1.20.x user.module | user_account_form(&$form, &$form_state) |
Helper function to add default user account fields to user registration and edit form.
See also
user_validate_mail()
user_password_policy_validate()
File
- modules/
user/ user.module, line 757 - Enables the user registration and login system.
Code
function user_account_form(&$form, &$form_state) {
global $user;
$site_config = config('system.core');
$account = $form['#user'];
$register = ($form['#user']->uid > 0 ? FALSE : TRUE);
$admin_users = user_access('administer users');
$admin_roles = user_access('assign roles');
$form['#validate'][] = 'user_account_form_validate';
module_load_include('password.inc', 'user', 'user');
$reject_weak = user_password_reject_weak($user->name);
if ($reject_weak) {
$form['#validate'][] = 'user_password_policy_validate';
}
// Account information.
$form['account'] = array(
'#type' => 'container',
'#weight' => -10,
);
// Only show name field on registration form or user can change own username.
$form['account']['name'] = array(
'#type' => 'textfield',
'#title' => t('Username'),
'#maxlength' => USERNAME_MAX_LENGTH,
'#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'),
'#required' => TRUE,
'#attributes' => array('class' => array('username')),
'#default_value' => (!$register ? $account->name : ''),
'#access' => ($register || ($user->uid == $account->uid && user_access('change own username')) || $admin_users),
'#weight' => -10,
);
// Autofocus the username field (on the registration form only).
if ($register) {
$form['account']['name']['#attributes']['autofocus'] = 'autofocus';
}
$form['account']['mail'] = array(
'#type' => 'email',
'#title' => t('E-mail address'),
'#description' => t('A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'),
'#required' => TRUE,
'#default_value' => (!$register ? $account->mail : ''),
);
// Display password field only for existing users or when user is allowed to
// assign a password during registration.
if (!$register) {
$form['account']['pass'] = array(
'#title' => t('New password'),
'#type' => 'password',
'#password_toggle' => TRUE,
'#password_strength' => TRUE,
);
// To skip the current password field, the user must have logged in via a
// one-time link and have the token in the URL. Store this in $form_state
// so it persists even on subsequent Ajax requests.
if (!isset($form_state['user_pass_reset'])) {
$form_state['user_pass_reset'] = isset($_SESSION['pass_reset_' . $account->uid]) && isset($_GET['pass-reset-token']) && ($_GET['pass-reset-token'] == $_SESSION['pass_reset_' . $account->uid]);
}
$protected_values = array();
$current_pass_description = '';
// The user may only change their own password without their current
// password if they logged in via a one-time login link.
if (!$form_state['user_pass_reset']) {
$protected_values['mail'] = $form['account']['mail']['#title'];
$protected_values['pass'] = t('Password');
$request_new = l(t('Reset password'), 'user/password', array('attributes' => array('title' => t('Reset password via one-time login link.'))));
$current_pass_description = t('Required if you want to change the %mail or %pass below. !request_new.', array('%mail' => $protected_values['mail'], '%pass' => $protected_values['pass'], '!request_new' => $request_new));
}
// The user must enter their current password to change to a new one.
if ($user->uid == $account->uid) {
$form['account']['current_pass_required_values'] = array(
'#type' => 'value',
'#value' => $protected_values,
);
$form['account']['current_pass'] = array(
'#type' => 'password',
'#title' => t('Current password'),
'#access' => !empty($protected_values),
'#description' => $current_pass_description,
'#weight' => -5,
'#password_toggle' => TRUE,
// Do not let web browsers remember this password, since we are
// trying to confirm that the person submitting the form actually
// knows the current one.
'#attributes' => array('autocomplete' => 'off'),
);
$form['#validate'][] = 'user_validate_current_pass';
}
}
else {
if (!$site_config->get('user_email_verification') && !$admin_users) {
// Someone registers a new account and may set a password directly.
$form['account']['pass'] = array(
'#type' => 'password',
'#title' => t('Password'),
'#password_toggle' => TRUE,
'#password_strength' => TRUE,
'#required' => TRUE,
);
}
if ($admin_users) {
// An admin creates an account.
$form['account']['notify'] = array(
'#type' => 'checkbox',
'#title' => t('Notify user of new account'),
'#default_value' => 1,
'#description' => t('The user will receive an email with a one-time login link which leads to a page where they can set their password.'),
);
$form['account']['pass'] = array(
'#type' => 'password',
'#title' => t('Password'),
'#password_toggle' => TRUE,
'#password_strength' => TRUE,
'#required' => FALSE,
'#element_validate' => array('user_pass_required_validate'),
'#states' => array(
'visible' => array(
':input[name="notify"]' => array('checked' => FALSE),
),
'required' => array(
':input[name="notify"]' => array('checked' => FALSE),
),
),
);
}
}
$description = !$register && $user->uid == $account->uid ? t('The current password must be entered to set a new password.') : '';
// If weak passwords are being rejected, append the list of password strength
// criteria to the help text of the password field.
if ($reject_weak) {
$description .= !empty($description) ? '<br /><br />' : '';
$description .= _user_password_policy_help();
}
$form['account']['pass']['#description'] = $description;
$form['account_settings'] = array(
'#type' => 'fieldset',
'#title' => t('Account settings'),
'#weight' => 1,
'#access' => $admin_users || $admin_roles,
'#collapsible' => TRUE,
'#group' => 'additional_settings',
);
if ($admin_users) {
$status = isset($account->status) ? $account->status : 1;
}
else {
$status = $register ? $site_config->get('user_register') == USER_REGISTER_VISITORS : $account->status;
}
$form['account_settings']['status'] = array(
'#type' => 'radios',
'#title' => t('Status'),
'#default_value' => $status,
'#options' => array(t('Blocked'), t('Active')),
'#access' => $admin_users,
);
$roles = array_map('check_plain', user_roles(TRUE));
$form['account_settings']['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => (!$register && isset($account->roles) ? $account->roles : array()),
'#options' => $roles,
'#access' => $roles && $admin_roles,
);
$form['account_settings']['roles'][BACKDROP_AUTHENTICATED_ROLE] = array(
'#disabled' => TRUE,
'#value' => 'authenticated',
);
// Signature.
$form['signature_settings'] = array(
'#type' => 'fieldset',
'#title' => t('Signature settings'),
'#weight' => 2,
'#access' => (!$register && $site_config->get('user_signatures')),
);
$form['signature_settings']['signature'] = array(
'#type' => 'text_format',
'#title' => t('Signature'),
'#default_value' => isset($account->signature) ? $account->signature : '',
'#description' => t('Your signature will be publicly displayed at the end of your comments.'),
'#format' => isset($account->signature_format) ? $account->signature_format : NULL,
);
// Picture/avatar.
$form['picture'] = array(
'#type' => 'fieldset',
'#title' => t('Picture'),
'#weight' => 2,
'#access' => (!$register && $site_config->get('user_pictures')),
);
$form['picture']['picture'] = array(
'#type' => 'value',
'#value' => isset($account->picture) ? $account->picture : NULL,
);
$form['picture']['picture_current'] = array(
'#markup' => theme('user_picture', array('account' => $account)),
);
$form['picture']['picture_delete'] = array(
'#type' => 'checkbox',
'#title' => t('Delete picture'),
'#access' => !empty($account->picture->fid),
'#description' => t('Check this box to delete your current picture.'),
);
$form['picture']['picture_upload'] = array(
'#type' => 'file',
'#title' => t('Upload picture'),
'#size' => 48,
'#description' => t('Your virtual face or picture. Pictures larger than @dimensions pixels will be scaled down.', array('@dimensions' => $site_config->get('user_picture_dimensions'))) . ' ' . filter_xss_admin($site_config->get('user_picture_guidelines')),
);
$form['#validate'][] = 'user_validate_picture';
}