1 user.module user_account_form(&$form, &$form_state)

Helper function to add default user account fields to user registration and edit form.

See also

user_account_form_validate()

user_validate_current_pass()

user_validate_picture()

user_validate_mail()

user_password_policy_validate()

File

core/modules/user/user.module, line 745
Enables the user registration and login system.

Code

function user_account_form(&$form, &$form_state) {
  global $user;

  $account = $form['#user'];
  $register = ($form['#user']->uid > 0 ? FALSE : TRUE);

  $admin_users = user_access('administer users');
  $admin_roles = user_access('assign roles');

  $form['#validate'][] = 'user_account_form_validate';
  module_load_include('password.inc', 'user', 'user');
  $reject_weak = user_password_reject_weak($user->name);
  if ($reject_weak) {
    $form['#validate'][] = 'user_password_policy_validate';
  }

  // Account information.
  $form['account'] = array(
    '#type' => 'container',
    '#weight' => -10,
  );
  // Only show name field on registration form or user can change own username.
  $form['account']['name'] = array(
    '#type' => 'textfield',
    '#title' => t('Username'),
    '#maxlength' => USERNAME_MAX_LENGTH,
    '#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'),
    '#required' => TRUE,
    '#attributes' => array('class' => array('username')),
    '#default_value' => (!$register ? $account->name : ''),
    '#access' => ($register || ($user->uid == $account->uid && user_access('change own username')) || $admin_users),
    '#weight' => -10,
  );
  // Autofocus the username field (on the registration form only).
  if ($register) {
    $form['account']['name']['#attributes']['autofocus'] = 'autofocus';
  }

  $form['account']['mail'] = array(
    '#type' => 'email',
    '#title' => t('E-mail address'),
    '#description' => t('A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'),
    '#required' => TRUE,
    '#default_value' => (!$register ? $account->mail : ''),
  );

  // Display password field only for existing users or when user is allowed to
  // assign a password during registration.
  if (!$register) {
    $description = t('Current password must be entered to set a new password.');
    if ($reject_weak) {
      $description .= ' ' . t('Weak passwords will be rejected.');
      $description .= _user_password_policy_help();
    }
    $form['account']['pass'] = array(
      '#title' => t('New password'),
      '#type' => 'password',
      '#description' => $description,
      '#password_toggle' => TRUE,
      '#password_strength' => TRUE,
    );
    // To skip the current password field, the user must have logged in via a
    // one-time link and have the token in the URL. Store this in $form_state
    // so it persists even on subsequent Ajax requests.
    if (!isset($form_state['user_pass_reset'])) {
      $form_state['user_pass_reset'] = isset($_SESSION['pass_reset_' . $account->uid]) && isset($_GET['pass-reset-token']) && ($_GET['pass-reset-token'] == $_SESSION['pass_reset_' . $account->uid]);
    }
    $protected_values = array();
    $current_pass_description = '';
    // The user may only change their own password without their current
    // password if they logged in via a one-time login link.
    if (!$form_state['user_pass_reset']) {
      $protected_values['mail'] = $form['account']['mail']['#title'];
      $protected_values['pass'] = t('Password');
      $request_new = l(t('Reset password'), 'user/password', array('attributes' => array('title' => t('Reset password via one-time login link.'))));
      $current_pass_description = t('Required if you want to change the %mail or %pass below. !request_new.', array('%mail' => $protected_values['mail'], '%pass' => $protected_values['pass'], '!request_new' => $request_new));
    }
    // The user must enter their current password to change to a new one.
    if ($user->uid == $account->uid) {
      $form['account']['current_pass_required_values'] = array(
        '#type' => 'value',
        '#value' => $protected_values,
      );
      $form['account']['current_pass'] = array(
        '#type' => 'password',
        '#title' => t('Current password'),
        '#access' => !empty($protected_values),
        '#description' => $current_pass_description,
        '#weight' => -5,
        '#password_toggle' => TRUE,
        // Do not let web browsers remember this password, since we are
        // trying to confirm that the person submitting the form actually
        // knows the current one.
        '#attributes' => array('autocomplete' => 'off'),
      );
      $form['#validate'][] = 'user_validate_current_pass';
    }
  }
  else {
    $description = '';
    // Provide different help text if weak passwords are rejected.
    if ($reject_weak) {
      $description = ' ' . t('Weak passwords will be rejected.');
      $description .= _user_password_policy_help();
    }
    if (!config_get('system.core', 'user_email_verification') && !$admin_users) {
      // Someone registers a new account and may set a password directly.
      $form['account']['pass'] = array(
        '#type' => 'password',
        '#title' => t('Password'),
        '#description' => $description,
        '#password_toggle' => TRUE,
        '#password_strength' => TRUE,
        '#required' => TRUE,
      );
    }
    if ($admin_users) {
      // An admin creates an account.
      $form['account']['notify'] = array(
        '#type' => 'checkbox',
        '#title' => t('Notify user of new account'),
        '#default_value' => 1,
        '#description' => t('The user will receive an email with a one-time login link which leads to a page where they can set their password.'),
      );
      $form['account']['pass'] = array(
        '#type' => 'password',
        '#title' => t('Password'),
        '#description' => $description,
        '#password_toggle' => TRUE,
        '#password_strength' => TRUE,
        '#required' => FALSE,
        '#element_validate' => array('user_pass_required_validate'),
        '#states' => array(
          'visible' => array(
            ':input[name="notify"]' => array('checked' => FALSE),
          ),
          'required' => array(
            ':input[name="notify"]' => array('checked' => FALSE),
          ),
        ),
      );
    }
  }

  $form['account_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Account settings'),
    '#weight' => 1,
    '#access' => $admin_users || $admin_roles,
    '#collapsible' => TRUE,
    '#group' => 'additional_settings',
  );

  if ($admin_users) {
    $status = isset($account->status) ? $account->status : 1;
  }
  else {
    $status = $register ? config_get('system.core', 'user_register') == USER_REGISTER_VISITORS : $account->status;
  }
  $form['account_settings']['status'] = array(
    '#type' => 'radios',
    '#title' => t('Status'),
    '#default_value' => $status,
    '#options' => array(t('Blocked'), t('Active')),
    '#access' => $admin_users,
  );

  $roles = array_map('check_plain', user_roles(TRUE));
  $form['account_settings']['roles'] = array(
    '#type' => 'checkboxes',
    '#title' => t('Roles'),
    '#default_value' => (!$register && isset($account->roles) ? $account->roles : array()),
    '#options' => $roles,
    '#access' => $roles && $admin_roles,
  );
  $form['account_settings']['roles'][BACKDROP_AUTHENTICATED_ROLE] = array(
    '#disabled' => TRUE,
    '#value' => 'authenticated',
  );

  // Signature.
  $form['signature_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Signature settings'),
    '#weight' => 2,
    '#access' => (!$register && config_get('system.core', 'user_signatures')),
  );

  $form['signature_settings']['signature'] = array(
    '#type' => 'text_format',
    '#title' => t('Signature'),
    '#default_value' => isset($account->signature) ? $account->signature : '',
    '#description' => t('Your signature will be publicly displayed at the end of your comments.'),
    '#format' => isset($account->signature_format) ? $account->signature_format : NULL,
  );

  // Picture/avatar.
  $form['picture'] = array(
    '#type' => 'fieldset',
    '#title' => t('Picture'),
    '#weight' => 2,
    '#access' => (!$register && config_get('system.core', 'user_pictures')),
  );
  $form['picture']['picture'] = array(
    '#type' => 'value',
    '#value' => isset($account->picture) ? $account->picture : NULL,
  );
  $form['picture']['picture_current'] = array(
    '#markup' => theme('user_picture', array('account' => $account)),
  );
  $form['picture']['picture_delete'] = array(
    '#type' => 'checkbox',
    '#title' => t('Delete picture'),
    '#access' => !empty($account->picture->fid),
    '#description' => t('Check this box to delete your current picture.'),
  );
  $form['picture']['picture_upload'] = array(
    '#type' => 'file',
    '#title' => t('Upload picture'),
    '#size' => 48,
    '#description' => t('Your virtual face or picture. Pictures larger than @dimensions pixels will be scaled down.', array('@dimensions' => config_get('system.core', 'user_picture_dimensions'))) . ' ' . filter_xss_admin(config_get('system.core', 'user_picture_guidelines')),
  );
  $form['#validate'][] = 'user_validate_picture';
}