From 499e78b4fd6a0a3d5a60ed1777f089c34aa76160 Mon Sep 17 00:00:00 2001 From: moodler Date: Sun, 29 Oct 2006 04:21:23 +0000 Subject: [PATCH] Merged user profile improvements from stable --- lang/en_utf8/moodle.php | 1 + user/view.php | 107 +++++++++++++++++++++++----------------- 2 files changed, 64 insertions(+), 44 deletions(-) diff --git a/lang/en_utf8/moodle.php b/lang/en_utf8/moodle.php index 335020788f..b359a21438 100644 --- a/lang/en_utf8/moodle.php +++ b/lang/en_utf8/moodle.php @@ -976,6 +976,7 @@ $string['notavailable'] = 'Not available'; $string['noteachersyet'] = 'No teachers in this course yet'; $string['notenrollable'] = 'This course is not enrollable at the moment.'; $string['notenrolled'] = '$a is not enrolled in this course.'; +$string['notenrolledprofile'] = 'This profile is not available because this user is not enrolled in this course.'; $string['noteuserschangednonetocourse'] = 'Note: course users need to be restored when restoring user data (in activities, files or messages). This setting has been changed for you.'; $string['nothingnew'] = 'Nothing new since your last login'; $string['nothingtodisplay'] = 'Nothing to display'; diff --git a/user/view.php b/user/view.php index e6e36f6e43..e9818a2f83 100644 --- a/user/view.php +++ b/user/view.php @@ -48,67 +48,80 @@ } } - if (!$currentuser && $course->id != SITEID && - !has_capability('moodle/course:view', $coursecontext, $user->id, false)) { - print_error('usernotavailable'); - } + $strpersonalprofile = get_string('personalprofile'); + $strparticipants = get_string("participants"); + $struser = get_string("user"); - if ($course->id != SITEID) { - if ($lastaccess = get_record('user_lastaccess', 'userid', $user->id, 'courseid', $course->id)) { - $user->lastaccess = $lastaccess->timeaccess; - } - } + $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext)); - $personalprofile = get_string('personalprofile'); - $participants = get_string("participants"); +/// If the user being shown is not ourselves, then make sure we are allowed to see them! + if (!$currentuser) { - if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { // Groups must be kept separate - require_login(); - - ///this is changed because of mygroupid - $gtrue = false; - if ($mygroups = mygroupid($course->id)){ - foreach ($mygroups as $group){ - if (ismember($group, $user->id)){ - $gtrue = true; + if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level + if ($CFG->forceloginforprofiles and !isteacherinanycourse() and !isteacherinanycourse($user->id)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366) + print_header("$strpersonalprofile: ", "$strpersonalprofile: ", + "id\">$strparticipants -> $struser", + "", "", true, " ", navmenu($course)); + print_heading(get_string('usernotavailable', 'error')); + print_footer($course); + exit; + } + } else { // Normal course + if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) { + if (has_capability('moodle/course:view', $coursecontext)) { + print_header("$strpersonalprofile: ", "$strpersonalprofile: ", + "id\">$course->shortname -> + id\">$strparticipants -> $fullname", + "", "", true, " ", navmenu($course)); + print_heading(get_string('notenrolled', '', $fullname)); + } else { + print_header("$strpersonalprofile: ", "$strpersonalprofile: ", + "id\">$course->shortname -> + id\">$strparticipants -> $struser", + "", "", true, " ", navmenu($course)); + print_heading(get_string('notenrolledprofile')); } + print_continue($_SERVER['HTTP_REFERER']); + print_footer($course); + exit; } } - // took the teacheredit check out because teacheredit will have moodle/site:accessallgroups capability - // which was already checked - if (!$currentuser && !$gtrue) { - print_header("$personalprofile: ", "$personalprofile: ", - "id\">$course->shortname -> - id\">$participants", - "", "", true, " ", navmenu($course)); - error(get_string("groupnotamember"), "../course/view.php?id=$course->id"); + + + // If groups are in use, make sure we can see that group + if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { + require_login(); + + ///this is changed because of mygroupid + $gtrue = false; + if ($mygroups = mygroupid($course->id)){ + foreach ($mygroups as $group){ + if (ismember($group, $user->id)){ + $gtrue = true; + } + } + } + if (!$gtrue) { + print_header("$strpersonalprofile: ", "$strpersonalprofile: ", + "id\">$course->shortname -> + id\">$strparticipants", + "", "", true, " ", navmenu($course)); + error(get_string("groupnotamember"), "../course/view.php?id=$course->id"); + } } } - if ($course->id == SITEID and !$currentuser) { // To reduce possibility of "browsing" userbase at site level - if ($CFG->forceloginforprofiles and !isteacherinanycourse() and !isteacherinanycourse($user->id)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366) - print_header("$personalprofile: ", "$personalprofile: ", - "id\">$participants", - "", "", true, " ", navmenu($course)); - print_heading(get_string('usernotavailable', 'error')); - print_footer($course); - die; - } - } - /// We've established they can see the user's name at least, so what about the rest? - $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext)); - if ($course->category) { - print_header("$personalprofile: $fullname", "$personalprofile: $fullname", + print_header("$strpersonalprofile: $fullname", "$strpersonalprofile: $fullname", "id\">$course->shortname -> - id\">$participants -> $fullname", + id\">$strparticipants -> $fullname", "", "", true, " ", navmenu($course)); } else { - print_header("$course->fullname: $personalprofile: $fullname", "$course->fullname", + print_header("$course->fullname: $strpersonalprofile: $fullname", "$course->fullname", "$fullname", "", "", true, " ", navmenu($course)); } @@ -129,6 +142,12 @@ add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id"); + if ($course->id != SITEID) { + if ($lastaccess = get_record('user_lastaccess', 'userid', $user->id, 'courseid', $course->id)) { + $user->lastaccess = $lastaccess->timeaccess; + } + } + /// Get the hidden field list if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) { -- 2.39.5