You are here

Home » API reference » Masquerade 6 » masquerade.module

function masquerade_block_1_validate in Masquerade 6

Same name and namespace in other branches
  1. 5 masquerade.module \masquerade_block_1_validate()
  2. 7 masquerade.module \masquerade_block_1_validate()

Masquerade block form validation.

File

./masquerade.module, line 519
masquerade.module

Code

function masquerade_block_1_validate($form, &$form_state) {
  global $user;
  unset($form);
  $name = $form_state['values']['masquerade_user_field'];
  $allowed = FALSE;
  $to_uid = db_result(db_query("SELECT uid FROM {users} WHERE name = '%s'", $name));
  if ($to_uid !== FALSE) {
    $allowed = user_access('masquerade as any user') || db_result(db_query("SELECT uid_to FROM {masquerade_users} WHERE uid_from = %d and uid_to = %d", $user->uid, $to_uid));
  }
  if ($name == variable_get('anonymous', t('Anonymous'))) {
    $name = '';
  }
  if (isset($_SESSION['masquerading'])) {
    form_set_error('masquerade_user_field', t('You are already masquerading. Please <a href="@unswitch">switch back</a> to your account to masquerade as another user.', array(
      '@unswitch' => url('masquerade/unswitch', array(
        'query' => array(
          'token' => drupal_get_token('masquerade/unswitch'),
        ),
      )),
    )));
  }
  if ($allowed === FALSE) {
    form_set_error('masquerade_user_field', t('You are not allowed to masquerade as the selected user.'));
  }
  if (!empty($name) && module_exists('alt_login')) {
    $alt_login = db_fetch_object(db_query("SELECT u.name FROM {users} u INNER JOIN {alt_login} al ON u.uid = al.uid WHERE al.alt_login = '%s'", $name));
    if ($alt_login->name) {
      $name = $alt_login->name;
    }
  }
  $masq_user = user_load(array(
    'name' => $name,
  ));
  if (!$masq_user) {
    form_set_error('masquerade_user_field', t('User %masq_as does not exist. Please enter a valid username.', array(
      '%masq_as' => $form_state['values']['masquerade_user_field'],
    )));
  }
  else {
    if ($masq_user->uid == $user->uid) {
      form_set_error('masquerade_user_field', t('You cannot masquerade as yourself. Please choose a different user to masquerade as.'));
    }
    else {
      if (variable_get('site_offline', 0) && !user_access('administer site configuration', $masq_user)) {
        form_set_error('masquerade_user_field', t('It is not possible to masquerade in off-line mode as !user does not have the %config-perm permission. Please <a href="@site-maintenance">set the site status</a> to "online" to masquerade as !user.', array(
          '!user' => theme('username', $masq_user),
          '%config-perm' => 'administer site configuration',
          '@site-maintenance' => url('admin/settings/site-maintenance'),
        )));
      }
      else {
        $form_state['values']['masquerade_user_field'] = $name;
      }
    }
  }
}