/[drupal]/contributions/modules/addressbook/addressbook.module

Diff of /contributions/modules/addressbook/addressbook.module

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-revision 1.32 by wplaat,
Sun Sep 20 13:31:18 2009 UTC
+revision 1.33 by wplaat,
Tue Oct 27 18:55:46 2009 UTC
 Line 12
   * Email   : info@plaatsoft.nl
   */
- // Addressbook module URLs.
+ // Addressbook module URLs
  define('URL_FAMILY_LIST',  'addressbook/family/list');
  define('URL_FAMILY_VIEW',  'addressbook/family/view');
  define('URL_FAMILY_EDIT',  'addressbook/family/edit');
 Line 34 
 define('THUMBNAILS_DIR',   file_director
   * help hook()
   * @return help texts
   */
- function addressbook_help($path, $arg) {
+ function addressbook_help($section) {
    $output = '';
-   switch ($path) {
+   switch ($section) {
      case 'admin/modules#description':
        $output .= t('Addressbook module');
        break;
 Line 45 
 function addressbook_help($path, $arg) {
    return $output;
  }
- function addressbook_mail($key, &$message, $params)
- {
-   $message['subject'] = $params['subject'];
-   $message['body'] = $params['body'];
- }
  /**
   * menu hook()
   * @return array of menu items
   */
- function addressbook_menu()
+ function addressbook_menu() {
- {
+   $items = array();
-   $items[URL_FAMILY_LIST] = array(
+   $items[] = array('path' => URL_FAMILY_LIST,
-                    'title' => 'Addressbook family list',
+                    'title' => t('Addressbook family list'),
-                    'page callback' => 'family_list',
+                    'callback' => 'family_list',
-                    'access arguments' => array('view addressbook'),
+                    'access' => user_access('view addressbook'),
-                    'type' => MENU_CALLBACK,
+                    'type' => MENU_CALLBACK);
-                 );
+   $items[] = array('path' => URL_FAMILY_VIEW,
-   $items[URL_FAMILY_VIEW] = array(
+                    'title' => t('Addressbook view family'),
-                    'title' => 'Addressbook view family',
+                    'callback' => 'family_view2',
-                    'page callback' => 'family_view2',
+                    'access' => user_access('view addressbook'),
-                    'access arguments' => array('view addressbook'),
+                    'type' => MENU_CALLBACK);
-                    'type' => MENU_CALLBACK,
-                 );
+   $items[] = array('path' => URL_FAMILY_EDIT,
+                    'title' => t('Addressbook edit family'),
-   $items[URL_FAMILY_EDIT] = array(
+                    'callback' => 'family_edit',
-                    'title' => 'Addressbook edit family',
+                    'access' => user_access('add address'),
-                    'page callback' => 'family_edit',
+                    'type' => MENU_CALLBACK);
-                    'access arguments' => array('add address'),
-                    'type' => MENU_CALLBACK,
+   $items[] = array('path' => URL_MEMBER_LIST,
-                 );
+                    'title' => t('Addressbook family list'),
+                    'callback' => 'member_list',
-   $items[URL_MEMBER_LIST] = array(
+                    'access' => user_access('view addressbook'),
-                    'title' => 'Addressbook family list',
+                    'type' => MENU_CALLBACK);
-                    'page callback' => 'member_list',
-                    'access arguments' => array('view addressbook'),
+   $items[] = array('path' => URL_MEMBER_VIEW,
-                    'type' => MENU_CALLBACK,
+                    'title' => t('Addressbook view family member'),
-                         );
+                    'callback' => 'member_view',
+                    'access' => user_access('view addressbook'),
-   $items[URL_MEMBER_VIEW] = array(
+                    'type' => MENU_CALLBACK);
-                    'title' => 'Addressbook view family member',
-                    'page callback' => 'member_view',
+   $items[] = array('path' => URL_MEMBER_EDIT,
-                    'access arguments' => array('view addressbook'),
+                    'title' => t('Addressbook edit family member'),
-                    'type' => MENU_CALLBACK,
+                    'callback' => 'member_edit',
-                         );
+                    'access' => user_access('add address'),
+                    'type' => MENU_CALLBACK);
-   $items[URL_MEMBER_EDIT] = array(
-                    'title' => 'Addressbook edit family member',
+   $items[] = array('path' => URL_PICTURE_VIEW,
-                    'page callback' => 'member_edit',
+                    'title' => t('Addressbook view picture'),
-                    'access arguments' => array('add address'),
+                    'callback' => 'picture_view',
-                    'type' => MENU_CALLBACK,
+                    'access' => user_access('view addressbook'),
-                         );
+                    'type' => MENU_CALLBACK);
-   $items[URL_PICTURE_VIEW] = array(
+   $items[] = array('path' => URL_PICTURE_EDIT,
-                    'title' => 'Addressbook view picture',
+                    'title' => t('Addressbook edit picture'),
-                    'page callback' => 'picture_view',
+                    'callback' => 'picture_edit',
-                    'access arguments' => array('view addressbook'),
+                    'access' => user_access('add address'),
-                    'type' => MENU_CALLBACK,
+                    'type' => MENU_CALLBACK);
-                 );
+   $items[] = array('path' => URL_UPLOAD_CSV,
-   $items[URL_PICTURE_EDIT] = array(
+                    'title' => t('Addressbook CSV upload'),
-                    'title' => 'Addressbook edit picture',
+                    'callback' => 'upload_csv',
-                    'page callback' => 'picture_edit',
+                    'access' => user_access('add address'),
-                    'access arguments' => array('add address'),
+                    'type' => MENU_CALLBACK);
-                    'type' => MENU_CALLBACK,
-                         );
+   $items[] = array('path' => URL_DOWNLOAD_CSV,
+                    'title' => t('Addressbook CSV download'),
-   $items[URL_UPLOAD_CSV] = array(
+                    'callback' => 'download_csv',
-                    'title' => 'Addressbook CSV upload',
+                    'access' => user_access('add address'),
-                    'page callback' => 'upload_csv',
+                    'type' => MENU_CALLBACK);
-                    'access arguments' => array('add address'),
-                    'type' => MENU_CALLBACK,
+    $items[] = array('path' => URL_SEARCH,
-                 );
+                    'title' => t('Addressbook search'),
+                    'callback' => 'general_search',
-   $items[URL_DOWNLOAD_CSV] = array(
+                    'access' => user_access('view addressbook'),
-                    'title' => 'Addressbook CSV download',
+                    'type' => MENU_CALLBACK);
-                    'page callback' => 'download_csv',
-                    'access arguments' => array('add address'),
+    $items[] = array('path' => URL_MAP_VIEW,
-                    'type' => MENU_CALLBACK,
+                    'title' => t('Addressbook map view'),
-                 );
+                    'callback' => 'map_view',
+                    'access' => user_access('view addressbook'),
-    $items[URL_SEARCH] = array(
+                    'type' => MENU_CALLBACK);
-                    'title' => 'Addressbook search',
-                    'page callback' => 'general_search',
+    $items[] = array('path' => URL_EMAIL,
-                    'access arguments' => array('view addressbook'),
+                    'title' => t('Addressbook email view'),
-                    'type' => MENU_CALLBACK,
+                    'callback' => 'email_view',
-                 );
+                    'access' => user_access('add address'),
+                    'type' => MENU_CALLBACK);
-    $items[URL_MAP_VIEW] = array(
-                    'title' => 'Addressbook map view',
+    $items[] = array('path' => 'admin/settings/addressbook',
-                    'page callback' => 'map_view',
+                    'title' => t('Addressbook'),
-                    'access arguments' => array('view addressbook'),
+                    'description' => t('Settings of addressbook.'),
-                    'type' => MENU_CALLBACK,
+                    'callback' => 'drupal_get_form',
-                 );
+                    'callback arguments' => array('addressbook_settings'),
+                    'access' => user_access('administer site configuration'),
-    $items[URL_EMAIL] = array(
+                    'type' => MENU_NORMAL_ITEM);
-                    'title' => 'Addressbook email view',
-                    'page callback' => 'email_view',
-                    'access arguments' => array('add address'),
-                    'type' => MENU_CALLBACK,
-                 );
-    $items['admin/settings/addressbook'] = array(
-                    'title' => 'Addressbook',
-                    'description' => 'Settings of addressbook.',
-                    'page callback' => 'drupal_get_form',
-                    'page arguments' => array('addressbook_settings'),
-                    'access arguments' => array('administer site configuration'),
-                    'type' => MENU_NORMAL_ITEM,
-                 );
    return $items;
  }
  /**
-   * Valid permissions for this module.
+   * Valid permisions for this module
    * @return array an array of valid permission for the module
    */
  function addressbook_perm() {
-Line 171 
 function addressbook_perm() {
+Line 152 
 function addressbook_perm() {
  }
  /**
-  * Module configuration settings.
+  * Module configuration settings
   * @return settings HTML or deny access
   */
  function addressbook_settings() {
-Line 188 
 function addressbook_settings() {
+Line 169 
 function addressbook_settings() {
       '#title' => t('Name format '),
       '#default_value' => variable_get('addressbook_name_format',1),
       '#options' => array( 0 => t('middle last, first'), 1 => t('first middle last') ),
-      '#description' => t('Set the name format which will be used in the general addressbook list page.'));
+      '#description' => t('Set with name format with will be used in the general addressbook list page.'));
    $form['settings_general']['addressbook_show_sort_bar'] = array(
       '#type' => 'select',
       '#title' => t('Enable sort bar'),
       '#default_value' => variable_get('addressbook_show_sort_bar',1),
       '#options' => array( 0 => t('No'), 1 => t('Yes') ),
-      '#description' => t('Enable / disable sort bar in general addressbook list page.'));
+      '#description' => t('Enable / Disable sort bart in general addressbook list page.'));
    $form['settings_general']['addressbook_roles'] = array(
       '#type' => 'textarea',
       '#title' => t('Roles'),
       '#default_value' => variable_get('addressbook_roles', ''),
       '#rows' => 1,
-      '#description' => t("Enter the roles which a person can have (Seperate items with commas (,). No spaces allowed).") );
+      '#description' => t("Enter roles with a person can have (Seperated items with commas. No space allowed).") );
    $form['settings_general']['addressbook_country'] = array(
       '#type' => 'textfield',
-Line 217 
 function addressbook_settings() {
+Line 198 
 function addressbook_settings() {
       '#title' => t('Show thumbnails pictures in list views'),
       '#default_value' => variable_get('addressbook_show_thumbnails',0),
       '#options' => array( 0 => t('No'), 1 => t('Yes') ),
-      '#description' => t('Enable / disable thumbnail pictures in family list and family member list.'));
+      '#description' => t('Enable / Disable thumbnails pictures in family list and family member list.'));
    $form['settings_general']['addressbook_email_manitory'] = array(
       '#type' => 'select',
       '#title' => t('Email field manitory'),
       '#default_value' => variable_get('addressbook_email_manitory',1),
       '#options' => array( 0 => t('No'), 1 => t('Yes') ),
-      '#description' => t('Enable / disable email field as mandatory field.'));
+      '#description' => t('Enable / Disable email field as manitory field.'));
    $form['settings_general']['addressbook_wiki_edit_mode'] = array(
       '#type' => 'select',
       '#title' => t('Wiki edit mode'),
       '#default_value' => variable_get('addressbook_wiki_edit_mode',0),
       '#options' => array( 0 => t('Disable'), 1 => t('Enable') ),
-      '#description' => t('Enable (anyone can modify existing addresses), Disable (only owner can modify created addresses).'));
+      '#description' => t('Enable (Every one can modify existing addresses), Disable (Only owner can modify created addresses).'));
-Line 248 
 function addressbook_settings() {
+Line 229 
 function addressbook_settings() {
       '#type' => 'textfield',
       '#title' => t('Free www.map24.com access key'),
       '#default_value' => variable_get('addressbook_map_key', ''),
-      '#description' => t("Enter access key (Visit http://www.map24.com to obtain a free key)"),
+      '#description' => t("Enter access key (Visit http://www.map24.com to get a free key)"),
       '#maxlength' => '50',
       '#size' => '50');
-Line 261 
 function addressbook_settings() {
+Line 242 
 function addressbook_settings() {
       '#title' => t('Birthday email notification'),
       '#default_value' => variable_get('addressbook_birthday_notification',0),
       '#options' => array( 0 => t('No'), 1 => t('Yes') ),
-      '#description' => t('Enable / disable email birthday notification.'));
+      '#description' => t('Enable / Disable email birthday notification.'));
    $form['birthday']['addressbook_birthday_subject'] = array(
       '#type' => 'textfield',
       '#title' => t('Subject of birtday e-mail'),
       '#default_value' => variable_get('addressbook_birthday_subject','Happy birthday %username from %site_name'),
       '#maxlength' => 180,
-      '#description' => t('Customize the subject of your birthday e-mail, which is sent to members upon their birthday.') .' '. t('Available variables are:') .' %username, %site_name');
+      '#description' => t('Customize the subject of your birthday e-mail, which is sent to members upon there birtday.') .' '. t('Available variables are:') .' %username, %site_name');
    $form['birthday']['addressbook_birthday_body'] = array(
       '#type' => 'textarea',
       '#title' => t('Body of birthday e-mail'),
       '#default_value' => variable_get('addressbook_birthday_body',"Dear %username,\r\n\r\nCongratulation with your %user_age ste birthday.\r\nHave a nice day!\r\n"),
       '#rows' => 15,
-      '#description' => t('Customize the body of the birthday e-mail, which is sent to members upon their birthday.') .' '. t('Available variables are:') .' %username, %user_age, %site_name');
+      '#description' => t('Customize the body of the birtday e-mail, which is sent to members upon there birtday.') .' '. t('Available variables are:') .' %username, %user_age, %site_name');
    return system_settings_form($form);
  }
  /**
-   * Find all family members which are celebrating their birthday to day and send them an email.
+   * Find all family member with are celebrating there birth_day to day and send a email.
    * @return emails
    */
  function addressbook_cron() {
-Line 290 
 function addressbook_cron() {
+Line 271 
 function addressbook_cron() {
    // If birthday notification is enabled check all family members.
    if ( variable_get('addressbook_birthday_notification',0)==1 ) {
-     // Send the birthday notication only once in any given day (crontab may run more frequently)
+     // Send only one time the birthday notications per day (crontab runs every hour)
      $current_day=date('-m-d');
      $current_time=date('H');
-     if ($current_time==0) {
+     if ($current_time==0)
+     {
        watchdog('cron', t('Addressbook birthday cron'));
        // Fetch all members with are celebrating there birtday
        $query='SELECT first_name, middle_name, last_name, email, birth_day FROM {addressbook_member} WHERE birth_day LIKE "%'.$current_day.'"';
        $queryResult = db_query($query);
-       while ($data = db_fetch_object($queryResult)) {
+       while ($data = db_fetch_object($queryResult))
+       {
          $username=view_name($data->first_name,$data->middle_name,$data->last_name,true);
          $email = $data->email;
-Line 311 
 function addressbook_cron() {
+Line 295 
 function addressbook_cron() {
          $user_age  = date('Y')-$year;
          // if family member have a email address send a email
-         if (($email!='') && ($user_age<100)) {
+         if (($email!='') && ($user_age<100))
+         {
            $from=$site_name.'<'.variable_get('site_mail', ini_get('sendmail_from')).'>';
            $subject=variable_get('addressbook_birthday_subject','Happy birthday %username from %site_name');
-           $subject=str_replace("%username", $username, $subject);
+           $subject = str_replace("%username", $username, $subject);
-           $subject=str_replace("%site_name", $site_name, $subject);
+           $subject = str_replace("%site_name", $site_name, $subject);
-           $body=variable_get('addressbook_birthday_body',"Dear %username,\r\n\r\nCongratulation with your %user_age ste birthday.\r\nHave a nice day!\r\n");
+           $message=variable_get('addressbook_birthday_body',"Dear %username,\r\n\r\nCongratulation with your %user_age ste birthday.\r\nHave a nice day!\r\n");
-           $body=str_replace("%username", $username, $body);
+           $message = str_replace("%username", $username, $message);
-           $body=str_replace("%user_age", $user_age, $body);
+           $message = str_replace("%user_age", $user_age, $message);
-           $body=str_replace("%site_name", $site_name, $body);
+           $message = str_replace("%site_name", $site_name, $message);
-           if (drupal_mail('Addressbook', 'send', $email, user_preferred_language($user), array('subject'=>$subject,'body'=>$body)))
+             if ( drupal_mail( "addressbook", $email, $subject, $message, $from))
-           {
+             {
-             watchdog('cron', t('Sent birthday email to ').$email);
+              watchdog('cron', t('Sent birthday email to ').$email);
            }
            else
            {
-Line 338 
 function addressbook_cron() {
+Line 323 
 function addressbook_cron() {
  }
  /**
-   * Find all family members which are celebrating their birthday today and make a block of it.
+   * Find all family member with are celebrating there birth_day to day and make a block of it.
    * @return emails
    */
  function addressbook_block($op='list', $delta=0) {
-Line 491 
 function view_owner($uid, $readonly) {
+Line 476 
 function view_owner($uid, $readonly) {
       $query  = 'SELECT uid, name FROM {users}';
       $queryResult = db_query($query);
-      // Workaround Drupal first entry in users table is always empty. Skip this entry
+      // Workarround Drupal first entry in users table is always empty. Skip this entry
       $tmp = db_fetch_object($queryResult);
       $page.='<select name="owner">';
-Line 545 
 function view_roles($active_roles,$wante
+Line 530 
 function view_roles($active_roles,$wante
     if ( $readonly=='0' ) {
       $page .= '<br/>';
-      $page .= '<b>'.t('Please enter the roles you currently fulfilling and please enter the roles you are interesed in now or in the near future!').'</b><br/>';
+      $page .= '<b>'.t('Please enter the roles you currently forfilling and please enter the roles you are now or in the near future interesed in!').'</b><br/>';
       $page .= '<br/>';
     }
-Line 705 
 function check_mail($adres) {
+Line 690 
 function check_mail($adres) {
  }
  /*
-  * Function valid number input
+  * Function valid number imput
   * @returns true if valid number (only numeric string), false if not
   */
  function check_number($str) {
-Line 1050 
 function family_list( $sort='', $search=
+Line 1035 
 function family_list( $sort='', $search=
    }
    $page .= '</table>';
-    // Only administrators can access the csv upload functionality
+    // Only administrators can access the csv upload functionaly
    if (user_access('access administration pages')) {
       //$page .= '<br/>';
       $page .= '<table border="0" width="100%">';
-Line 1139 
 function family_view2( $fid=0 )  {
+Line 1124 
 function family_view2( $fid=0 )  {
    $picture_found=0;
    while ($data = db_fetch_object($queryResult))
    {
-     // Show each picture which is found
+     // Show each picture with is found
      $picture_found++;
      $page .= '<td valign="top">';
      $page .= '<a href="'.url(URL_PICTURE_VIEW.'/'.$data->pid).'" >';
-Line 1263 
 function family_view2( $fid=0 )  {
+Line 1248 
 function family_view2( $fid=0 )  {
      $page .= '</form>';
      $page .= '</td>';
-     // Maximum of three pictures allowed
+     // Maximum three pictures allowed
      if ($picture_found<3)
      {
        $page .= '<td align="left">';
-Line 1351 
 function family_edit($fid=0)  {
+Line 1336 
 function family_edit($fid=0)  {
    $family_delete = isset($_POST['family_delete']) ? '1' : '0';
    $go_delete = isset($_POST['go_delete']) ? '1' : '0';
-   $middle_name=$_POST['middle_name'];
+   $middle_name=htmlentities($_POST['middle_name']);
-   $last_name=ucfirst($_POST['last_name']);
+   $last_name=htmlentities(ucfirst($_POST['last_name']));
-   $street=ucfirst($_POST['street']);
+   $street=htmlentities(ucfirst($_POST['street']));
-   $zipcode=$_POST['zipcode'];
+   $zipcode=htmlentities($_POST['zipcode']);
-   $city=ucfirst($_POST['city']);
+   $city=htmlentities(ucfirst($_POST['city']));
-   $country=$_POST['country'];
+   $country=htmlentities($_POST['country']);
    if ($country=='') $country=variable_get('addressbook_country', 'Nederland');
-   $telephone=$_POST['telephone'];
+   $telephone=htmlentities($_POST['telephone']);
-   $owner=$_POST['owner'];
+   $owner=htmlentities($_POST['owner']);
    // Delete are you sure form
    if (($family_delete=='1') && ($fid!='0') && ($go_delete=='0')) {
-Line 1582 
 function family_edit($fid=0)  {
+Line 1567 
 function family_edit($fid=0)  {
    $page .= '</td>';
    if ($fid!='0') {
-     // Only existing families can be deleted
+     // Only exiting families can be be deleted
      $page .= '<td valign="top">';
      $page .= '<form action="'.url(URL_FAMILY_EDIT.'/').$fid.'" method="POST">';
      $page .= '<input type="hidden" name="fid" value="'.$fid.'" />';
-Line 1741 
 function member_list( $sort='' )  {
+Line 1726 
 function member_list( $sort='' )  {
    $page .= '<table width=100% border=1 cellpadding=3 cellspacing=3>';
    // Show Banner
-    // Only administrators can access the csv upload functionality
+    // Only administrators can access the csv upload functionaly
    $page .= '<tr><td>';
    if (user_access('access administration pages'))
    {
-Line 2063 
 function email_view( $sort='')
+Line 2048 
 function email_view( $sort='')
    if ($commit=='0')
    {
-      $page .= '<table align="left" width="100%">';
       $page .= '<form action="'.url(URL_EMAIL.'/'.$sort).'" method="POST">';
       $page .= '<br/>';
       $page .= t('To:');
       $page .= '<br/>';
-      $page .= '<textarea id="email" rows=5 cols=100 maxlength="2000" name="email" WRAP=HARD READONLY>'.$email.'</textarea>';
+      $page .= '<textarea id="email" cols=140 rows=5 maxlength="2000" name="email" WRAP=HARD READONLY>'.$email.'</textarea>';
       $page .= '<br/>';
       $page .= '<br/>';
       $page .= t('Subject:');
       $page .= '<br/>';
-      $page .= '<input id="text" name="subject" size=100 maxlength="143" type="text" value="'.$subject.'" />';
+      $page .= '<input id="text" name="subject" size="143" maxlength="143" type="text" value="'.$subject.'" />';
       $page .= '<br/>';
       $page .= '<br/>';
       $page .= t('Content:');
       $page .= '<br/>';
-      $page .= '<textarea id="body" rows=10 cols=100 maxlength="2000" name="body" >'.$body.'</textarea>';
+      $page .= '<textarea id="body" cols=140 rows=10 maxlength="2000" name="body" >'.$body.'</textarea>';
       $page .= '<br/>';
       $page .= '<br/>';
       $page .= '<table align="left">';
-Line 2091 
 function email_view( $sort='')
+Line 2075 
 function email_view( $sort='')
       $page .= '</td></tr>';
       $page .= '</form>';
       $page .= '</table>';
-      $page .= '</table>';
    }
    else
    {
+      $from=$site_name.'<'.variable_get('site_mail', ini_get('sendmail_from')).'>';
       $page .= '<form action="'.url(URL_MEMBER_LIST.'/'.$_SESSION["sort"]).'" method="POST">';
       $page .= '<br/>';
-      if (drupal_mail('Addressbook', 'send', $email, user_preferred_language($user), array('subject'=>$subject,'body'=>$body)))
+      if ( drupal_mail( "addressbook", $email, $subject, $body, $from))
       {
          watchdog('Addressbook', t('Sent group email to ').$email);
-         $page .= t('Email has be sent to '.$email);
+         $page .= t('Email is sent!');
       }
       else
       {
          watchdog('Addressbook', t('Unable to email to ').$email);
-         $page .= t('Unable to email to '.$email);
+         $page .= t('Unable to email!');
       }
       $page .= '<br/>';
       $page .= '<br/>';
       $page .= '<input type="submit" name="return" value="'.t('Return').'" />';
-Line 2155 
 function member_edit( $mid=0 )  {
+Line 2141 
 function member_edit( $mid=0 )  {
    $go_delete = isset($_POST['go_delete']) ? '1' : '0';
    $uid=$user->uid;
-   $birthday_day=$_POST['birthday_day'];
+   $birthday_day=htmlentities( $_POST['birthday_day']);
-   $birthday_month=$_POST['birthday_month'];
+   $birthday_month=htmlentities($_POST['birthday_month']);
-   $birthday_year=$_POST['birthday_year'];
+   $birthday_year=htmlentities($_POST['birthday_year']);
-   $mobile=$_POST['mobile'];
+   $mobile=htmlentities($_POST['mobile']);
-   $email=$_POST['email'];
+   $email=htmlentities($_POST['email']);
-   $work=$_POST['work'];
+   $work=htmlentities($_POST['work']);
-   $notes=$_POST['notes'];
+   $notes=htmlentities($_POST['notes']);
-   $owner=$_POST['owner'];
+   $owner=htmlentities($_POST['owner']);
-   $first_name=ucfirst($_POST['first_name']);
+   $first_name=htmlentities(ucfirst($_POST['first_name']));
-   $middle_name=$_POST['middle_name'];
+   $middle_name=htmlentities($_POST['middle_name']);
-   $last_name=ucfirst($_POST['last_name']);
+   $last_name=htmlentities(ucfirst($_POST['last_name']));
-   // Fill in some fields with default values when a new member has been created
+   // Fill in some field with default values when new meber is created
    if (($mid=='0') && ($commit=='0')) {
       $query  = 'SELECT middle_name, last_name FROM {addressbook_family} WHERE fid='.$fid;
       $queryResult = db_query($query);
-Line 2231 
 function member_edit( $mid=0 )  {
+Line 2217 
 function member_edit( $mid=0 )  {
       }
    }
-   // Delete "Are you sure?" form
+   // Delete "are you sure" form
    if (($member_delete=='1') && ($mid!='0') && ($go_delete=='0')) {
      $page .= '<br/>';
      $page .= t('Are you sure you want to delete this family member?');
-Line 2302 
 function member_edit( $mid=0 )  {
+Line 2288 
 function member_edit( $mid=0 )  {
        $birth_day = $birthday_year.'-'.$birthday_month.'-'.$birthday_day;
        if (($owner==0) && !user_access('access administration pages')) {
-          // Set new owner, because items did not find owner yet!)
+          // Set new owner because items did not found owner yet!)
           $owner=$user->uid;
        }
-Line 2387 
 function member_edit( $mid=0 )  {
+Line 2373 
 function member_edit( $mid=0 )  {
       $queryResult = db_query($query);
       $tmp = db_fetch_object($queryResult);
-      // If no data has been found. Show anti hacking message
+      // If no data is found. Show anti hacking message
       if ($tmp==null) {
         return hacker_warning();
       }
-Line 2450 
 function member_edit( $mid=0 )  {
+Line 2436 
 function member_edit( $mid=0 )  {
      {
        $picture_found++;
-       // Show each picture which has been found
+       // Show each picture with is found
        $page .= '<a href="'.url(URL_PICTURE_VIEW.'/').$data->pid.'">';
        $filename=url(THUMBNAILS_DIR.'/'.$data->picture);
        $filename=str_replace(array("?q="), "", $filename);
-Line 2531 
 function member_edit( $mid=0 )  {
+Line 2517 
 function member_edit( $mid=0 )  {
        $page .= '</td>';
      }
-     // Only existing member can be deleted
+     // Only exiting member can be be deleted
      $page .= '<td valign="top">';
      $page .= '<form action="'.url(URL_MEMBER_EDIT.'/').$mid.'" method="POST">';
      $page .= '<input type="hidden" name="fid" value="'.$fid.'" />';
-Line 2540 
 function member_edit( $mid=0 )  {
+Line 2526 
 function member_edit( $mid=0 )  {
      $page .= '</td>';
    }
-   // Cancel newly created member
+   // Cancel new created member
    $page .= '<td valign="top">';
    if ($_SESSION["list"]=='member') {
       $page .= '<form action="'.url(URL_MEMBER_LIST.'/'.$_SESSION["sort"]).'" method="POST">';
-Line 2593 
 function picture_view( $pid=0 ) {
+Line 2579 
 function picture_view( $pid=0 ) {
    $queryResult = db_query($query);
    $tmp = db_fetch_object($queryResult);
-   // If no data has been found. Show anti hacking message
+   // If no data is found. Show anti hacking message
    if ($tmp==null) {
      return hacker_warning();
    }
-   // Delete 'Are you sure?' form
+   // Delete are you sure form
    if (($picture_delete=='1') && ($pid!='0') && ($go_delete=='0')) {
      $page .= '<br/>';
      $page .= t('Are you sure you want to delete the picture?');
-Line 2635 
 function picture_view( $pid=0 ) {
+Line 2621 
 function picture_view( $pid=0 ) {
       if ($result==1)
       {
         // Query succesfull
-        watchdog('user', 'Picture '.$pid.' is deleted from the addressbook');
+        watchdog('user', 'Picture '.$pid.' is deleted in the addressbook');
         $page .= '<td valign="top">';
         $page .= '<form action="'.url(URL_PICTURE_VIEW.'/'.$pid).'" method="POST">';
-Line 2659 
 function picture_view( $pid=0 ) {
+Line 2645 
 function picture_view( $pid=0 ) {
       else {
         // Query failed
         $page .= '<br/>';
-        $page .= t('Failed to delete picture, please try again');
+        $page .= t('Failed to delete picture, try again');
         $page .= '<br/>';
         $page .= '<br/>';
         if ($mid!='0') {
-Line 2763 
 function picture_edit( $mid=0 ) {
+Line 2749 
 function picture_edit( $mid=0 ) {
    $queryResult = db_query($query);
    $tmp = db_fetch_object($queryResult);
-   // f no data has been found. Show anti hacking message
+   // If no data is found. Show anti hacking message
    if ($tmp==null) {
      return hacker_warning();
    }
-Line 2834 
 function picture_edit( $mid=0 ) {
+Line 2820 
 function picture_edit( $mid=0 ) {
           {
              chmod(IMAGE_DIR.'/'.$filename, 0666);
           }
        }
        else
        {
-         // No resize needed, move file to storage
+         // Not resize needed, move file to storage place
          copy($_FILES['uploadedfile']['tmp_name'],IMAGE_DIR.'/'.$filename);
        }
-Line 2886 
 function picture_edit( $mid=0 ) {
+Line 2871 
 function picture_edit( $mid=0 ) {
        {
          if (!image_scale(IMAGE_DIR.'/'.$filename, file_create_path(THUMBNAILS_DIR.'/'.$filename), $width, $height)) {
            $page .= '<br>';
-           $page .= t('Unable to create thumbnails image. Is the GD library active in the Apache PHP module?');
+           $page .= t('434Unable to create thumbnails image. Is Gd library active in apache php module?');
            $error='1';
            $page .= '<br>';
          }
-Line 2897 
 function picture_edit( $mid=0 ) {
+Line 2882 
 function picture_edit( $mid=0 ) {
        }
        else
        {
-         // No resize needed, move file to storage
+         // Not resize needed, move file to storage place
          copy(IMAGE_DIR.'/'.$filename, THUMBNAILS_DIR.'/'.$filename);
        }
-Line 2913 
 function picture_edit( $mid=0 ) {
+Line 2898 
 function picture_edit( $mid=0 ) {
          if ($result==1)
          {
             // Query Succesfull
-            watchdog('user', 'A picture has been added to address '.$id.' in addressbook');
+            watchdog('user', 'A picture is added to address '.$id.' in addressbook');
             if ($mid=='0')
             {
-Line 2927 
 function picture_edit( $mid=0 ) {
+Line 2912 
 function picture_edit( $mid=0 ) {
          else {
            // Query Failed
            $page .= '<br/>';
-           $page .= t('Failed to add picture, please try again!');
+           $page .= t('Failed to add picture, try again!');
            $page .= '<br/>';
          }
        }
      }
      else {
        $page .= '<br/>';
-       $page.=t('Only the jpg image format is supported for pictures');
+       $page.=t('Only JPG image format is supported');
        $page .= '<br/>';
        $_FILES['uploadedfile']['name']='';
      }
-Line 3127 
 function process_csv_upload() {
+Line 3112 
 function process_csv_upload() {
          }
        }
-       // If family insert/update was successful, then continue with member insert/update.
+       // If family insert/update was succesful continue with member insert/update.
        if ( $line_error==0 )
        {
          // Check if member already exist
-Line 3214 
 function upload_csv() {
+Line 3199 
 function upload_csv() {
        else {
          // Query Failed
          $page .= '<br/>';
-         $page .= t('Failed to save csv file, please try again!').'<br/>';
+         $page .= t('Failed to save csv file, try again!').'<br/>';
          $page .= '<br/>';
          // Return to family view page
-Line 3264 
 function upload_csv() {
+Line 3249 
 function upload_csv() {
  }
  /**
-  * Create CSV file and start file transfer to web user.
+  * Creat CSV file and start file transfer to web user.
   */
  function download_csv() {
-Line 3393 
 function general_search($search="") {
+Line 3378 
 function general_search($search="") {
    drupal_set_title(t('Addressbook search'));
    // Fetch search parameter out HTTP request
-   if ($search=='') $search=$_POST['search'];
+   if ($search=='') $search=htmlentities($_POST['search']);
    // Set search value in session scope
    $_SESSION["search"]=$search;
-Line 3500 
 function map_view() {
+Line 3485 
 function map_view() {
    drupal_set_title(t('Addressbook map view'));
    // Fetch search parameter out HTTP request
-   $street=$_POST['street'];
+   $street=htmlentities($_POST['street']);
-   $city=$_POST['city'];
+   $city=htmlentities($_POST['city']);
-   $country=$_POST['country'];
+   $country=htmlentities($_POST['country']);
    $fid=$_POST['fid'];
    $mid=$_POST['mid'];

 Legend:



Removed from v.1.32
 


changed lines


 
Added in v.1.33
 Legend:



Removed from v.1.32
 


changed lines


 
Added in v.1.33
-Removed from v.1.32
+Added in v.1.33

	ViewVC Help
Powered by ViewVC 1.1.3