You are here

Home » API reference » Protected Node 6 » protected_node.fork.inc

function protected_node_enter_any_password in Protected Node 6

Same name and namespace in other branches
  1. 7 protected_node.fork.inc \protected_node_enter_any_password()
  2. 1.0.x protected_node.fork.inc \protected_node_enter_any_password()

Create the form asking the end users for the node password.

The function expects a $_GET with the variable named protected_pages. This parameter is a list of comma separated NIDs.

The function accepts a $_GET named 'back'. This is a URL used for the Cancel link shown next to the OKAY button.

@important The function does NOT use check_plain() on the $info, $description, etc. because the administrator is the only one who can enter that information.

@todo It would be a good idea to transform this function in a theme() call instead.

1 string reference to 'protected_node_enter_any_password'
protected_node_menu_array in ./protected_node.settings.inc
Actual implementation of the protected_node_menu() function.

File

./protected_node.fork.inc, line 54
Redirected page callback file for the protected_node module. This version supports any number of pages instead of a destination.

Code

function protected_node_enter_any_password() {
  global $user;
  if (isset($_GET['destination'])) {

    // Illegal call
    watchdog('protected_node', 'Illegal call to /protected-nodes', array(), WATCHDOG_WARNING);
    drupal_access_denied();
    exit;
  }
  $nids = protected_node_password_nids();

  // check, in reverse order, whether a node password was specified;
  // if so, use that node
  foreach (array_reverse($nids) as $nid) {
    if (!empty($_SESSION['_protected_node']['passwords'][$nid])) {
      $when = $_SESSION['_protected_node']['passwords'][$nid];
      if ($when > variable_get('protected_node_session_timelimit', 0)) {

        // global reset time
        $node = node_load($nid);
        if ($when > $node->protected_node_passwd_changed) {

          // this page reset time
          // the password is still known, go to the page
          drupal_goto('node/' . $nid);
        }
      }

      // if the "best" node had a password and it's gone, we don't test the
      // other pages; instead we accept this one as is...
      break;
    }
  }

  // make sure the first node exists, the others we don't care as much at this point
  // they are tested when the user submits the password and used as the destination
  $node = node_load($nids[0]);
  if (!is_object($node)) {

    // Illegal nid
    watchdog('protected_node', 'Illegal nids[0] (@nid) to /protected-node', array(
      '@nid' => $nids[0],
    ), WATCHDOG_WARNING);
    drupal_access_denied();
    exit;
  }

  // some variable initialization
  $types = node_get_types();
  $node_type = $types[$node->type];
  $has_token = module_exists('token');

  // setup the title of this page
  $title = variable_get('protected_node_title', NULL);
  if (!empty($title)) {
    if ($has_token) {
      $title = token_replace($title, 'node', $node);
      $title = token_replace($title, 'user', $user);

      // in this case other user's data can be introduce in the title
      drupal_set_title(filter_xss($title));
    }
    else {

      // only administrators can enter this title
      drupal_set_title($title);
    }
  }

  // information appear between the title and the password form
  $info = variable_get('protected_node_info', '');
  if ($has_token) {
    $info = token_replace($info, 'node', $node);
    $info = token_replace($info, 'user', $user);
  }
  $form['protected_node'] = array(
    '#value' => $info,
  );

  // enter the detailed description of the protected node password
  $description = variable_get('protected_node_description', '');
  if (!$description) {
    if ($node->protected_node_show_title) {

      // embellish the title with double quotes
      $node_title = ' "' . $node_title . '"';
    }
    else {
      $node_title = '';
    }
    $description = t('The @node_type@node_title you are trying to view is password protected. Please enter the password below to proceed.', array(
      '@node_type' => $node_type->name,
      '@node_title' => $node_title,
    ));
  }
  elseif ($has_token) {
    $description = token_replace($description, 'node', $node);
    $description = token_replace($description, 'user', $user);
  }
  $form['protected_node_enterpassword'] = array(
    '#type' => 'fieldset',
    '#description' => $description,
    '#collapsible' => FALSE,
  );

  // create the password widget
  $label = variable_get('protected_node_password_label', '');
  if ($label) {
    $label = token_replace($label, 'node', $node);
    $label = token_replace($label, 'user', $user);
  }
  else {
    $label = t('@node_type password', array(
      '@node_type' => $node_type->name,
    ));
  }
  $form['protected_node_enterpassword']['password'] = array(
    '#type' => 'password',
    '#title' => $label,
    '#size' => 20,
  );

  // the node we're working on

  //$form['protected_node_nid'] = array(

  //  '#type' => 'hidden',
  //  '#value' => implode(',', $nids);

  //);

  // add a submit button
  $form['protected_node_enterpassword']['submit'] = array(
    '#type' => 'submit',
    '#value' => t('OK'),
  );

  // add a cancel link when 'back' is defined (i.e. referer on the previous page)
  if (isset($_GET['back'])) {
    $cancel = $_GET['back'];
  }
  elseif (variable_get('protected_node_cancel', 0)) {
    $cancel = '<front>';
  }
  if ($cancel) {
    $form['protected_node_enterpassword']['cancel'] = array(
      '#value' => l(t('Cancel'), $cancel),
    );
  }
  return $form;
}