user_access
| 4.6 user.module | user_access($string, $account = NULL) |
| 4.7 user.module | user_access($string, $account = NULL) |
| 5 user.module | user_access($string, $account = NULL) |
| 6 user.module | user_access($string, $account = NULL, |
| 7 user.module | user_access($string, $account = NULL) |
| 8 user.module | user_access($string, $account = NULL) |
Determine whether the user has a given privilege.
Parameters
$string: The permission, such as "administer nodes", being checked for.
$account: (optional) The account to check, if not given use currently logged in user.
Return value
boolean TRUE if the current user has the requested permission.
All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.
636 calls to user_access()
4 string references to 'user_access'
File
- drupal/
modules/ user/ user.module, line 361 - Enables the user registration and login system.
Code
function user_access($string, $account = NULL) {
global $user;
static $perm = array();
if (is_null($account)) {
$account = $user;
}
// User #1 has all privileges:
if ($account->uid == 1) {
return TRUE;
}
// To reduce the number of SQL queries, we cache the user's permissions
// in a static variable.
if (!isset($perm[$account->uid])) {
$rids = array_keys($account->roles);
$placeholders = implode(',', array_fill(0, count($rids), '%d'));
$result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN ($placeholders)", $rids);
$perm[$account->uid] = '';
while ($row = db_fetch_object($result)) {
$perm[$account->uid] .= "$row->perm, ";
}
}
if (isset($perm[$account->uid])) {
return strpos($perm[$account->uid], "$string, ") !== FALSE;
}
return FALSE;
}
Search 5
Support DrupalContrib
DrupalContrib API believes developer documentation should be ad-free. Please make a donation below if you would like to help us to pay our hosting and maintenance costs.
Recurring donation:
One-off donation:
Flattr:
