function user_readonly_form_alter in User Read-Only 5

Same name and namespace in other branches

1. 6 user_readonly.module \user_readonly_form_alter()
2. 7 user_readonly.module \user_readonly_form_alter()

Prevent the user from attempting to edit the field, thus preventing confusion. insert a hidden field w/ the appropriate value, since disabled fields do not get posted.

File

./user_readonly.module, line 191

This module provides restrictions on user account/profile fields.

Code

function user_readonly_form_alter($form_id, &$form) {
  if ($form_id != 'user_edit') {
    return;
  }
  $settings = _user_readonly_get();
  global $user;
  $user_roles = $user->roles;
  foreach ($form as $group => $data) {
    if (!is_array($data) || preg_match("/^#/", $group)) {
      continue;
    }
    foreach (element_children($data) as $key => $value) {

      // only restrict access to fields controlled by this module.
      if (empty($settings[$value]) || !is_array($data[$value])) {
        continue;
      }

      //use the default values if the setting tells so
      $settings_used = empty($settings[$value]['mode']) ? $settings[0] : $settings[$value];

      // check whether this user is allowed to make changes to this field
      // first, check if any of this user's roles are ticked in the settings
      $ticked = FALSE;
      foreach ($user_roles as $role_rid => $role_name) {
        if (!empty($settings_used['roles'][$role_rid])) {

          //this means that in the settings, this user qualifies as 'ticked'.  That can mean 'allow' or 'deny', depending on the mode.
          $ticked = TRUE;
          break;
        }
      }
      if (!user_access('administer user read-only settings') && ($ticked == TRUE && $settings_used['mode'] == 'deny' || $ticked == FALSE && $settings_used['mode'] == 'allow')) {
        $action = empty($settings_used['action']) ? $settings[0]['action'] : $settings_used['action'];
        switch ($form[$group][$value]['#type']) {
          case 'date':
            $form[$group]['user_readonly'][$value] = $form[$group][$key];
            $form[$group]['user_readonly'][$value]['#type'] = 'item';
            $form[$group]['user_readonly'][$value]['#description'] = '';
            $form[$group]['user_readonly'][$value]['#title'] = '';
            $form[$group][$value]['#disabled'] = TRUE;
            break;
          case 'password_confirm':

            // due to the complex nature of these fields, we simply delete them from the form.
            unset($form[$group][$value]);
            break;
          default:
            if ($action == 'delete') {
              $form[$group][$value]['#type'] = 'hidden';
            }
            else {

              /*if ($action == 'disable')*/

              // fields must have a hidden field w/ proper value as disabled fields are not submitted.
              $form[$group]['user_readonly'][$value] = $form[$group][$value];
              $form[$group]['user_readonly'][$value]['#type'] = 'hidden';

              // new in Drupal 5: #disabled property
              $form[$group][$value]['#disabled'] = TRUE;
            }
        }
      }
    }
  }
}