You are here

legal.module in Legal 5

File

legal.module
View source
<?php

function legal_help($section = 'admin/help#legal') {
  $output = '';
  switch ($section) {
    case 'admin/help#legal':
      $output .= t('Display a Terms & Conditions statement on the registration page, require visitor to accept T&C to register.');
      $output .= t('When a user creates an account they are required to accept your Terms & Conditions to complete their registration.');
      break;
    case 'admin/settings/legal':
      $output .= t('Display a Terms & Conditions statement on the registration page, require visitor to accept the T&C to register. ');
      $output .= t("A !page displaying your T&C will be automatically created, access to this page can be set via the !access administration page.", array(
        '!page' => l('page', 'legal'),
        '!access' => l('access control', 'admin/user/access'),
      ));
  }
  return $output;
}
function legal_perm() {
  return array(
    'administer Terms and Conditions',
    'view Terms and Conditions',
  );
}
function legal_access($op, $node) {
  if ($op == 'view' && (user_access('view Terms and Conditions') || user_access('administer Terms and Conditions'))) {
    return TRUE;
  }
}
function legal_menu($may_cache) {
  $items = array();
  if ($may_cache) {
    $items[] = array(
      'path' => 'admin/settings/legal',
      'title' => t('Legal'),
      'callback' => 'drupal_get_form',
      'callback arguments' => array(
        'legal_administration',
      ),
      'access' => user_access('administer Terms and Conditions'),
      'description' => t('Display Terms and Conditions statement on the registration page.'),
    );
    $items[] = array(
      'path' => 'legal',
      'title' => t('Terms and Conditions'),
      'callback' => 'legal_page',
      'access' => user_access('view Terms and Conditions'),
      'type' => MENU_CALLBACK,
    );
  }
  else {
    $items[] = array(
      'path' => 'legal_accept',
      'title' => t('Terms and Conditions'),
      'callback' => 'drupal_get_form',
      'callback arguments' => array(
        'legal_login',
      ),
      'access' => TRUE,
      'type' => MENU_CALLBACK,
    );
  }
  return $items;
}
function legal_display_fields($conditions) {
  $form = array();
  $accept_label = t('<strong>Accept</strong> Terms & Conditions of Use');
  $form['current_id'] = array(
    '#type' => 'value',
    '#value' => $conditions['tc_id'],
  );
  $form['current_date'] = array(
    '#type' => 'value',
    '#value' => $conditions['date'],
  );
  $form['display'] = array(
    '#type' => 'value',
    '#value' => variable_get('legal_display', '0'),
  );
  $form['legal'] = array(
    '#type' => 'fieldset',
    '#title' => t('Terms and Conditions of Use'),
    '#weight' => 29,
  );
  switch (variable_get('legal_display', '0')) {
    case 1:

    // scroll box (CSS)
    case 2:

      // HTML
      $form['legal']['conditions'] = array(
        '#value' => filter_xss_admin($conditions['conditions']),
      );
      break;
    case 3:

      // Page Link
      $form['legal']['conditions'] = array(
        '#value' => ' ',
      );
      $accept_label = t('<strong>Accept</strong> !terms of Use', array(
        '!terms' => l('Terms & Conditions', 'legal'),
      ));
      break;
    default:

      // scroll box (HTML)
      $form['legal']['conditions'] = array(
        '#type' => 'textarea',
        '#title' => t('Terms & Conditions'),
        '#default_value' => $conditions['conditions'],
        '#value' => $conditions['conditions'],
        '#rows' => 10,
        '#weight' => 0,
        '#attributes' => array(
          'readonly' => '',
        ),
      );
  }
  if (!empty($conditions['extras'])) {
    while (list($key, $label) = each($conditions['extras'])) {
      if (!empty($label)) {
        $form['legal'][$key] = array(
          '#type' => 'checkbox',
          '#title' => filter_xss_admin($label),
          '#default_value' => 0,
          '#weight' => 2,
          '#required' => TRUE,
        );
      }
    }
  }
  $form['legal']['legal_accept'] = array(
    '#type' => 'checkbox',
    '#title' => $accept_label,
    '#default_value' => 0,
    '#weight' => 50,
    '#required' => TRUE,
  );
  return $form;
}
function legal_page() {
  $conditions = legal_get_conditions();
  $output = '';
  switch (variable_get('legal_display', '0')) {
    case 0:

      // Scroll Box
      $output = nl2br(strip_tags($conditions['conditions']));
      break;
    case 1:

    // CSS Scroll Box with HTML
    case 2:

    // HTML
    case 3:

      // Page Link
      $output = filter_xss_admin($conditions['conditions']);
      break;
  }
  return $output;
}
function legal_administration() {
  $conditions = legal_get_conditions();
  $form = legal_display_fields($conditions);
  $form['conditions'] = array(
    '#type' => 'textarea',
    '#title' => t('Terms & Conditions'),
    '#default_value' => $conditions['conditions'],
    '#description' => t('Your Terms & Conditions'),
    '#required' => TRUE,
  );

  // overide accept checbox requirement on preview
  $form['legal']['legal_accept']['#required'] = FALSE;

  // overide display setting
  $form['display'] = array(
    '#type' => 'radios',
    '#title' => t('Display Style'),
    '#default_value' => variable_get('legal_display', '0'),
    '#options' => array(
      t('Scroll Box'),
      t('Scroll Box (CSS)'),
      t('HTML Text'),
      t('Page Link'),
    ),
    '#description' => t('How terms & conditions should be displayed to users.'),
    '#required' => TRUE,
  );

  // additional checkboxes
  $form['extras'] = array(
    '#type' => 'fieldset',
    '#title' => t('Additional Checkboxes'),
    '#description' => t('Each field will be shown as a checkbox which the user must tick to register.'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
    '#tree' => TRUE,
  );
  $extras_count = count($conditions['extras']);
  if ($extras_count < 5) {
    $extras_count = 5;
  }
  for ($counter = 1; $counter <= $extras_count; $counter++) {
    $form['extras']['extras-' . $counter] = array(
      '#type' => 'textfield',
      '#title' => t('Label'),
      '#default_value' => $conditions['extras']['extras-' . $counter],
    );

    // overide extra checkboxes
    $form['legal']['extras-' . $counter] = array(
      '#type' => 'checkbox',
      '#title' => filter_xss_admin($conditions['extras']['extras-' . $counter]),
      '#default_value' => 0,
      '#weight' => 2,
      '#required' => FALSE,
    );
  }

  // notes about changes to T&C
  $form['changes'] = array(
    '#type' => 'fieldset',
    '#title' => t('Explain Changes'),
    '#description' => t('Explain what changes were made to the T&C since the last version. This will only be shown to users who accepted a previous version. Each line will automatically be shown as a bullet point.'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );
  $form['changes']['changes'] = array(
    '#type' => 'textarea',
    '#title' => t('Changes'),
  );
  $form['#after_build'] = array(
    'legal_preview',
  );
  $form['preview'] = array(
    '#type' => 'button',
    '#value' => t('Preview'),
  );
  $form['save'] = array(
    '#type' => 'submit',
    '#value' => t('Save'),
  );
  return $form;
}
function legal_preview($form, $form_values) {
  switch ($form['display']['#value']) {
    case 1:

    // scroll box (CSS)
    case 2:

      // HTML
      $form['legal']['conditions'] = array(
        '#value' => filter_xss_admin($form['conditions']['#value']),
      );
      $form['legal']['legal_accept']['#title'] = t('<strong>Accept</strong> Terms & Conditions of Use');
      break;
    case 3:

      // Page Link
      $form['legal']['conditions'] = array(
        '#value' => ' ',
      );
      $form['legal']['legal_accept']['#title'] = t('<strong>Accept</strong> !terms of Use', array(
        '!terms' => l('Terms & Conditions', 'legal'),
      ));
      break;
    default:

      // scroll box (HTML)
      $form['legal']['conditions'] = array(
        '#type' => 'textarea',
        '#title' => t('Terms & Conditions'),
        '#value' => $form['conditions']['#value'],
        '#parents' => array(
          'legal',
        ),
        '#rows' => 10,
        '#attributes' => array(
          'readonly' => '',
        ),
      );
      $form['legal']['legal_accept']['#title'] = t('<strong>Accept</strong> Terms & Conditions of Use');
  }

  // overide additional checkboxes in preview
  if (!empty($form_values['extras'])) {
    while (list($key, $label) = each($form_values['extras'])) {
      if (empty($label)) {
        unset($form['legal'][$key]);
      }
      else {
        $form['legal'][$key]['#title'] = filter_xss_admin($label);
      }
    }
  }
  return $form;
}
function legal_administration_validate($form_id, $form_values) {
  if (empty($form_values['conditions'])) {
    form_set_error('conditions', t('Terms & Conditions must be entered.'));
  }
  return;
}
function legal_administration_submit($form_id, $form_values) {
  if ($form_values['op'] == t('Preview')) {
    return;
  }
  if (variable_get('legal_display', '0') != $form_values['display']) {
    variable_set('legal_display', $form_values['display']);
    drupal_set_message(t('Display setting has been saved.'));
  }

  // If new conditions are different from current permisions - enter in database
  if (legal_conditions_updated($form_values)) {
    db_query("INSERT INTO {legal_conditions} (tc_id, conditions, date, extras, changes) VALUES (NULL, '%s', %d, '%s', '%s')", $form_values['conditions'], time(), serialize($form_values['extras']), $form_values['changes']);
    drupal_set_message(t('Terms & Conditions have been saved.'));
  }
  cache_clear_all();
  return;
}
function theme_legal_administration($form) {
  if (empty($form['current_id']['#value'])) {
    $output = '<p><strong>' . t('Terms & Conditions will not be shown to users, as no T&C have been saved.') . '</strong></p>';
  }
  else {
    $output = '<h4>' . t('Current Version') . '</h4><p><strong>' . t('Version ID:') . '</strong> ' . $form['current_id']['#value'] . '<br /><strong>' . t('Last saved:') . '</strong> ' . date("l jS \\of F Y h:i:s A", $form['current_date']['#value']) . '</p>';
  }

  // preview
  if (empty($form['legal']['conditions']['#value'])) {
    drupal_render($form['legal']);
  }
  else {
    $output .= '<div id="preview">';
    $output .= '<h3>' . t('Preview') . '</h3>';
    $form = theme('legal_display', $form);
    $output .= drupal_render($form['legal']);
    $output .= '</div>';
  }
  $output .= drupal_render($form);
  return $output;
}
function theme_legal_display($form) {
  if (empty($form['legal']['conditions']['#value'])) {
    return;
  }

  // scroll box (CSS)
  if ($form['display']['#value'] == 1) {
    $path = base_path() . drupal_get_path('module', 'legal');
    drupal_add_css(drupal_get_path('module', 'legal') . '/legal.css');
    $form['legal']['conditions']['#prefix'] = '<div class="legal-terms">';
    $form['legal']['conditions']['#suffix'] = '</div>';
  }
  return $form;
}
function theme_legal_page($form) {
  if (empty($form['current_id']['#value'])) {
    return;
  }
  $form = theme('legal_display', $form);
  $output .= drupal_render($form);
  return $output;
}
function legal_user($op, &$edit, &$account, $category = FALSE) {
  global $user;
  switch ($op) {
    case 'login':
      $conditions = legal_get_conditions();
      if (empty($conditions['conditions'])) {
        return;
      }
      $accepted = legal_version_check($user->uid, $conditions['tc_id']);
      if ($accepted == TRUE || $user->uid == 1) {
        break;
      }
      $uid = $user->uid;

      // Destroy the current session:
      session_destroy();
      module_invoke_all('user', 'logout', NULL, $user);

      // We have to use $GLOBALS to unset a global variable:
      $user = user_load(array(
        'uid' => 0,
      ));
      unset($_REQUEST['destination']);
      $signatory = db_fetch_object(db_query('SELECT * FROM {users} WHERE uid = %d LIMIT 1', $uid));
      drupal_goto('legal_accept/' . $signatory->uid . '/' . md5($signatory->name . $signatory->password . $signatory->login));
      break;
    case 'register':
      $conditions = legal_get_conditions();
      if (empty($conditions['conditions'])) {
        return;
      }
      $form_fields = legal_display_fields($conditions);

      // disable checkbox if:
      // user is already registered (administrator)
      if (!empty($user->uid)) {
        $form_fields['legal']['legal_accept']['#attributes'] = array(
          'disabled' => 'disabled',
        );
        $form_fields['legal']['legal_accept']['#required'] = FALSE;
        reset($conditions['extras']);
        while (list($key, $label) = each($conditions['extras'])) {
          if (!empty($label)) {
            $form_fields['legal'][$key]['#attributes'] = array(
              'disabled' => 'disabled',
            );
            $form_fields['legal'][$key]['#required'] = FALSE;
          }
        }
      }
      else {
        $form_fields['legal']['legal_accept']['#default_value'] = $edit['legal_accept'];
      }
      $form = theme('legal_display', $form_fields);
      return $form;
    case 'form':
      $conditions = legal_get_conditions();
      if (empty($conditions['conditions'])) {
        return;
      }
      if ($category == 'account') {
        $form_fields = legal_display_fields($conditions);

        // check latest version of T&C has been accepted
        $accepted = legal_version_check($account->uid, $conditions['tc_id']);
        if ($accepted == TRUE) {
          $form_fields['legal']['legal_accept']['#value'] = 1;
          if (!empty($conditions['extras'])) {
            while (list($key, $label) = each($conditions['extras'])) {
              if (!empty($label)) {
                $form_fields['legal'][$key]['#value'] = 1;
              }
            }
          }
        }

        // disable checkbox if:
        // user is not account owner
        // latest T&C has already been accepted
        if ($account->uid != $user->uid || $accepted == TRUE) {
          $form_fields['legal']['legal_accept']['#attributes'] = array(
            'disabled' => 'disabled',
          );
          if (!empty($conditions['extras'])) {
            reset($conditions['extras']);
            while (list($key, $label) = each($conditions['extras'])) {
              if (!empty($label)) {
                $form_fields['legal'][$key]['#attributes'] = array(
                  'disabled' => 'disabled',
                );
              }
            }
          }
        }

        // not required if user is not account owner
        if ($account->uid != $user->uid) {
          $form_fields['legal']['legal_accept']['#required'] = FALSE;
          if (!empty($conditions['extras'])) {
            reset($conditions['extras']);
            while (list($key, $label) = each($conditions['extras'])) {
              if (!empty($label)) {
                $form_fields['legal'][$key]['#required'] = FALSE;
              }
            }
          }
        }

        // enable account owner to accept
        if ($account->uid == $user->uid && $accepted != TRUE) {
          $form_fields['legal']['legal_accept']['#default_value'] = $edit['legal_accept'];
          $form_fields['legal']['legal_accept']['#required'] = TRUE;
          if (!empty($conditions['extras'])) {
            reset($conditions['extras']);
            while (list($key, $label) = each($conditions['extras'])) {
              if (!empty($label)) {
                $form_fields['legal'][$key]['#default_value'] = $edit[$key];
                $form_fields['legal'][$key]['#required'] = TRUE;
              }
            }
          }
        }
        $form = theme('legal_display', $form_fields);
        return $form;
      }
      break;
    case 'update':
      $conditions = legal_get_conditions();
      if (empty($conditions['conditions'])) {
        return;
      }
      $edit['legal_accept'] = NULL;
      $edit['conditions'] = NULL;
      if (is_array($conditions['extras'])) {
        foreach ($conditions['extras'] as $key => $label) {
          $edit[$key] = NULL;
        }
      }
      if ($account->uid != $user->uid) {
        break;
      }

      // if already accepted skip data entry
      $accepted = legal_version_check($account->uid, $conditions['tc_id']);
      if ($accepted == TRUE) {
        break;
      }
      legal_save_accept($account->uid, $conditions['tc_id']);
      break;
    case 'insert':
      $conditions = legal_get_conditions();
      if (empty($conditions['conditions'])) {
        return;
      }
      $edit['legal_accept'] = NULL;
      $edit['conditions'] = NULL;
      foreach ($conditions['extras'] as $key => $label) {
        $edit[$key] = NULL;
      }

      // don't insert if user is already registered (administrator)
      if (!empty($user->uid)) {
        break;
      }
      legal_save_accept($account->uid, $conditions['tc_id']);
      break;
  }
  return;
}

// force registered users to accept new T&C
function legal_login($uid, $id_hash = NULL) {
  $conditions = legal_get_conditions();
  $form = legal_display_fields($conditions);
  $form['uid'] = array(
    '#type' => 'value',
    '#value' => $uid,
  );
  $form['id_hash'] = array(
    '#type' => 'value',
    '#value' => $id_hash,
  );
  $form['tc_id'] = array(
    '#type' => 'value',
    '#value' => $conditions['tc_id'],
  );
  $form = legal_display_changes($form, $uid);
  $form['save'] = array(
    '#type' => 'submit',
    '#value' => t('Confirm'),
  );
  return $form;
}
function legal_login_validate($form_id, $form_values) {
  $account = db_fetch_object(db_query('SELECT * FROM {users} WHERE uid = %d LIMIT 1', $form_values['uid']));
  $id_hash = md5($account->name . $account->password . $account->login);
  if ($id_hash != $form_values['id_hash']) {
    form_set_error('legal_accept', t('User ID cannot be identified.'));
    drupal_goto();
  }
  return;
}
function legal_login_submit($form_id, $form_values) {
  global $user;
  $user = user_load(array(
    'uid' => $form_values['uid'],
  ));
  legal_save_accept($user->uid, $form_values['tc_id']);
  watchdog('user', t('Session opened for %name.', array(
    '%name' => $user->name,
  )));

  // Update the user table timestamp noting user has logged in.
  db_query("UPDATE {users} SET login = '%d' WHERE uid = '%s'", time(), $user->uid);

  // user has new permissions, so we clear their menu cache
  cache_clear_all($user->uid, 'cache_menu', TRUE);
  user_module_invoke('login', $edit, $user);
  return 'user/' . $user->uid;
}
function theme_legal_login($form) {
  $form = theme('legal_display', $form);
  $output .= '<p>' . t('To continue to use this site please read the Terms & Conditions below, and complete the form to confirm your acceptance.') . '</p>';
  if ($form['changes']) {
    foreach (element_children($form['changes']) as $key) {
      $form['changes'][$key]['#prefix'] .= '<li>';
      $form['changes'][$key]['#suffix'] .= '</li>';
    }
    $form['changes']['start_list'] = array(
      '#value' => '<ul>',
      '#weight' => 0,
    );
    $form['changes']['end_list'] = array(
      '#value' => '</ul>',
      '#weight' => 3,
    );
    $output .= drupal_render($form['changes']);
  }
  $save = drupal_render($form['save']);
  $output .= drupal_render($form);
  $output .= $save;
  return $output;
}
function legal_get_accept($uid) {
  $accept = db_fetch_object(db_query("SELECT * FROM {legal_accepted} WHERE uid = '%d' ORDER BY legal_id DESC LIMIT 1", $uid));
  return $accept;
}
function legal_save_accept($uid, $tc_id) {
  db_query("INSERT INTO {legal_accepted} (legal_id, uid, tc_id, accepted) VALUES (NULL, '%d', '%d', '%d')", $uid, $tc_id, time());
  return;
}
function legal_get_conditions() {
  $conditions = db_fetch_array(db_query("SELECT * FROM {legal_conditions} ORDER BY tc_id DESC LIMIT 1"));
  $conditions['extras'] = empty($conditions['extras']) ? array() : unserialize($conditions['extras']);
  return $conditions;
}
function legal_conditions_updated($new) {
  $old = legal_get_conditions();
  if ($old['conditions'] != $new['conditions']) {
    return TRUE;
  }
  $count = count($new['extras']);
  for ($counter = 1; $counter <= $count; $counter++) {
    if ($old['extras']['extras-' . $counter] != $new['extras']['extras-' . $counter]) {
      return TRUE;
    }
  }
  return FALSE;
}

// get all changes since user last accepted
function legal_display_changes($form, $uid) {
  $last_accepted = legal_get_accept($uid);
  if (empty($last_accepted)) {
    return $form;
  }
  $results = db_query("SELECT * FROM {legal_conditions} WHERE tc_id > %d ORDER BY tc_id DESC", $last_accepted->tc_id);
  if (empty($results)) {
    return $form;
  }
  $form['changes'] = array(
    '#type' => 'fieldset',
    '#title' => t('Changes List'),
    '#description' => t('Changes to the Terms & Conditions since last accepted:'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
    '#tree' => TRUE,
  );
  while ($conditions = db_fetch_object($results)) {
    unset($changes);
    if (!empty($conditions->changes)) {
      $changes = explode("\r\n", $conditions->changes);
      foreach ($changes as $change) {
        $form['changes'][] = array(
          '#value' => filter_xss_admin($change),
          '#weight' => 2,
        );
        $is_list = TRUE;
      }
    }
  }
  if (!$is_list) {
    $form['changes'] = NULL;
  }
  return $form;
}

// check if user has accepted latest version of T&C
function legal_version_check($uid, $current_tc_id) {
  $legal_account = legal_get_accept($uid);
  if ($legal_account->tc_id == $current_tc_id) {
    return TRUE;
  }

  // get change log messages
  return $log_messages;
}