function paranoia_form_alter in Paranoia 6
Same name and namespace in other branches
- 8 paranoia.module \paranoia_form_alter()
- 5 paranoia.module \paranoia_form_alter()
- 7 paranoia.module \paranoia_form_alter()
Implementation of hook_form_alter().
File
- ./
paranoia.module, line 14 - Disables PHP block visibility permission and gives status error if a role has this permission. Disables the PHP module. Hides the PHP and paranoia modules from the modules page. Prevents user/1 editing which could give access to abitrary contrib…
Code
function paranoia_form_alter(&$form, $form_state, $form_id) {
switch ($form_id) {
case 'user_admin_perm':
// Disable PHP input
$hide_permissions = module_invoke_all('paranoia_revoke');
foreach ($hide_permissions as $hidden) {
unset($form['permission'][$hidden]);
foreach (element_children($form['checkboxes']) as $rid) {
unset($form['checkboxes'][$rid]['#options'][$hidden]);
}
}
break;
case 'system_modules':
// Hide Paranoia and PHP modules from module admin form
$hidden_modules = module_invoke_all('paranoia_hide');
foreach ($hidden_modules as $module) {
_paranoia_hide_module($form, $module);
}
break;
case 'user_profile_form':
// Prevent modifying user/1
if ($form['#uid'] === '1') {
global $user;
// Allow user/1 to edit own details.
if ($user->uid != 1) {
drupal_set_message('You must login as this user (user/1) to modify the email address and password for this account.');
$form['account']['mail']['#access'] = FALSE;
$form['account']['pass']['#access'] = FALSE;
}
}
break;
}
}