18.10.2016 Views

Drupal 7 Module Development

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

Chapter 5<br />

This is all the information that is needed to register our path. Now when<br />

<strong>Drupal</strong> receives a request for this URL, it will return the results of<br />

drupal_get_form(user_warn_form).<br />

<strong>Drupal</strong> caches the entire menu, so new/updated menu items will<br />

not be reflected immediately. To manually clear the cache, visit<br />

Admin | Configuration | <strong>Development</strong> | Performance and click<br />

on Clear all caches.<br />

Using wildcards in menu paths<br />

We have created a simple menu item, but sometimes simple won't do the job. In<br />

the User Warn module we want to have a menu item that is tied to each individual<br />

user's profile page. Profile pages in <strong>Drupal</strong> live at the path user/, so how<br />

do we create a distinct menu item for each user? Fortunately the menu system allows<br />

us to use wildcards when we define our menu paths.<br />

If you look at the second menu item defined in the preceding example, you will see<br />

that its definition differs a bit from our first example.<br />

$items['user/%/warn'] = array(<br />

'title' => 'Warn',<br />

'description' => 'Send e-mail to a user about improper site<br />

behavior.',<br />

'page callback' => 'drupal_get_form',<br />

'page arguments' => array('user_warn_confirm_form', 1),<br />

'access arguments' => array('administer users'),<br />

'type' => MENU_LOCAL_TASK,<br />

);<br />

The first difference is that the path is defined with % as one of the path entries. This<br />

indicates a wildcard; anything can be entered here and the menu item's hierarchy<br />

will be maintained. In <strong>Drupal</strong>, that will always be a user's ID. However, there is<br />

nothing stopping any user from entering a URL like user/xyzzy/warn or something<br />

else potentially more malicious. Your code should always be written in such a way<br />

as to handle these eventualities, for instance by verifying that the argument actually<br />

maps to a <strong>Drupal</strong> user. This would be a good improvement.<br />

The other difference in this example is that we have added 1 as an additional<br />

argument to be passed to our page callback.<br />

[ 125 ]

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!