Home » API reference » user.module

user_edit

Versions
4.6 – 5
user_edit($category = 'account')
6
user_edit($account, $category = 'account')

Code

modules/user.module, line 1151

<?php
function user_edit($category = 'account') {
  global $user;

  $account = user_load(array('uid' => arg(1)));
  $edit = $_POST['op'] ? $_POST['edit'] : object2array($account);

  if ($_POST['op'] == t('Submit')) {
    user_module_invoke('validate', $edit, $account, $category);

    if (!form_get_errors()) {
      // Validate input to ensure that non-privileged users can't alter protected data.
      if (!user_access('administer users') && array_intersect(array_keys($edit), array('uid', 'roles', 'init', 'session'))) {
        watchdog('security', t('Detected malicious attempt to alter protected user fields.'), WATCHDOG_WARNING);
      }
      else {
        user_save($account, $edit, $category);
        // Delete that user's menu cache.
        cache_clear_all('menu:'. $account->uid, TRUE);
        drupal_set_message(t('The changes have been saved.'));
        drupal_goto("user/$account->uid");
      }
    }
  }
  else if (arg(2) == 'delete' || $_POST['op'] == t('Delete')) {
    $breadcrumb[] = array('path' => 'admin/users', 'title' => 'administer users');
    $breadcrumb[] = array('path' => 'user/'. arg(1) .'/delete', 'title' => t('delete'));
    menu_set_location($breadcrumb);
    if ($edit['confirm']) {
      db_query('DELETE FROM {users} WHERE uid = %d', $account->uid);
      db_query('DELETE FROM {sessions} WHERE uid = %d', $account->uid);
      db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
      db_query('DELETE FROM {authmap} WHERE uid = %d', $account->uid);
      drupal_set_message(t('The account has been deleted.'));
      module_invoke_all('user', 'delete', $edit, $account);
      drupal_goto('admin/user');
    }
    else {
      $output = theme('confirm',
                      t('Are you sure you want to delete the account %name?', array('%name' => theme('placeholder', $account->name))),
                      'user/'. $account->uid,
                      t('Deleting a user will remove all their submissions as well. This action cannot be undone.'),
                      t('Delete'));
      print theme('page', $output);
      return;
    }
  }

  $output  = _user_forms($edit, $account, $category);
  $output .= form_submit(t('Submit'));
  if (user_access('administer users')) {
    $output .= form_submit(t('Delete'));
  }
  $output = form($output, 'post', 0, array('enctype' => 'multipart/form-data'));

  drupal_set_title(check_plain($account->name));
  print theme('page', $output);
}
?>
Login or register to post comments
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.