modules/og_reg_keys/og_reg_keys.module

<?php
// $Id$

/**
 * @file
 * Provides group registration keys to restrict group access.
 */

/**
 * Implementation of hook_help().
 */
function og_reg_keys_help($path, $arg) {
  global $user;
  switch ($path) {
    case 'admin/og/reg-keys-settings':
      $output =  '<p>'. t('Settings for Organic Groups registration keys.  A user will be auto-approved as member of a group set to <strong>closed</strong> or <strong>moderated</strong> when they supply a group key.  Users may also visit the !join page to join a group using a key.', array('!join' => l('join a group', 'og/reg-key-join')));
      $output .= '</p><p>'. t('You may combine this feature with the usual use of groups in the registration form.') .'</p>';
      return $output;
      break;
    case 'og/reg-key-join':
      $output = '<p>'. t('You may check a group key by entering it below.');
      if ($user->uid) {
        $output .= ' '. t('You may also join a group by submitting its key.');
      }
      return $output .'</p>';
      break;
  }
}

/**
 * Implementation of hook_menu().
 */
function og_reg_keys_menu() {
  $items = array();

  $items['og/reg-key-join'] = array(
    'title' => 'Use registration key',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('og_reg_keys_join'),
    'weight' => 10,
    'type' => MENU_LOCAL_TASK,
    'access callback' => 'user_is_logged_in', 
  );
  $items['admin/og/reg-keys-settings'] = array(
    'title' => 'OG Reg Keys Settings',
    'description' => 'Configure group registration key settings.',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('og_reg_keys_settings'),
    'access callback' => 'user_access',
    'access arguments' => array('administer organic groups'),
  );
  $items['admin/og/reg-keys-edit'] = array(
    'title' => 'Edit Registration Keys',
    'description' => 'Edit group registration keys.',
    'page callback' => 'og_reg_keys_edit_reg_keys',
    'page arguments' => array(),
    'access callback' => 'user_access',
    'access arguments' => array('administer organic groups'),
  );

  return $items;
}

/**
 * Implementation of hook_form_$form-id_alter().
 */
function og_reg_keys_form_views_filters_alter(&$form, &$form_state) {
  if ($form['view']['#value']->name == 'og_reg_keys_edit') {
    // need to push the return value as setting this in the view overrides the access control
    $form['#action'] = url('admin/og/reg-keys-edit');
  }
}

/**
 * Implementation of hook_form_alter().
 */
function og_reg_keys_form_alter(&$form, &$form_state, $form_id) {
  if ($form_id == 'og_invite_form') {
    $key = og_reg_keys_get_key($form['gid']['#value']);
    if (!empty($key)) {
      $form['pmessage']['#default_value'] .= strtr(_og_reg_keys_message(), array('%reg_key' => $key)). "\n\n";
    }
	}
  else if (og_is_group_type($form['type']['#value'])) {
    $result = db_query("SELECT (code) FROM {og_reg_keys} WHERE nid = %d", $form['nid']['#value']);
    if ($result) {
      $value = db_fetch_array($result);
      $value = $value['code'];
    }
    else {
      $value = '';
    }
    $form['og_reg_keys'] = array(
      '#type' => 'textfield',
      '#title' => t('Group registration key'),
      '#default_value' => $value,
      '#description' => t('Enter a registration key if you want to allow users to enter a key to join this group. Leave this field blank if you do not want to allow users to join this group with a registration key.'),
      '#size' => 64,
    );
  }
}

/**
 * Implementation of hook_user().
 */
function og_reg_keys_user($op, &$edit, &$account, $category = NULL) {
  if (!module_exists('og')) {
    return;
  }

  switch ($op) {
    case 'validate':
      // Reg key is only present during registration
      if (isset($edit['og_reg_key'])) {
        if ($edit['og_reg_key'] != '') {
          if (!og_reg_keys_valid_key($edit['og_reg_key'])) {
            form_set_error('og_reg_key', t('Not a valid group registration key.'));
          }
        }
      }
      break;    
    case 'insert':
      // Reg key is only present during registration
      if (isset($edit['og_reg_key']) && og_reg_keys_valid_key($edit['og_reg_key'])) {
        $gid = og_reg_keys_get_gid($edit['og_reg_key']);
        $return = og_save_subscription($gid, $account->uid, array('is_active' => 1));
        if (!empty($return['message'])) {
          drupal_set_message($return['message']);
        }
        $rid = variable_get('og_reg_keys_role', 0);
        if ($rid) {
          // Pass to user_save() the roles where the key is role id (value doesn't matter eg. 1)
          $account = user_save($account, array('roles' => array($rid => $rid)));
        } 
      }
      // no redirect to node as this is someone adding users through the standard interface
      break;
    case 'register':
      $form['og_reg_key'] = array(
        '#type' => 'textfield',
        '#title' => t('Group registration key'),
        '#required' => variable_get('og_reg_key_required', 1),
        '#description' => '',
        '#size' => 64,
      );
      
      return $form;
      break;
  }
}

/**
 * Implementation of hook_nodeapi().
 */
function og_reg_keys_nodeapi(&$node, $op) {
  if (og_is_group_type($node->type)) {
    switch ($op) {
      case 'load':
        $result = db_query('SELECT code FROM {og_reg_keys} WHERE nid = %d', $node->nid);
        $r = db_fetch_array($result);
        if ($r) {
          return array('og_reg_keys' => $r['code']);
        }
        break;
      case 'validate': // validate used on group updates
        if (!og_reg_keys_validate_key($node)) {
          form_set_error('og_reg_keys', t("The key '!og_reg_keys' is already in use by a different group", array('!og_reg_keys' => $node->og_reg_keys)));
        }
        break;
      case 'insert':  // insert used on new group inserts
      case 'update':  // submit used on group updates
        if (!empty($node->nid)) {
          $result = db_query('SELECT (nid) FROM {og_reg_keys} WHERE nid = %d', $node->nid);
          $r = db_fetch_array($result);
        
          if ($node->og_reg_keys != '') {
            if ($r) {
              db_query("UPDATE {og_reg_keys} SET code = '%s' WHERE nid = %d", $node->og_reg_keys, $node->nid);
            }
            else {
              db_query("INSERT INTO {og_reg_keys} VALUES (%d, '%s')", $node->nid, $node->og_reg_keys);
            }
          }
          elseif ($r) {
            db_query("DELETE FROM {og_reg_keys} WHERE nid = %d", $node->nid); // remove the key
          }
        }
        break;
      case 'delete': // node deletion
        db_query('DELETE FROM {og_reg_keys} WHERE nid = %d', $node->nid);
        break;
    }
  } 
}

/**
 * Implementation of hook_views_api().
 */
function og_reg_keys_views_api() {
  return array(
    'api' => 2,
  );
}

/**
 * Menu callback for 'admin/og/reg-keys-edit'
 */
function og_reg_keys_edit_reg_keys() {
  if (user_access('administer organic groups')) {
    return views_embed_view('og_reg_keys_edit', 'page');
  }
  else {
    drupal_access_denied();
  }
}


/**
 * Menu callback for 'admin/og/reg-keys-settings'
 */
function og_reg_keys_settings() {

  $roles = user_roles(TRUE);
  $roles[DRUPAL_AUTHENTICATED_RID] = '<'. t('None') .'>'; 
  
  $form['og_reg_keys_role'] = array(
    '#type' => 'select',
    '#title' => t('Role for new registrants'),
    '#default_value' => variable_get('og_reg_keys_role', DRUPAL_AUTHENTICATED_RID),
    '#options' => $roles,
    '#description' => t('Pick an additional user role that will be assigned to all new users registering with a valid group registration key.'),
  );

  $form['og_reg_keys_message'] = array(
      '#type' => 'textarea', 
      '#title' => t('Text to be added to group invitation e-mails'),
      '#default_value' => _og_reg_keys_message(),
      '#required' => TRUE,
      '#description' => t("The token '%reg_key' must be included and will be replaced by the group's registration key."),
  );
  
  $form['og_reg_key_required'] = array(
      '#type' => 'checkbox',
      '#title' => t('Registration Key Required for new account creation'),
      '#default_value' => variable_get('og_reg_key_required', 1),
  );

  return system_settings_form($form);

}

/** 
 * Validation routine for form submission of 'admin/og/reg-keys-settings'
 */
function og_reg_keys_settings_validate($form, &$form_state) {
  $op = isset($_POST['op']) ? $_POST['op'] : '';
  
  if ($op == t('Save configuration') && !strstr($form_state['values']['og_reg_keys_message'], '%reg_key')) {
    form_set_error('og_reg_keys_message', t("You must include in your message the token '%reg_key'"));
  }
}


/**
 *  Menu callback function for "check group" and "join a group" page.
 * 'og/reg-key-join' this is also used by og_reg_keys_contents()
 */
function og_reg_keys_join($size = 64) {
  global $user;
  $form['og_reg_key'] = array(
    '#type' => 'textfield',
    '#title' => t('Group registration key'),
    '#required' => TRUE,
    '#size' => $size,
  );

  $form['#after_build'] = array('og_reg_keys_add_preview');
  
  $form['preview'] = array(
    '#type' => 'button',
    '#value' => t('Check key'),
  );
  
  if ($user->uid > 0) {
    $form['submit'] = array(
      '#type' => 'submit',
      '#value' => t('Join'),
    );
  }
  return $form;
}

/** 
 * Validation routine for 'og/reg-key-join' and the block submitted reg-key form
 */
function og_reg_keys_join_validate($form, &$form_state) {
  $result = db_query("SELECT (nid) FROM {og_reg_keys} WHERE code = '%s'", $form_state['values']['og_reg_key']);
  $r = db_fetch_array($result);
  if (!$r) {
    form_set_error('og_reg_key', t('This is not a valid group registration key.'));
  }
}

/** 
 * Routine to handle form submission for 'og/reg-key-join' and the block submitted reg-key form
 */
function og_reg_keys_join_submit($form, &$form_state) {
  global $user;
  if ($user->uid) {
    $gid = og_reg_keys_get_gid($form_state['values']['og_reg_key']);

    // Use og_save_subscription() to get around og_subscribe_user()'s
    // selectivity checks.
    og_save_subscription($gid, $user->uid, array('is_active' => 1));
    
    // Existing user so preserve roles as user_save is destructive
    $roles = $user->roles + array(variable_get('og_reg_keys_role', DRUPAL_AUTHENTICATED_RID) => 1);
    user_save($user, array('roles' => $roles));
    
    // Delete the user's menu cache in order to provide access
    // to menu items secured by their newly granted role.
    cache_clear_all($user->uid .':', 'cache_menu', TRUE);
    
    // Load the group node to get the name of the group.
    $group = node_load(array('nid' => $gid));
    drupal_set_message(t('You are now a member of !group_name.', array('!group_name' => $group->title)));
    drupal_goto('node/'. $gid);
  }
  else {
    drupal_access_denied();
  }
}

/**
 * Routine used to build preview info for what would happen if the user submitted the form
 * with og_reg_key present
 */
function og_reg_keys_add_preview($form, &$form_state) {
  $op = isset($form['#post']['op']) ? $form['#post']['op'] : '';
  if ($op == t('Check key')) {
    drupal_validate_form($form['form_id']['#value'], $form, $form_state);
    if (!form_get_errors()) {
      $gid = og_reg_keys_get_gid($form['og_reg_key']['#value']);
      $node = node_load(array('nid' => $gid));
      $preview = theme('og_reg_keys_join_preview', $node);
      $form['#prefix'] = isset($form['#prefix']) ? $preview . $form['#prefix'] : $preview;
    }
  }
  return $form;
}

/**
 * Routine used to appropriately theme the node information for purposes of previewing
 * form submission with a reg-key present
 */
function theme_og_reg_keys_join_preview($node) {
  $output = '<div class="preview">';
  $output .= '<h3>'. t('By submitting this key, you will join this group:') .'</h3>';
  $output .= node_view($node, TRUE, FALSE, FALSE);
  $output .= "</div>\n";
  
  return $output;
}

/**
 * Implementation of hook_theme().
 */
function og_reg_keys_theme() {
  return array(
    'og_reg_keys_join_preview' => array(
      'arguments' => array('node' => NULL),
    ),
  );
}

/**
 * Implementation of hook_block().
 */
function og_reg_keys_block($op = 'list', $delta = 0, $edit = array()) {
  global $user;
  switch ($op) {
    case 'list' :
      $blocks = array();
      $blocks[0] = array('info' => t('Enroll with registration key'));
      return $blocks;
      break;
    case 'view' :
      if ($user->uid > 0) {
        // user is logged in just show them the reg key form
        $block['subject'] = t('Enroll in a group');
        $block['content'] = _og_reg_keys_logged_in_message();
        $block['content'] .= og_reg_keys_contents(1);
      }
      else {
        // user is not logged in
        $block = array();
        $block['subject'] = t('Create a new account');
        $block['content'] = _og_reg_keys_register_message();
        $block['content'] .= og_reg_keys_contents(0);
      }
      return $block;
      break;
    case 'configure' :
      $items['og_reg_keys_register_settings'] = array(
        '#type' => 'fieldset',
        '#title' => t('User is not logged in'),
        '#collapsible' => TRUE,
      );
      $items['og_reg_keys_register_settings']['og_reg_keys_register_message'] = array(
        '#type' => 'textarea',
        '#rows' => 3,
        '#title' => t('Message to display to users who are registering for the site with a key'),
        '#default_value' => _og_reg_keys_register_message(),
      );
      $items['og_reg_keys_logged_in_settings'] = array(
        '#type' => 'fieldset',
        '#title' => t('User is logged in'),
        '#collapsible' => TRUE,
      );
      $items['og_reg_keys_logged_in_settings']['og_reg_keys_logged_in_message'] = array(
        '#type' => 'textarea',
        '#rows' => 3,
        '#title' => t('Message to display to logged in users who are joining a group'),
        '#default_value' => _og_reg_keys_logged_in_message(),
      );
      return $items;
      break;
    case 'save' :
      if (isset($edit['og_reg_keys_register_message'])) {
        variable_set('og_reg_keys_register_message', $edit['og_reg_keys_register_message']);
      }
      if (isset($edit['og_reg_keys_logged_in_message'])) {
        variable_set('og_reg_keys_logged_in_message', $edit['og_reg_keys_logged_in_message']);
      }
      break;
  }
}

/**
 * Helper function for hook_block
 * @param int $block 0 => return form for new user 1=> return form for authenticated user
 * @return string Returns a rendered drupal form via drupal_get_form()
 */
function og_reg_keys_contents($block) {
  switch ($block) {
    case 0:
      // new user register
      return drupal_get_form('og_reg_keys_register');
      break;
    case 1:
      // existing user just show registration code
      return drupal_get_form('og_reg_keys_join', 28);
      break;
  }
}

/**
 * Form definition for registration form called indirectly via hook_block for new users
 */
function og_reg_keys_register() {
  $form['name'] = array(
    '#type' => 'textfield',
    '#title' => t('Username'),
    '#required' => TRUE,
    '#default_value' => '',
    '#size' => 16,
    '#maxlength' => 60
  );
  
  $form['pass'] = array(
    '#type' => 'password',
    '#title' => t('Password'),
    '#required' => TRUE,
    '#default_value' => '',
    '#size' => 16,
    '#maxlength' => 32
  );

  $form['mail'] = array(
    '#type' => 'textfield',
    '#title' => t('Email'),
    '#description' => t('email address is optional'),
    '#default_value' => '',
    '#size' => 28,
    '#maxlength' => 64
  );
          
  $form['og_reg_key'] = array(
    '#type' => 'textfield',
    '#title' => t('Group registration key'),
    '#required' => variable_get('og_reg_key_required', 1),
    '#size' => 28,
  );

  $form['submit'] = array('#type' => 'submit', '#value' => t('Create account'));
  return $form;
}

/**
 * Validation routine for new user registration form
 */
function og_reg_keys_register_validate($form, &$form_state) {
  $error = _og_reg_keys_validate_user($form_state['values']['name'], $form_state['values']['mail']);

  if (!empty($error)) {
    foreach ($error as $errkey => $errval) {
      form_set_error($errkey, $errval);
    }
  }

  if (!og_reg_keys_valid_key($form_state['values']['og_reg_key'])) {
    form_set_error('og_reg_key', t('This is not a valid group registration key, or group membership is by invite only.'));
  }
}

/**
 * Routine to submit new user registration form. This process creates new users, and adds og subscriptions
 */
function og_reg_keys_register_submit($form, &$form_state) {
  watchdog('user', 'New user: %name %email.', array('%name' => $form_state['values']['name'], '%email' => '<'. $form_state['values']['mail'] .'>'));

  user_save('', array('name' => $form_state['values']['name'],
                      'pass' => $form_state['values']['pass'],
                      'init' => $form_state['values']['mail'],
                      'mail' => $form_state['values']['mail'],
                      'roles' => array(variable_get('og_reg_keys_role', DRUPAL_AUTHENTICATED_RID) => 1),
                      'status' => 1));
  $user = user_authenticate($form_state['values']);
  
  $gid = og_reg_keys_get_gid($form_state['values']['og_reg_key']);

  // Use og_save_subscription() to get around og_subscribe_user()'s
  // selectivity checks.
  og_save_subscription($gid, $user->uid, array('is_active' => 1));

  // Load the group node to get the name of the group.
  $group = node_load(array('nid' => $gid));
  drupal_set_message(t('You are now a member of !group_name.', array('!group_name' => $group->title)));
  drupal_goto('node/'. $gid);
}

/**
 * Given a particular group registration key this will return the corresponding
 * group node id. If no group is associated with that key then 0 is returned
 * @param string $key A group registration key
 * @return int 0 if no match found otherwise a nodeid for the corresponding group
 */
function og_reg_keys_get_gid($key) {
  $result = db_query("SELECT (nid) FROM {og_reg_keys} WHERE code = '%s'", $key);
  $r = db_result($result);
  if ($r && $key != '') {
    return $r;
  }
  else {
    return 0;
  }
}

/**
 * Get the registration key for a given group. If no key is present '' is returned
 * @param int $gid The group id to lookup the key for
 * @return string Either a group registration key or '' if no key set for $gid
 */
function og_reg_keys_get_key($gid) {
  $result = db_query("SELECT (code) FROM {og_reg_keys} WHERE nid = %d", $gid);
  $r = db_result($result);
  if ($r) {
    return $r;
  }
  else {
    return '';
  }
}

/**
 * Checks to see if a given og_reg_key is valid and has a corresponding group
 * @param string $key The key to check for validity.
 * @return bool True if $key != '' and $key is a valid key for one group False otherwise
 */
function og_reg_keys_valid_key($key) {
  $gid = og_reg_keys_get_gid($key);
  if (!empty($gid) && og_reg_keys_get_key($gid) == $key) {
    return TRUE;
  }
  else {
    return FALSE;
  }
}

/**
 * This function returns true if the key in question is valid for a group to use.
 * returns false if the key is in use by another node
 * returns true otherwise or if == ''
 */
function og_reg_keys_validate_key($node) {
  if ($node->og_reg_keys != '') {
    // see if the key is already in use by another group
    $result = db_query("SELECT (nid) FROM {og_reg_keys} WHERE nid <> %d AND code = '%s'", $node->nid, $node->og_reg_keys);
    $r = db_fetch_array($result);
    if ($r) {
      return FALSE; // key is in use
    }
    else {
      return TRUE;
    }
  }
  else {
    return TRUE;
  }
}

/**
 * Return the group join message.
 */
function _og_reg_keys_message() {
  return variable_get('og_reg_keys_message', t("To join this group, use the registration key %reg_key"));
}

/**
 * Return the message in the registration block for logged in users.
 */
function _og_reg_keys_logged_in_message() {
  return variable_get('og_reg_keys_logged_in_message', t('Use a registration key to enroll in a group.'));
}

/**
 * Return the message in the registration block for users who are registering for the site.
 */
function _og_reg_keys_register_message() {
  return variable_get('og_reg_keys_register_message', t('Use a registration key to join the site and enroll in a group. If you are already a member, sign in first, and then use your registration key.'));
}

/*
 * _reg_keys_validate_user() is based on _userplus_validate_user().
 *
 * returns array with errors set or empty on valid
 */
function _og_reg_keys_validate_user($name = NULL, $mail = NULL) {
  $error = array();
  if ($name) {
    // Validate the username:
    if ($err = user_validate_name($name)) {
      $error['name'] = $err;
    }
    else if (db_result(db_query('SELECT COUNT(*) FROM {users} WHERE LOWER(name) = LOWER("%s")', $name)) > 0) {
      $error['name'] = t('The name %name is already taken.', array('%name' => $name));
    }
    else if (drupal_is_denied('user', $name)) {
      $error['name'] = t('The name %name has been denied access.', array('%name' => $name));
    }
  }
  
  // Validate the e-mail address: (empty is okay);
  if (!empty($mail)) {
    if ($err = user_validate_mail($mail)) {
      $error['mail'] = $err;
    }
    else if (db_result(db_query('SELECT COUNT(*) FROM {users} WHERE LOWER(mail) = LOWER("%s")', $mail)) > 0) {
      $error['mail'] = t('The e-mail address %email is already taken.', array('%email' => $mail));
    }
    else if (drupal_is_denied('mail', $mail)) {
      $error['mail'] = t('The e-mail address %email has been denied access.', array('%email' => $mail));
    }
  }

  return $error;
}