 | |
---|
17 | return $options; |
---|
18 | } |
---|
19 | |
---|
20 | function options_form(&$form, &$form_state) { |
---|
21 | $form['type'] = array( |
---|
22 | '#type' => 'radios', |
---|
23 | '#title' => t('Type of user argument to allow'), |
---|
24 | '#options' => array( |
---|
25 | 'uid' => t('Only allow numeric UIDs'), |
---|
26 | 'name' => t('Only allow string usernames'), |
---|
27 | 'either' => t('Allow both numeric UIDs and string usernames'), |
---|
28 | ), |
---|
29 | '#default_value' => $this->options['type'], |
---|
30 | ); |
---|
31 | |
---|
32 | $form['restrict_roles'] = array( |
---|
33 | '#type' => 'checkbox', |
---|
34 | '#title' => t('Restrict user based on role'), |
---|
35 | '#default_value' => $this->options['restrict_roles'], |
---|
36 | ); |
---|
37 | |
---|
38 | $form['roles'] = array( |
---|
39 | '#type' => 'checkboxes', |
---|
40 | '#prefix' => '<div id="edit-options-argument-validate-user-roles-wrapper">', |
---|
41 | '#suffix' => '</div>', |
---|
42 | '#title' => t('Restrict to the selected roles'), |
---|
43 | '#options' => user_roles(TRUE), |
---|
44 | '#default_value' => $this->options['roles'], |
---|
45 | '#description' => t('If no roles are selected, users from any role will be allowed.'), |
---|
46 | '#process' => array('expand_checkboxes', 'views_process_dependency'), |
---|
47 | '#dependency' => array( |
---|
48 | 'edit-options-argument-validate-user-restrict-roles' => array(1), |
---|
49 | ), |
---|
50 | ); |
---|
51 | } |
---|
52 | |
---|
53 | function options_submit($form, &$form_state, &$options) { |
---|
54 | // filter trash out of the options so we don't store giant unnecessary arrays |
---|
55 | $options['roles'] = array_filter($options['roles']); |
---|
56 | } |
---|
57 | |
---|
58 | function convert_options(&$options) { |
---|
59 | if (!isset($options['type']) && isset($this->argument->options['validate_user_argument_type'])) { |
---|
60 | $options['type'] = $this->argument->options['validate_user_argument_type']; |
---|
61 | $options['restrict_roles'] = $this->argument->options['validate_user_restrict_roles']; |
---|
62 | $options['roles'] = $this->argument->options['validate_user_roles']; |
---|
63 | } |
---|
64 | } |
---|
65 | |
---|
66 | function validate_argument($argument) { |
---|
67 | $type = $this->options['type']; |
---|
68 | // is_numeric() can return false positives, so we ensure it's an integer. |
---|
69 | // However, is_integer() will always fail, since $argument is a string. |
---|
70 | if (is_numeric($argument) && $argument == (int)$argument) { |
---|
71 | if ($type == 'uid' || $type == 'either') { |
---|
72 | if ($argument == $GLOBALS['user']->uid) { |
---|
73 | // If you assign an object to a variable in PHP, the variable |
---|
74 | // automatically acts as a reference, not a copy, so we use |
---|
75 | // drupal_clone() to ensure that we don't actually mess with the |
---|
76 | // real global $user object. |
---|
77 | $account = drupal_clone($GLOBALS['user']); |
---|
78 | } |
---|
79 | $where = 'uid = %d'; |
---|
80 | } |
---|
81 | } |
---|
82 | else { |
---|
83 | if ($type == 'name' || $type == 'either') { |
---|
84 | if ($argument == $GLOBALS['user']->name) { |
---|
85 | $account = drupal_clone($GLOBALS['user']); |
---|
86 | } |
---|
87 | $where = "name = '%s'"; |
---|
88 | } |
---|
89 | } |
---|
90 | |
---|
91 | // If we don't have a WHERE clause, the argument is invalid. |
---|
92 | if (empty($where)) { |
---|
93 | return FALSE; |
---|
94 | } |
---|
95 | |
---|
96 | if (!isset($account)) { |
---|
97 | $query = "SELECT uid, name FROM {users} WHERE $where"; |
---|
98 | $account = db_fetch_object(db_query($query, $argument)); |
---|
99 | } |
---|
100 | if (empty($account)) { |
---|
101 | // User not found. |
---|
102 | return FALSE; |
---|
103 | } |
---|
104 | |
---|
105 | // See if we're filtering users based on roles. |
---|
106 | if (!empty($this->options['restrict_roles']) && !empty($this->options['roles'])) { |
---|
107 | $roles = $this->options['roles']; |
---|
108 | $account->roles = array(); |
---|
109 | $account->roles[] = $account->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID; |
---|
110 | $result = db_query('SELECT rid FROM {users_roles} WHERE uid = %d', $account->uid); |
---|
111 | while ($role = db_fetch_object($result)) { |
---|
112 | $account->roles[] = $role->rid; |
---|
113 | } |
---|
114 | if (!(bool) array_intersect($account->roles, $roles)) { |
---|
115 | return FALSE; |
---|
116 | } |
---|
117 | } |
---|
118 | |
---|
119 | $this->argument->argument = $account->uid; |
---|
120 | $this->argument->validated_title = isset($account->name) ? check_plain($account->name) : check_plain(variable_get('anonymous', t('Anonymous'))); |
---|
121 | return TRUE; |
---|
122 | } |
---|
123 | } |
---|