You are here

function user_save in Drupal 5

Same name and namespace in other branches
  1. 4 modules/user.module \user_save()
  2. 6 modules/user/user.module \user_save()
  3. 7 modules/user/user.module \user_save()

Save changes to a user account or add a new user.

Parameters

$account: The $user object for the user to modify or add. If $user->uid is omitted, a new user will be added.

$array: An array of fields and values to save. For example array('name' => 'My name'); Setting a field to NULL deletes it from the data column.

$category: (optional) The category for storing profile information in.

8 calls to user_save()
comment_controls_submit in modules/comment/comment.module
system_admin_compact_page in modules/system/system.module
user_authenticate in modules/user/user.module
user_edit_submit in modules/user/user.module
user_multiple_role_edit in modules/user/user.module
Callback function for admin mass adding/deleting a user role.

... See full list

File

modules/user/user.module, line 106
Enables the user registration and login system.

Code

function user_save($account, $array = array(), $category = 'account') {

  // Dynamically compose a SQL query:
  $user_fields = user_fields();
  if ($account->uid) {
    user_module_invoke('update', $array, $account, $category);
    $data = unserialize(db_result(db_query('SELECT data FROM {users} WHERE uid = %d', $account->uid)));

    // Consider users edited by an administrator as logged in, if they haven't
    // already, so anonymous users can view the profile (if allowed).
    if (empty($array['access']) && empty($account->access) && user_access('administer users')) {
      $array['access'] = time();
    }
    foreach ($array as $key => $value) {
      if ($key == 'pass' && !empty($value)) {
        $query .= "{$key} = '%s', ";
        $v[] = md5($value);
      }
      else {
        if (substr($key, 0, 4) !== 'auth' && $key != 'pass') {
          if (in_array($key, $user_fields)) {

            // Save standard fields
            $query .= "{$key} = '%s', ";
            $v[] = $value;
          }
          else {
            if ($key != 'roles') {

              // Roles is a special case: it used below.
              if ($value === NULL) {
                unset($data[$key]);
              }
              else {
                $data[$key] = $value;
              }
            }
          }
        }
      }
    }
    $query .= "data = '%s' ";
    $v[] = serialize($data);
    db_query("UPDATE {users} SET {$query} WHERE uid = %d", array_merge($v, array(
      $account->uid,
    )));

    // Reload user roles if provided
    if (is_array($array['roles'])) {
      db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid);
      foreach (array_keys($array['roles']) as $rid) {
        if (!in_array($rid, array(
          DRUPAL_ANONYMOUS_RID,
          DRUPAL_AUTHENTICATED_RID,
        ))) {
          db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $account->uid, $rid);
        }
      }
    }

    // Delete a blocked user's sessions to kick them if they are online.
    if (isset($array['status']) && $array['status'] == 0) {
      sess_destroy_uid($account->uid);
    }

    // If the password changed, delete all open sessions and recreate
    // the current one.
    if (!empty($array['pass'])) {
      sess_destroy_uid($account->uid);
      sess_regenerate();
    }

    // Refresh user object
    $user = user_load(array(
      'uid' => $account->uid,
    ));
    user_module_invoke('after_update', $array, $user, $category);
  }
  else {
    $array['uid'] = db_next_id('{users}_uid');
    if (!isset($array['created'])) {

      // Allow 'created' to be set by hook_auth
      $array['created'] = time();
    }

    // Consider users created by an administrator as already logged in, so
    // anonymous users can view the profile (if allowed).
    if (empty($array['access']) && user_access('administer users')) {
      $array['access'] = time();
    }

    // Note, we wait with saving the data column to prevent module-handled
    // fields from being saved there. We cannot invoke hook_user('insert') here
    // because we don't have a fully initialized user object yet.
    foreach ($array as $key => $value) {
      switch ($key) {
        case 'pass':
          $fields[] = $key;
          $values[] = md5($value);
          $s[] = "'%s'";
          break;
        case 'uid':
        case 'mode':
        case 'sort':
        case 'threshold':
        case 'created':
        case 'access':
        case 'login':
        case 'status':
          $fields[] = $key;
          $values[] = $value;
          $s[] = "%d";
          break;
        default:
          if (substr($key, 0, 4) !== 'auth' && in_array($key, $user_fields)) {
            $fields[] = $key;
            $values[] = $value;
            $s[] = "'%s'";
          }
          break;
      }
    }
    db_query('INSERT INTO {users} (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $s) . ')', $values);

    // Build the initial user object.
    $user = user_load(array(
      'uid' => $array['uid'],
    ));
    user_module_invoke('insert', $array, $user, $category);

    // Build and save the serialized data field now
    $data = array();
    foreach ($array as $key => $value) {
      if (substr($key, 0, 4) !== 'auth' && $key != 'roles' && !in_array($key, $user_fields) && $value !== NULL) {
        $data[$key] = $value;
      }
    }
    db_query("UPDATE {users} SET data = '%s' WHERE uid = %d", serialize($data), $user->uid);

    // Save user roles (delete just to be safe).
    if (is_array($array['roles'])) {
      db_query('DELETE FROM {users_roles} WHERE uid = %d', $array['uid']);
      foreach (array_keys($array['roles']) as $rid) {
        if (!in_array($rid, array(
          DRUPAL_ANONYMOUS_RID,
          DRUPAL_AUTHENTICATED_RID,
        ))) {
          db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $array['uid'], $rid);
        }
      }
    }

    // Build the finished user object.
    $user = user_load(array(
      'uid' => $array['uid'],
    ));
  }

  // Save distributed authentication mappings
  $authmaps = array();
  foreach ($array as $key => $value) {
    if (substr($key, 0, 4) == 'auth') {
      $authmaps[$key] = $value;
    }
  }
  if (sizeof($authmaps) > 0) {
    user_set_authmaps($user, $authmaps);
  }
  return $user;
}