/program/modules/mypage/mypage_view.php - interface to the view-part of the mypage module
This file defines the interface with the mypage-module for viewing content. The interface consists of this function:
This function is called from /index.php when the node to display is connected to this module.
check the authorisation for a submitted dialogue
check if the remote caller is not blacklisted and see if $USER->username and $dialogdef['password']['value'] match.
validate entries in user password dialogue
construct the edit dialog for the password of the current user
heavily leans on see loginlib.php.
validate entries in user profile dialogue
exta validation: email address should contain at least one '@' (very crude) Also the user MUST reauthorise to let the changes have effect
construct the edit dialog for the profile of the current user
user must reauthenticate to let changes take effect hence the password field
save modified user profile in database and keep a copy in core
save the modified data to database and also in core (in $USER) and even in $_SESSION for a few selected parameters. Note that the username is always updated, even if the field is read/only in the dialogue. The source for that data is $USER so there should ne no harm.
display the content mypage linked to node $node_id
there are 4 different views: one if the user is not yet logged in:
1. a login dialogue (see mypage_view_login())and three when the user is logged in:
2. an overview (see mypage_view_home()), 3. a change profile dialogue (see mypage_view_profile()), and 4. a change password dialogue (see mypage_view_password()).
The idea is to present the user with a list of handy links, first links to managing the user's profile, then (if the user has privileges) links to admin.php and finally a list of areas that are accessible for the user (now she is logged in).
show links to profile, admin.php and available areas
this personal page contains links to places the user is allowed to go.
show a login dialog
build on loginlib: show login dialog. Actual processing is done in main_index() but eventually we end up at the node node_id.
show/process password dialogue
this dialogue requires both the old and the new password. the username is implied (because the user is logged in) The extra authentication is necessary to prevent a passer by to change a password on an unguarded screen.
The logic applied is re-used from see loginlib.php, including the blacklist mechanism; it is therefore not possible to brute force a new password.
We have only 1 submit button for save: we always return to the overview screen after changing the password.
Note that the new password has to be entered twice. This excercises the muscle memory for better remembering the password.
show/process profile dialogue
display a dialogue where the user can change a few properties of her own account. Notably missing: password (see see mypage_view_password()). Note that currently the username and the also the directory are not editable. The information is displayed, however.
Processing is also done via this routine. The dialog ends with three submit buttons: Save, Done and Cancel. Save and Done store the new values in the user record in the database AND in the global $USER object too. Save then shows the dialogue again, while Done returns to the overview. Cancel always returns to the overview without changing anything.
Documentation generated on Tue, 28 Jun 2016 19:10:35 +0200 by phpDocumentor 1.4.0