File/program/modules/mypage/mypage_view.php

Description

/program/modules/mypage/mypage_view.php - interface to the view-part of the mypage module

This file defines the interface with the mypage-module for viewing content. The interface consists of this function:

    mypage_view(&$output,$area_id,$node_id,$module)

This function is called from /index.php when the node to display is connected to this module.

Functions
mypage_authorisation (line 612)

check the authorisation for a submitted dialogue

check if the remote caller is not blacklisted and see if $USER->username and $dialogdef['password']['value'] match.

bool mypage_authorisation (object &$dialogdef)
  • object &$dialogdef: defines the dialog and will hold POSTed values
mypage_password_dialog_validate (line 553)

validate entries in user password dialogue

bool mypage_password_dialog_validate (object &$dialogdef)
  • object &$dialogdef: defines the dialog and will hold POSTed values
mypage_password_get_dialogdef (line 502)

construct the edit dialog for the password of the current user

heavily leans on see loginlib.php.

  • return: FALSE on error or array with dialog definition and existing data from database
bool|array mypage_password_get_dialogdef ()
mypage_profile_dialog_validate (line 424)

validate entries in user profile dialogue

exta validation: email address should contain at least one '@' (very crude) Also the user MUST reauthorise to let the changes have effect

  • return: TRUE if valid, else FALSE + messages added to dialogdef
bool mypage_profile_dialog_validate (object &$dialogdef, int $user_id)
  • object &$dialogdef: defines the dialog and will hold POSTed values
  • int $user_id: user to check
mypage_profile_get_dialogdef (line 325)

construct the edit dialog for the profile of the current user

user must reauthenticate to let changes take effect hence the password field

  • return: FALSE on error or array with dialog definition and data from $USER
  • todo: should we remove username and datadir altogether?
  • uses: $USER
  • uses: $LANGUAGE
bool|array mypage_profile_get_dialogdef ()
mypage_profile_save (line 462)

save modified user profile in database and keep a copy in core

save the modified data to database and also in core (in $USER) and even in $_SESSION for a few selected parameters. Note that the username is always updated, even if the field is read/only in the dialogue. The source for that data is $USER so there should ne no harm.

  • return: TRUE on success, FALSE on error
bool mypage_profile_save (object &$theme, object &$dialogdef, int $user_id)
  • object &$theme: collects the (html) output
  • object &$dialogdef: defines the dialog and holds POSTed values to save
  • int $user_id: user to check
mypage_view (line 63)

display the content mypage linked to node $node_id

there are 4 different views: one if the user is not yet logged in:

1. a login dialogue (see mypage_view_login())
and three when the user is logged in:
2. an overview (see mypage_view_home()),
3. a change profile dialogue (see mypage_view_profile()), and
4. a change password dialogue (see mypage_view_password()).

The idea is to present the user with a list of handy links, first links to managing the user's profile, then (if the user has privileges) links to admin.php and finally a list of areas that are accessible for the user (now she is logged in).

  • return: TRUE on success + output via $theme, FALSE otherwise
bool mypage_view (object &$theme, int $area_id, int $node_id, array $module)
  • object &$theme: collects the (html) output
  • int $area_id: identifies the area where $node_id lives
  • int $node_id: the node to which this module is connected
  • array $module: the module record straight from the database
mypage_view_home (line 112)

show links to profile, admin.php and available areas

this personal page contains links to places the user is allowed to go.

  • return: TRUE on success + output via $theme, FALSE otherwise
bool mypage_view_home (object &$theme, int $area_id, int $node_id)
  • object &$theme: collects the (html) output
  • int $area_id: identifies the area where $node_id lives
  • int $node_id: the node to which this module is connected
mypage_view_login (line 90)

show a login dialog

build on loginlib: show login dialog. Actual processing is done in main_index() but eventually we end up at the node node_id.

  • return: TRUE on success + output via $theme, FALSE otherwise
bool mypage_view_login (object &$theme, int $area_id, int $node_id)
  • object &$theme: collects the (html) output
  • int $node_id: the node to which this module is connected
  • int $area_id: identifies the area where $node_id lives
mypage_view_password (line 269)

show/process password dialogue

this dialogue requires both the old and the new password. the username is implied (because the user is logged in) The extra authentication is necessary to prevent a passer by to change a password on an unguarded screen.

The logic applied is re-used from see loginlib.php, including the blacklist mechanism; it is therefore not possible to brute force a new password.

We have only 1 submit button for save: we always return to the overview screen after changing the password.

Note that the new password has to be entered twice. This excercises the muscle memory for better remembering the password.

bool mypage_view_password (object &$theme, int $area_id, int $node_id)
  • object &$theme: collects the (html) output
  • int $area_id: identifies the area where $node_id lives
  • int $node_id: the node to which this module is connected
mypage_view_profile (line 202)

show/process profile dialogue

display a dialogue where the user can change a few properties of her own account. Notably missing: password (see see mypage_view_password()). Note that currently the username and the also the directory are not editable. The information is displayed, however.

Processing is also done via this routine. The dialog ends with three submit buttons: Save, Done and Cancel. Save and Done store the new values in the user record in the database AND in the global $USER object too. Save then shows the dialogue again, while Done returns to the overview. Cancel always returns to the overview without changing anything.

  • return: TRUE on success, FALSE otherwise
bool mypage_view_profile (object &$theme, int $area_id, int $node_id)
  • object &$theme: collects the (html) output
  • int $area_id: identifies the area where $node_id lives
  • int $node_id: the node to which this module is connected

Documentation generated on Tue, 28 Jun 2016 19:10:35 +0200 by phpDocumentor 1.4.0