You are here

Home » API reference » Drupal 6 » user.pages.inc

function user_edit_validate in Drupal 6

Same name and namespace in other branches
  1. 4 modules/user.module \user_edit_validate()
  2. 5 modules/user/user.module \user_edit_validate()

File

modules/user/user.pages.inc, line 342
User page callback file for the user module.

Code

function user_edit_validate($form, &$form_state) {
  user_module_invoke('validate', $form_state['values'], $form_state['values']['_account'], $form_state['values']['_category']);

  // Validate input to ensure that non-privileged users can't alter protected data.
  if (!user_access('administer users') && array_intersect(array_keys($form_state['values']), array(
    'uid',
    'init',
    'session',
  )) || !user_access('administer permissions') && isset($form_state['values']['roles'])) {
    watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);

    // set this to a value type field
    form_set_error('category', t('Detected malicious attempt to alter protected user fields.'));
  }
}