From ce221eb52d9c293e4033352e5c3125c5231950aa Mon Sep 17 00:00:00 2001 From: samhemelryk Date: Fri, 25 Sep 2009 04:02:46 +0000 Subject: [PATCH] user MDL-19825 Added set_url calls, replaced deprecated functions, and boilderplate --- user/action_redir.php | 26 +- user/addnote.php | 39 +- user/edit.php | 419 ++++++++++--------- user/editadvanced.php | 445 ++++++++++---------- user/emailupdate.php | 27 +- user/extendenrol.php | 28 +- user/groupaddnote.php | 35 +- user/groupextendenrol.php | 28 +- user/messageselect.php | 267 +++++++----- user/policy.php | 123 +++--- user/portfolio.php | 35 +- user/portfoliologs.php | 34 ++ user/repository.php | 32 +- user/selector/search.php | 47 +-- user/view.php | 845 ++++++++++++++++++++------------------ 15 files changed, 1427 insertions(+), 1003 deletions(-) diff --git a/user/action_redir.php b/user/action_redir.php index 9880d356f9..007d7651e0 100644 --- a/user/action_redir.php +++ b/user/action_redir.php @@ -1,13 +1,35 @@ . + /** -* Wrapper script redirecting user operations to correct destination. -*/ + * Wrapper script redirecting user operations to correct destination. + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ require_once("../config.php"); $formaction = required_param('formaction', PARAM_FILE); $id = required_param('id', PARAM_INT); +$PAGE->set_url(new moodle_url($CFG->wwwroot.'/user/action_redir.php', array('formaction'=>$formaction,'id'=>$id))); + // Add every page will be redirected by this script $actions = array( 'messageselect.php', diff --git a/user/addnote.php b/user/addnote.php index a5f22a870f..a65e494e9d 100644 --- a/user/addnote.php +++ b/user/addnote.php @@ -1,4 +1,28 @@ -. + +/** + * This file allows you to add a note for a user + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + require_once("../config.php"); require_once($CFG->dirroot .'/notes/lib.php'); @@ -6,6 +30,19 @@ $id = required_param('id', PARAM_INT); // course id $users = optional_param('userid', array(), PARAM_INT); // array of user id $contents = optional_param('contents', array(), PARAM_RAW); // array of user notes $states = optional_param('states', array(), PARAM_ALPHA); // array of notes states + +$url = new moodle_url($CFG->wwwroot.'/user/addnote.php', array('id'=>$id)); +if ($users !== 0) { + $url->param('userid', $users); +} +if ($contents !== 0) { + $url->param('contents', $contents); +} +if ($states !== 0) { + $url->param('states', $states); +} +$PAGE->set_url($url); + if (! $course = $DB->get_record('course', array('id'=>$id))) { print_error('invalidcourseid'); } diff --git a/user/edit.php b/user/edit.php index 5b8e0501b5..777b8125bd 100644 --- a/user/edit.php +++ b/user/edit.php @@ -1,238 +1,267 @@ -libdir.'/gdlib.php'); - require_once($CFG->dirroot.'/user/edit_form.php'); - require_once($CFG->dirroot.'/user/editlib.php'); - require_once($CFG->dirroot.'/user/profile/lib.php'); - - httpsrequired(); - - $userid = optional_param('id', $USER->id, PARAM_INT); // user id - $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) - $cancelemailchange = optional_param('cancelemailchange', false, PARAM_INT); // course id (defaults to Site) - - if (!$course = $DB->get_record('course', array('id'=>$course))) { - print_error('invalidcourseid'); - } - - if ($course->id != SITEID) { - require_login($course); - } else if (!isloggedin()) { - if (empty($SESSION->wantsurl)) { - $SESSION->wantsurl = $CFG->httpswwwroot.'/user/edit.php'; - } - redirect(get_login_url()); - } else { - $PAGE->set_course($course); - } - - // Guest can not edit - if (isguestuser()) { - print_error('guestnoeditprofile'); - } - - // The user profile we are editing - if (!$user = $DB->get_record('user', array('id'=>$userid))) { - print_error('invaliduserid'); - } - - // Guest can not be edited - if (isguestuser($user)) { - print_error('guestnoeditprofile'); - } - - // User interests separated by commas - if (!empty($CFG->usetags)) { - require_once($CFG->dirroot.'/tag/lib.php'); - $user->interests = tag_get_tags_array('user', $user->id); - } - - // remote users cannot be edited - if (is_mnet_remote_user($user)) { - redirect($CFG->wwwroot . "/user/view.php?course={$course->id}"); +. + +/** + * Allows you to edit a users profile + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + +require_once('../config.php'); +require_once($CFG->libdir.'/gdlib.php'); +require_once($CFG->dirroot.'/user/edit_form.php'); +require_once($CFG->dirroot.'/user/editlib.php'); +require_once($CFG->dirroot.'/user/profile/lib.php'); + +httpsrequired(); + +$userid = optional_param('id', $USER->id, PARAM_INT); // user id +$course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) +$cancelemailchange = optional_param('cancelemailchange', false, PARAM_INT); // course id (defaults to Site) + +$url = new moodle_url($CFG->wwwroot.'/user/edit.php', array('course'=>$course)); +if ($userid !== $USER->id) { + $url->param('id', $userid); +} +$PAGE->set_url($url); + +if (!$course = $DB->get_record('course', array('id'=>$course))) { + print_error('invalidcourseid'); +} + +if ($course->id != SITEID) { + require_login($course); +} else if (!isloggedin()) { + if (empty($SESSION->wantsurl)) { + $SESSION->wantsurl = $CFG->httpswwwroot.'/user/edit.php'; } - - if ($course->id == SITEID) { - $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context - } else { - $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context + redirect(get_login_url()); +} else { + $PAGE->set_course($course); +} + +// Guest can not edit +if (isguestuser()) { + print_error('guestnoeditprofile'); +} + +// The user profile we are editing +if (!$user = $DB->get_record('user', array('id'=>$userid))) { + print_error('invaliduserid'); +} + +// Guest can not be edited +if (isguestuser($user)) { + print_error('guestnoeditprofile'); +} + +// User interests separated by commas +if (!empty($CFG->usetags)) { + require_once($CFG->dirroot.'/tag/lib.php'); + $user->interests = tag_get_tags_array('user', $user->id); +} + +// remote users cannot be edited +if (is_mnet_remote_user($user)) { + redirect($CFG->wwwroot . "/user/view.php?course={$course->id}"); +} + +if ($course->id == SITEID) { + $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context +} else { + $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context +} +$systemcontext = get_context_instance(CONTEXT_SYSTEM); +$personalcontext = get_context_instance(CONTEXT_USER, $user->id); + +// check access control +if ($user->id == $USER->id) { + //editing own profile - require_login() MUST NOT be used here, it would result in infinite loop! + if (!has_capability('moodle/user:editownprofile', $systemcontext)) { + print_error('cannotedityourprofile'); } - $systemcontext = get_context_instance(CONTEXT_SYSTEM); - $personalcontext = get_context_instance(CONTEXT_USER, $user->id); - - // check access control - if ($user->id == $USER->id) { - //editing own profile - require_login() MUST NOT be used here, it would result in infinite loop! - if (!has_capability('moodle/user:editownprofile', $systemcontext)) { - print_error('cannotedityourprofile'); - } - } else { - // teachers, parents, etc. - require_capability('moodle/user:editprofile', $personalcontext); - // no editing of guest user account - if (isguestuser($user->id)) { - print_error('guestnoeditprofileother'); - } - // no editing of primary admin! - if (is_primary_admin($user->id)) { - print_error('adminprimarynoedit'); - } +} else { + // teachers, parents, etc. + require_capability('moodle/user:editprofile', $personalcontext); + // no editing of guest user account + if (isguestuser($user->id)) { + print_error('guestnoeditprofileother'); } - - if ($user->deleted) { - echo $OUTPUT->header(); - echo $OUTPUT->heading(get_string('userdeleted')); - echo $OUTPUT->footer(); - die; + // no editing of primary admin! + if (is_primary_admin($user->id)) { + print_error('adminprimarynoedit'); } +} - // Process email change cancellation - if ($cancelemailchange) { - cancel_email_update($user->id); - } +if ($user->deleted) { + echo $OUTPUT->header(); + echo $OUTPUT->heading(get_string('userdeleted')); + echo $OUTPUT->footer(); + die; +} - //load user preferences - useredit_load_preferences($user); +// Process email change cancellation +if ($cancelemailchange) { + cancel_email_update($user->id); +} - //Load custom profile fields data - profile_load_data($user); +//load user preferences +useredit_load_preferences($user); +//Load custom profile fields data +profile_load_data($user); - //create form - $userform = new user_edit_form(); - if (empty($user->country)) { - // MDL-16308 - we must unset the value here so $CFG->country can be used as default one - unset($user->country); - } - $userform->set_data($user); - $email_changed = false; +//create form +$userform = new user_edit_form(); +if (empty($user->country)) { + // MDL-16308 - we must unset the value here so $CFG->country can be used as default one + unset($user->country); +} +$userform->set_data($user); - if ($usernew = $userform->get_data()) { +$email_changed = false; - add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", ''); +if ($usernew = $userform->get_data()) { - $email_changed_html = ''; + add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", ''); - if ($CFG->emailchangeconfirmation) { - // Handle change of email carefully for non-trusted users - if (isset($usernew->email) and $user->email != $usernew->email && !has_capability('moodle/user:update', $systemcontext)) { - $a = new stdClass(); - $a->newemail = $usernew->preference_newemail = $usernew->email; - $usernew->preference_newemailkey = random_string(20); - $usernew->preference_newemailattemptsleft = 3; - $a->oldemail = $usernew->email = $user->email; + $email_changed_html = ''; - $email_changed_html = $OUTPUT->box(get_string('auth_changingemailaddress', 'auth_email', $a), 'generalbox', 'notice'); - $email_changed_html .= $OUTPUT->continue_button("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id"); - $email_changed = true; - } + if ($CFG->emailchangeconfirmation) { + // Handle change of email carefully for non-trusted users + if (isset($usernew->email) and $user->email != $usernew->email && !has_capability('moodle/user:update', $systemcontext)) { + $a = new stdClass(); + $a->newemail = $usernew->preference_newemail = $usernew->email; + $usernew->preference_newemailkey = random_string(20); + $usernew->preference_newemailattemptsleft = 3; + $a->oldemail = $usernew->email = $user->email; + + $email_changed_html = $OUTPUT->box(get_string('auth_changingemailaddress', 'auth_email', $a), 'generalbox', 'notice'); + $email_changed_html .= $OUTPUT->continue_button("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id"); + $email_changed = true; } + } - $authplugin = get_auth_plugin($user->auth); + $authplugin = get_auth_plugin($user->auth); - $usernew->timemodified = time(); + $usernew->timemodified = time(); - $DB->update_record('user', $usernew); + $DB->update_record('user', $usernew); - // pass a true $userold here - if (! $authplugin->user_update($user, $userform->get_data())) { - // auth update failed, rollback for moodle - $DB->update_record('user', $user); - print_error('cannotupdateprofile'); - } + // pass a true $userold here + if (! $authplugin->user_update($user, $userform->get_data())) { + // auth update failed, rollback for moodle + $DB->update_record('user', $user); + print_error('cannotupdateprofile'); + } - //update preferences - useredit_update_user_preference($usernew); + //update preferences + useredit_update_user_preference($usernew); - //update interests - if (!empty($CFG->usetags)) { - useredit_update_interests($usernew, $usernew->interests); - } + //update interests + if (!empty($CFG->usetags)) { + useredit_update_interests($usernew, $usernew->interests); + } - //update user picture - if (!empty($CFG->gdversion) and empty($CFG->disableuserimages)) { - useredit_update_picture($usernew, $userform); - } + //update user picture + if (!empty($CFG->gdversion) and empty($CFG->disableuserimages)) { + useredit_update_picture($usernew, $userform); + } - // update mail bounces - useredit_update_bounces($user, $usernew); + // update mail bounces + useredit_update_bounces($user, $usernew); - /// update forum track preference - useredit_update_trackforums($user, $usernew); + /// update forum track preference + useredit_update_trackforums($user, $usernew); - // save custom profile fields data - profile_save_data($usernew); + // save custom profile fields data + profile_save_data($usernew); - // If email was changed, send confirmation email now - if ($email_changed && $CFG->emailchangeconfirmation) { - $temp_user = fullclone($user); - $temp_user->email = $usernew->preference_newemail; - $temp_user->emailstop = NULL; + // If email was changed, send confirmation email now + if ($email_changed && $CFG->emailchangeconfirmation) { + $temp_user = fullclone($user); + $temp_user->email = $usernew->preference_newemail; + $temp_user->emailstop = NULL; - $a = new stdClass(); - $a->url = $CFG->wwwroot . '/user/emailupdate.php?key=' . $usernew->preference_newemailkey . '&id=' . $user->id; - $a->site = $SITE->fullname; - $a->fullname = fullname($user, true); + $a = new stdClass(); + $a->url = $CFG->wwwroot . '/user/emailupdate.php?key=' . $usernew->preference_newemailkey . '&id=' . $user->id; + $a->site = $SITE->fullname; + $a->fullname = fullname($user, true); - $emailupdatemessage = get_string('auth_emailupdatemessage', 'auth_email', $a); - $emailupdatetitle = get_string('auth_emailupdatetitle', 'auth_email', $a); + $emailupdatemessage = get_string('auth_emailupdatemessage', 'auth_email', $a); + $emailupdatetitle = get_string('auth_emailupdatetitle', 'auth_email', $a); - if (!$mail_results = email_to_user($temp_user, get_admin(), $emailupdatetitle, $emailupdatemessage)) { - die("could not send email!"); - } + if (!$mail_results = email_to_user($temp_user, get_admin(), $emailupdatetitle, $emailupdatemessage)) { + die("could not send email!"); } + } - // reload from db - $usernew = $DB->get_record('user', array('id'=>$user->id)); - events_trigger('user_updated', $usernew); - - if ($USER->id == $user->id) { - // Override old $USER session variable if needed - foreach ((array)$usernew as $variable => $value) { - $USER->$variable = $value; - } - } + // reload from db + $usernew = $DB->get_record('user', array('id'=>$user->id)); + events_trigger('user_updated', $usernew); - if (!$email_changed || !$CFG->emailchangeconfirmation) { - redirect("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id"); + if ($USER->id == $user->id) { + // Override old $USER session variable if needed + foreach ((array)$usernew as $variable => $value) { + $USER->$variable = $value; } } - -/// Display page header - $streditmyprofile = get_string('editmyprofile'); - $strparticipants = get_string('participants'); - $userfullname = fullname($user, true); - - $link = null; - if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { - $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); + if (!$email_changed || !$CFG->emailchangeconfirmation) { + redirect("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id"); } - $PAGE->navbar->add($strparticipants, $link); - $link = new moodle_url($CFG->wwwroot.'/user/view.php', array('id'=>$user->id, 'course'=>$course->id)); - $PAGE->navbar->add($userfullname, $link); - $PAGE->navbar->add($streditmyprofile); - $PAGE->set_title("$course->shortname: $streditmyprofile"); - $PAGE->set_heading($course->fullname); - - echo $OUTPUT->header(); +} - /// Print tabs at the top - $showroles = 1; - $currenttab = 'editprofile'; - require('tabs.php'); - if ($email_changed) { - echo $email_changed_html; - } else { - /// Finally display THE form - $userform->display(); - } +/// Display page header +$streditmyprofile = get_string('editmyprofile'); +$strparticipants = get_string('participants'); +$userfullname = fullname($user, true); + +$link = null; +if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { + $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); +} +$PAGE->navbar->add($strparticipants, $link); +$link = new moodle_url($CFG->wwwroot.'/user/view.php', array('id'=>$user->id, 'course'=>$course->id)); +$PAGE->navbar->add($userfullname, $link); +$PAGE->navbar->add($streditmyprofile); +$PAGE->set_title("$course->shortname: $streditmyprofile"); +$PAGE->set_heading($course->fullname); + +echo $OUTPUT->header(); + +/// Print tabs at the top +$showroles = 1; +$currenttab = 'editprofile'; +require('tabs.php'); + +if ($email_changed) { + echo $email_changed_html; +} else { +/// Finally display THE form + $userform->display(); +} /// and proper footer - echo $OUTPUT->footer(); +echo $OUTPUT->footer(); -?> +?> \ No newline at end of file diff --git a/user/editadvanced.php b/user/editadvanced.php index c2377e17b2..3a13f9f591 100644 --- a/user/editadvanced.php +++ b/user/editadvanced.php @@ -1,246 +1,275 @@ -libdir.'/gdlib.php'); - require_once($CFG->libdir.'/adminlib.php'); - require_once($CFG->dirroot.'/user/editadvanced_form.php'); - require_once($CFG->dirroot.'/user/editlib.php'); - require_once($CFG->dirroot.'/user/profile/lib.php'); - require_once($CFG->libdir .'/messagelib.php'); // Messagelib functions - - httpsrequired(); - - $id = optional_param('id', $USER->id, PARAM_INT); // user id; -1 if creating new user - $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) - - if (!$course = $DB->get_record('course', array('id'=>$course))) { - print_error('invalidcourseid'); - } - if (!empty($USER->newadminuser)) { - $PAGE->set_course($SITE); - $PAGE->set_generaltype('maintenance'); - } else { - require_login($course); +. + +/** + * Allows you to edit a users profile + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + +require_once('../config.php'); +require_once($CFG->libdir.'/gdlib.php'); +require_once($CFG->libdir.'/adminlib.php'); +require_once($CFG->dirroot.'/user/editadvanced_form.php'); +require_once($CFG->dirroot.'/user/editlib.php'); +require_once($CFG->dirroot.'/user/profile/lib.php'); +require_once($CFG->libdir .'/messagelib.php'); // Messagelib functions + +httpsrequired(); + +$id = optional_param('id', $USER->id, PARAM_INT); // user id; -1 if creating new user +$course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) + +$url = new moodle_url($CFG->wwwroot.'/user/editadvanced.php', array('course'=>$course)); +if ($id !== $USER->id) { + $url->param('id', $id); +} +$PAGE->set_url($url); + +if (!$course = $DB->get_record('course', array('id'=>$course))) { + print_error('invalidcourseid'); +} +if (!empty($USER->newadminuser)) { + $PAGE->set_course($SITE); + $PAGE->set_generaltype('maintenance'); +} else { + require_login($course); +} + +if ($course->id == SITEID) { + $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context +} else { + $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context +} +$systemcontext = get_context_instance(CONTEXT_SYSTEM); + +if ($id == -1) { + // creating new user + require_capability('moodle/user:create', $systemcontext); + $user = new object(); + $user->id = -1; + $user->auth = 'manual'; + $user->confirmed = 1; + $user->deleted = 0; +} else { + // editing existing user + require_capability('moodle/user:update', $systemcontext); + if (!$user = $DB->get_record('user', array('id'=>$id))) { + print_error('invaliduserid'); } +} - if ($course->id == SITEID) { - $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context - } else { - $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context - } - $systemcontext = get_context_instance(CONTEXT_SYSTEM); - - if ($id == -1) { - // creating new user - require_capability('moodle/user:create', $systemcontext); - $user = new object(); - $user->id = -1; - $user->auth = 'manual'; - $user->confirmed = 1; - $user->deleted = 0; - } else { - // editing existing user - require_capability('moodle/user:update', $systemcontext); - if (!$user = $DB->get_record('user', array('id'=>$id))) { - print_error('invaliduserid'); - } - } +// remote users cannot be edited +if ($user->id != -1 and is_mnet_remote_user($user)) { + redirect($CFG->wwwroot . "/user/view.php?id=$id&course={$course->id}"); +} - // remote users cannot be edited - if ($user->id != -1 and is_mnet_remote_user($user)) { - redirect($CFG->wwwroot . "/user/view.php?id=$id&course={$course->id}"); - } +if ($user->id != $USER->id and is_primary_admin($user->id)) { // Can't edit primary admin + print_error('adminprimarynoedit'); +} - if ($user->id != $USER->id and is_primary_admin($user->id)) { // Can't edit primary admin - print_error('adminprimarynoedit'); - } +if (isguestuser($user->id)) { // the real guest user can not be edited + print_error('guestnoeditprofileother'); +} - if (isguestuser($user->id)) { // the real guest user can not be edited - print_error('guestnoeditprofileother'); - } - - if ($user->deleted) { - echo $OUTPUT->header(); - echo $OUTPUT->heading(get_string('userdeleted')); - echo $OUTPUT->footer(); - die; - } - - if ($user->id == -1) { - admin_externalpage_setup('addnewuser', '', array('id' => -1)); - } else if ($user->id != $USER->id) { - admin_externalpage_setup('editusers', '', array('id' => $user->id, 'course' => SITEID), $CFG->wwwroot . '/user/editadvanced.php'); - } - - //load user preferences - useredit_load_preferences($user); - - //Load custom profile fields data - profile_load_data($user); - - //User interests - if (!empty($CFG->usetags)) { - require_once($CFG->dirroot.'/tag/lib.php'); - $user->interests = tag_get_tags_array('user', $id); +if ($user->deleted) { + echo $OUTPUT->header(); + echo $OUTPUT->heading(get_string('userdeleted')); + echo $OUTPUT->footer(); + die; +} + +if ($user->id == -1) { + admin_externalpage_setup('addnewuser', '', array('id' => -1)); +} else if ($user->id != $USER->id) { + admin_externalpage_setup('editusers', '', array('id' => $user->id, 'course' => SITEID), $CFG->wwwroot . '/user/editadvanced.php'); +} + +//load user preferences +useredit_load_preferences($user); + +//Load custom profile fields data +profile_load_data($user); + +//User interests +if (!empty($CFG->usetags)) { + require_once($CFG->dirroot.'/tag/lib.php'); + $user->interests = tag_get_tags_array('user', $id); +} + +//create form +$userform = new user_editadvanced_form(); +$userform->set_data($user); + +if ($usernew = $userform->get_data()) { + add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", ''); + + if (empty($usernew->auth)) { + //user editing self + $authplugin = get_auth_plugin($user->auth); + unset($usernew->auth); //can not change/remove + } else { + $authplugin = get_auth_plugin($usernew->auth); } - //create form - $userform = new user_editadvanced_form(); - $userform->set_data($user); + $usernew->username = trim($usernew->username); + $usernew->timemodified = time(); - if ($usernew = $userform->get_data()) { - add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", ''); + if ($usernew->id == -1) { + //TODO check out if it makes sense to create account with this auth plugin and what to do with the password + unset($usernew->id); + $usernew->mnethostid = $CFG->mnet_localhost_id; // always local user + $usernew->confirmed = 1; + $usernew->password = hash_internal_user_password($usernew->newpassword); + $usernew->id = $DB->insert_record('user', $usernew); + $usercreated = true; - if (empty($usernew->auth)) { - //user editing self - $authplugin = get_auth_plugin($user->auth); - unset($usernew->auth); //can not change/remove - } else { - $authplugin = get_auth_plugin($usernew->auth); + } else { + $DB->update_record('user', $usernew); + // pass a true $userold here + if (! $authplugin->user_update($user, $userform->get_data())) { + // auth update failed, rollback for moodle + $DB->update_record('user', $user); + print_error('cannotupdateuseronexauth', '', '', $user->auth); } - $usernew->username = trim($usernew->username); - $usernew->timemodified = time(); - - if ($usernew->id == -1) { - //TODO check out if it makes sense to create account with this auth plugin and what to do with the password - unset($usernew->id); - $usernew->mnethostid = $CFG->mnet_localhost_id; // always local user - $usernew->confirmed = 1; - $usernew->password = hash_internal_user_password($usernew->newpassword); - $usernew->id = $DB->insert_record('user', $usernew); - $usercreated = true; - - } else { - $DB->update_record('user', $usernew); - // pass a true $userold here - if (! $authplugin->user_update($user, $userform->get_data())) { - // auth update failed, rollback for moodle - $DB->update_record('user', $user); - print_error('cannotupdateuseronexauth', '', '', $user->auth); - } - - //set new password if specified - if (!empty($usernew->newpassword)) { - if ($authplugin->can_change_password()) { - if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){ - print_error('cannotupdatepasswordonextauth', '', '', $usernew->auth); - } + //set new password if specified + if (!empty($usernew->newpassword)) { + if ($authplugin->can_change_password()) { + if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){ + print_error('cannotupdatepasswordonextauth', '', '', $usernew->auth); } } - $usercreated = false; } + $usercreated = false; + } - $usercontext = get_context_instance(CONTEXT_USER, $usernew->id); + $usercontext = get_context_instance(CONTEXT_USER, $usernew->id); - //update preferences - useredit_update_user_preference($usernew); + //update preferences + useredit_update_user_preference($usernew); - // update tags - if (!empty($CFG->usetags)) { - useredit_update_interests($usernew, $usernew->interests); - } + // update tags + if (!empty($CFG->usetags)) { + useredit_update_interests($usernew, $usernew->interests); + } - //update user picture - if (!empty($CFG->gdversion)) { - useredit_update_picture($usernew, $userform); - } + //update user picture + if (!empty($CFG->gdversion)) { + useredit_update_picture($usernew, $userform); + } - // update mail bounces - useredit_update_bounces($user, $usernew); + // update mail bounces + useredit_update_bounces($user, $usernew); - // update forum track preference - useredit_update_trackforums($user, $usernew); + // update forum track preference + useredit_update_trackforums($user, $usernew); - // save custom profile fields data - profile_save_data($usernew); + // save custom profile fields data + profile_save_data($usernew); - // reload from db - $usernew = $DB->get_record('user', array('id'=>$usernew->id)); + // reload from db + $usernew = $DB->get_record('user', array('id'=>$usernew->id)); - // trigger events - if ($usercreated) { - //set default message preferences - if (!message_set_default_message_preferences( $usernew )){ - print_error('cannotsavemessageprefs', 'message'); - } - events_trigger('user_created', $usernew); - } else { - events_trigger('user_updated', $usernew); + // trigger events + if ($usercreated) { + //set default message preferences + if (!message_set_default_message_preferences( $usernew )){ + print_error('cannotsavemessageprefs', 'message'); } + events_trigger('user_created', $usernew); + } else { + events_trigger('user_updated', $usernew); + } - if ($user->id == $USER->id) { - // Override old $USER session variable - foreach ((array)$usernew as $variable => $value) { - $USER->$variable = $value; - } - if (!empty($USER->newadminuser)) { - unset($USER->newadminuser); - // apply defaults again - some of them might depend on admin user info, backup, roles, etc. - admin_apply_default_settings(NULL , false); - // redirect to admin/ to continue with installation - redirect("$CFG->wwwroot/$CFG->admin/"); - } else { - redirect("$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id"); - } + if ($user->id == $USER->id) { + // Override old $USER session variable + foreach ((array)$usernew as $variable => $value) { + $USER->$variable = $value; + } + if (!empty($USER->newadminuser)) { + unset($USER->newadminuser); + // apply defaults again - some of them might depend on admin user info, backup, roles, etc. + admin_apply_default_settings(NULL , false); + // redirect to admin/ to continue with installation + redirect("$CFG->wwwroot/$CFG->admin/"); } else { - session_gc(); // remove stale sessions - redirect("$CFG->wwwroot/$CFG->admin/user.php"); + redirect("$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id"); } - //never reached + } else { + session_gc(); // remove stale sessions + redirect("$CFG->wwwroot/$CFG->admin/user.php"); } + //never reached +} /// Display page header - if ($user->id == -1 or ($user->id != $USER->id)) { - if ($user->id == -1) { - admin_externalpage_print_header(); - } else { - admin_externalpage_print_header(); - $userfullname = fullname($user, true); - echo $OUTPUT->heading($userfullname); - } - } else if (!empty($USER->newadminuser)) { - $strinstallation = get_string('installation', 'install'); - $strprimaryadminsetup = get_string('primaryadminsetup'); - - $PAGE->navbar->add($strprimaryadminsetup); - $PAGE->set_title($strinstallation); - $PAGE->set_heading($strinstallation); - $PAGE->set_cacheable(false); - - echo $OUTPUT->header(); - echo $OUTPUT->box(get_string('configintroadmin', 'admin'), 'generalbox boxwidthnormal boxaligncenter'); - echo '
'; +if ($user->id == -1 or ($user->id != $USER->id)) { + if ($user->id == -1) { + admin_externalpage_print_header(); } else { - $streditmyprofile = get_string('editmyprofile'); - $strparticipants = get_string('participants'); - $strnewuser = get_string('newuser'); - $userfullname = fullname($user, true); - - $link = null; - if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { - $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); - } - $PAGE->navbar->add($strparticipants, $link); - $link = new moodle_url($CFG->wwwroot.'/user/view.php', array('id'=>$user->id, 'course'=>$course->id)); - $PAGE->navbar->add($userfullname, $link); - $PAGE->navbar->add($streditmyprofile); - - $PAGE->set_title("$course->shortname: $streditmyprofile"); - $PAGE->set_heading($course->fullname); - - echo $OUTPUT->header(); - /// Print tabs at the top - $showroles = 1; - $currenttab = 'editprofile'; - require('tabs.php'); + admin_externalpage_print_header(); + $userfullname = fullname($user, true); + echo $OUTPUT->heading($userfullname); + } +} else if (!empty($USER->newadminuser)) { + $strinstallation = get_string('installation', 'install'); + $strprimaryadminsetup = get_string('primaryadminsetup'); + + $PAGE->navbar->add($strprimaryadminsetup); + $PAGE->set_title($strinstallation); + $PAGE->set_heading($strinstallation); + $PAGE->set_cacheable(false); + + echo $OUTPUT->header(); + echo $OUTPUT->box(get_string('configintroadmin', 'admin'), 'generalbox boxwidthnormal boxaligncenter'); + echo '
'; +} else { + $streditmyprofile = get_string('editmyprofile'); + $strparticipants = get_string('participants'); + $strnewuser = get_string('newuser'); + $userfullname = fullname($user, true); + + $link = null; + if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { + $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); } + $PAGE->navbar->add($strparticipants, $link); + $link = new moodle_url($CFG->wwwroot.'/user/view.php', array('id'=>$user->id, 'course'=>$course->id)); + $PAGE->navbar->add($userfullname, $link); + $PAGE->navbar->add($streditmyprofile); + + $PAGE->set_title("$course->shortname: $streditmyprofile"); + $PAGE->set_heading($course->fullname); + + echo $OUTPUT->header(); + /// Print tabs at the top + $showroles = 1; + $currenttab = 'editprofile'; + require('tabs.php'); +} /// Finally display THE form - $userform->display(); +$userform->display(); /// and proper footer - echo $OUTPUT->footer(); +echo $OUTPUT->footer(); -?> +?> \ No newline at end of file diff --git a/user/emailupdate.php b/user/emailupdate.php index 44be5513a2..6cb2d9cd69 100755 --- a/user/emailupdate.php +++ b/user/emailupdate.php @@ -1,4 +1,27 @@ -. + +/** + * Change a users email address + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ require_once('../config.php'); require_once($CFG->libdir.'/adminlib.php'); @@ -7,6 +30,8 @@ require_once($CFG->dirroot.'/user/editlib.php'); $key = required_param('key', PARAM_ALPHANUM); $id = required_param('id', PARAM_INT); +$PAGE->set_url(new moodle_url($CFG->wwwroot.'/user/emailupdate.php', array('id'=>$id, 'key'=>$key))); + if (!$user = $DB->get_record('user', array('id' => $id))) { print_error('invaliduserid'); } diff --git a/user/extendenrol.php b/user/extendenrol.php index f752a4f9b4..a5ed7dd5cf 100644 --- a/user/extendenrol.php +++ b/user/extendenrol.php @@ -1,9 +1,35 @@ -. + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + require_once("../config.php"); $id = required_param('id', PARAM_INT); // course id $users = optional_param('userid', array(), PARAM_INT); // array of user id +$PAGE->set_url(new moodle_url($CFG->wwwroot.'/user/extendenrol.php', array('id'=>$id))); + if (! $course = $DB->get_record('course', array('id'=>$id))) { print_error('invalidcourseid'); } diff --git a/user/groupaddnote.php b/user/groupaddnote.php index 031c49da4c..cf43103869 100644 --- a/user/groupaddnote.php +++ b/user/groupaddnote.php @@ -1,4 +1,28 @@ -. + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + require_once("../config.php"); require_once($CFG->dirroot .'/notes/lib.php'); @@ -7,6 +31,15 @@ $users = optional_param('userid', array(), PARAM_INT); // array of user id $content = optional_param('content', '', PARAM_RAW); // note content $state = optional_param('state', '', PARAM_ALPHA); // note publish state +$url = new moodle_url($CFG->wwwroot.'/user/groupaddnote.php', array('id'=>$id)); +if ($content !== '') { + $url->param('content', $content); +} +if ($state !== '') { + $url->param('state', $state); +} +$PAGE->set_url($url); + if (! $course = $DB->get_record('course', array('id'=>$id))) { print_error('invalidcourseid'); } diff --git a/user/groupextendenrol.php b/user/groupextendenrol.php index cf020a4220..97a5ce123f 100755 --- a/user/groupextendenrol.php +++ b/user/groupextendenrol.php @@ -1,9 +1,35 @@ -. + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + require_once("../config.php"); $id = required_param('id', PARAM_INT); // course id $users = optional_param('userid', array(), PARAM_INT); // array of user id +$PAGE->set_url(new moodle_url($CFG->wwwroot.'/user/groupextendenrol.php', array('id'=>$id))); + if (! $course = $DB->get_record('course', array('id'=>$id))) { print_error('invalidcourseid'); } diff --git a/user/messageselect.php b/user/messageselect.php index 3d8bf4db0d..362059f144 100644 --- a/user/messageselect.php +++ b/user/messageselect.php @@ -1,133 +1,180 @@ -dirroot.'/message/lib.php'); - - $id = required_param('id',PARAM_INT); - $messagebody = optional_param('messagebody','',PARAM_CLEANHTML); - $send = optional_param('send','',PARAM_BOOL); - $preview = optional_param('preview','',PARAM_BOOL); - $edit = optional_param('edit','',PARAM_BOOL); - $returnto = optional_param('returnto','',PARAM_LOCALURL); - $format = optional_param('format',FORMAT_MOODLE,PARAM_INT); - $deluser = optional_param('deluser',0,PARAM_INT); - - if (!$course = $DB->get_record('course', array('id'=>$id))) { - print_error('invalidcourseid'); +. + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + +require_once('../config.php'); +require_once($CFG->dirroot.'/message/lib.php'); + +$id = required_param('id',PARAM_INT); +$messagebody = optional_param('messagebody','',PARAM_CLEANHTML); +$send = optional_param('send','',PARAM_BOOL); +$preview = optional_param('preview','',PARAM_BOOL); +$edit = optional_param('edit','',PARAM_BOOL); +$returnto = optional_param('returnto','',PARAM_LOCALURL); +$format = optional_param('format',FORMAT_MOODLE,PARAM_INT); +$deluser = optional_param('deluser',0,PARAM_INT); + +$url = new moodle_url($CFG->wwwroot.'/user/messageselect.php', array('id'=>$id)); +if ($messagebody !== '') { + $url->param('messagebody', $messagebody); +} +if ($send !== '') { + $url->param('send', $send); +} +if ($preview !== '') { + $url->param('preview', $preview); +} +if ($edit !== '') { + $url->param('edit', $edit); +} +if ($returnto !== '') { + $url->param('returnto', $returnto); +} +if ($format !== FORMAT_MOODLE) { + $url->param('format', $format); +} +if ($deluser !== 0) { + $url->param('deluser', $deluser); +} +$PAGE->set_url($url); + +if (!$course = $DB->get_record('course', array('id'=>$id))) { + print_error('invalidcourseid'); +} + +require_login(); + +$coursecontext = get_context_instance(CONTEXT_COURSE, $id); // Course context +$systemcontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context +require_capability('moodle/course:bulkmessaging', $coursecontext); + +if (empty($SESSION->emailto)) { + $SESSION->emailto = array(); +} +if (!array_key_exists($id,$SESSION->emailto)) { + $SESSION->emailto[$id] = array(); +} + +if ($deluser) { + if (array_key_exists($id,$SESSION->emailto) && array_key_exists($deluser,$SESSION->emailto[$id])) { + unset($SESSION->emailto[$id][$deluser]); } +} - require_login(); +if (empty($SESSION->emailselect[$id]) || $messagebody) { + $SESSION->emailselect[$id] = array('messagebody' => $messagebody); +} - $coursecontext = get_context_instance(CONTEXT_COURSE, $id); // Course context - $systemcontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context - require_capability('moodle/course:bulkmessaging', $coursecontext); +$messagebody = $SESSION->emailselect[$id]['messagebody']; - if (empty($SESSION->emailto)) { - $SESSION->emailto = array(); - } - if (!array_key_exists($id,$SESSION->emailto)) { - $SESSION->emailto[$id] = array(); - } - - if ($deluser) { - if (array_key_exists($id,$SESSION->emailto) && array_key_exists($deluser,$SESSION->emailto[$id])) { - unset($SESSION->emailto[$id][$deluser]); - } - } +$count = 0; - if (empty($SESSION->emailselect[$id]) || $messagebody) { - $SESSION->emailselect[$id] = array('messagebody' => $messagebody); - } - - $messagebody = $SESSION->emailselect[$id]['messagebody']; - - $count = 0; - - foreach ($_POST as $k => $v) { - if (preg_match('/^(user|teacher)(\d+)$/',$k,$m)) { - if (!array_key_exists($m[2],$SESSION->emailto[$id])) { - if ($user = $DB->get_record_select('user', "id = ?", array($m[2]), 'id,firstname,lastname,idnumber,email,emailstop,mailformat,lastaccess')) { - $SESSION->emailto[$id][$m[2]] = $user; - $count++; - } +foreach ($_POST as $k => $v) { + if (preg_match('/^(user|teacher)(\d+)$/',$k,$m)) { + if (!array_key_exists($m[2],$SESSION->emailto[$id])) { + if ($user = $DB->get_record_select('user', "id = ?", array($m[2]), 'id,firstname,lastname,idnumber,email,emailstop,mailformat,lastaccess')) { + $SESSION->emailto[$id][$m[2]] = $user; + $count++; } } } - - $strtitle = get_string('coursemessage'); - - $link = null; - if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { - $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); - } - $PAGE->navbar->add(get_string('participants'), $link); - $PAGE->navbar->add($strtitle); - $PAGE->set_title($strtitle); - $PAGE->set_heading($strtitle); - if (empty($messagebody)) { - $PAGE->set_focuscontrol('theform.messagebody'); - } - - echo $OUTPUT->header(); - // if messaging is disabled on site, we can still allow users with capabilities to send emails instead - if (empty($CFG->messaging)) { - echo $OUTPUT->notification(get_string('messagingdisabled','message')); - } - - if ($count) { - if ($count == 1) { - $heading = get_string('addedrecip','moodle',$count); - } else { - $heading = get_string('addedrecips','moodle',$count); - } - echo $OUTPUT->heading($heading); +} + +$strtitle = get_string('coursemessage'); + +$link = null; +if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { + $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); +} +$PAGE->navbar->add(get_string('participants'), $link); +$PAGE->navbar->add($strtitle); +$PAGE->set_title($strtitle); +$PAGE->set_heading($strtitle); +if (empty($messagebody)) { + $PAGE->set_focuscontrol('theform.messagebody'); +} + +echo $OUTPUT->header(); +// if messaging is disabled on site, we can still allow users with capabilities to send emails instead +if (empty($CFG->messaging)) { + echo $OUTPUT->notification(get_string('messagingdisabled','message')); +} + +if ($count) { + if ($count == 1) { + $heading = get_string('addedrecip','moodle',$count); + } else { + $heading = get_string('addedrecips','moodle',$count); } + echo $OUTPUT->heading($heading); +} - if (!empty($messagebody) && !$edit && !$deluser && ($preview || $send)) { - if (count($SESSION->emailto[$id])) { - if (!empty($preview)) { - echo '
+if (!empty($messagebody) && !$edit && !$deluser && ($preview || $send)) { + if (count($SESSION->emailto[$id])) { + if (!empty($preview)) { + echo ' '; - echo "

".get_string('previewhtml')."

\n".format_text($messagebody,$format)."\n
\n"; - echo '

'."\n"; - echo '

'; - echo "\n
"; - } else if (!empty($send)) { - $good = 1; - foreach ($SESSION->emailto[$id] as $user) { - $good = $good && message_post_message($USER,$user,$messagebody,$format,'direct'); - } - if (!empty($good)) { - echo $OUTPUT->heading(get_string('messagedselectedusers')); - unset($SESSION->emailto[$id]); - unset($SESSION->emailselect[$id]); - } else { - echo $OUTPUT->heading(get_string('messagedselectedusersfailed')); - } - echo '

'.get_string('backtoparticipants').'

'; + echo "

".get_string('previewhtml')."

\n".format_text($messagebody,$format)."\n
\n"; + echo '

'."\n"; + echo '

'; + echo "\n"; + } else if (!empty($send)) { + $good = 1; + foreach ($SESSION->emailto[$id] as $user) { + $good = $good && message_post_message($USER,$user,$messagebody,$format,'direct'); + } + if (!empty($good)) { + echo $OUTPUT->heading(get_string('messagedselectedusers')); + unset($SESSION->emailto[$id]); + unset($SESSION->emailselect[$id]); + } else { + echo $OUTPUT->heading(get_string('messagedselectedusersfailed')); } - echo $OUTPUT->footer(); - exit; - } else { - echo $OUTPUT->notification(get_string('nousersyet')); + echo '

'.get_string('backtoparticipants').'

'; } + echo $OUTPUT->footer(); + exit; + } else { + echo $OUTPUT->notification(get_string('nousersyet')); } +} - echo '

'.get_string("keepsearching").''.((count($SESSION->emailto[$id])) ? ', '.get_string('usemessageform') : '').'

'; +echo '

'.get_string("keepsearching").''.((count($SESSION->emailto[$id])) ? ', '.get_string('usemessageform') : '').'

'; - if ((!empty($send) || !empty($preview) || !empty($edit)) && (empty($messagebody))) { - echo $OUTPUT->notification(get_string('allfieldsrequired')); - } +if ((!empty($send) || !empty($preview) || !empty($edit)) && (empty($messagebody))) { + echo $OUTPUT->notification(get_string('allfieldsrequired')); +} - if (count($SESSION->emailto[$id])) { - $usehtmleditor = can_use_html_editor(); - require("message.html"); - } +if (count($SESSION->emailto[$id])) { + $usehtmleditor = can_use_html_editor(); + require("message.html"); +} - echo $OUTPUT->footer(); +echo $OUTPUT->footer(); -?> +?> \ No newline at end of file diff --git a/user/policy.php b/user/policy.php index b008a82005..40951e9a7c 100644 --- a/user/policy.php +++ b/user/policy.php @@ -1,61 +1,90 @@ -libdir.'/filelib.php'); +// This file is part of Moodle - http://moodle.org/ +// +// Moodle is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Moodle is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Moodle. If not, see . - $agree = optional_param('agree', 0, PARAM_BOOL); +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ - define('MESSAGE_WINDOW', true); // This prevents the message window coming up +require_once('../config.php'); +require_once($CFG->libdir.'/filelib.php'); - if (!isloggedin()) { - require_login(); - } +$agree = optional_param('agree', 0, PARAM_BOOL); - if ($agree and confirm_sesskey()) { // User has agreed - if (!isguestuser()) { // Don't remember guests - if (!$DB->set_field('user', 'policyagreed', 1, array('id'=>$USER->id))) { - print_error('cannotsaveagreement'); - } - } - $USER->policyagreed = 1; - - if (!empty($SESSION->wantsurl)) { - $wantsurl = $SESSION->wantsurl; - unset($SESSION->wantsurl); - redirect($wantsurl); - } else { - redirect($CFG->wwwroot.'/'); +$url = new moodle_url($CFG->wwwroot.'/user/policy.php'); +if ($agree !== 0) { + $url->param('agree', $agree); +} +$PAGE->set_url($url); + +define('MESSAGE_WINDOW', true); // This prevents the message window coming up + +if (!isloggedin()) { + require_login(); +} + +if ($agree and confirm_sesskey()) { // User has agreed + if (!isguestuser()) { // Don't remember guests + if (!$DB->set_field('user', 'policyagreed', 1, array('id'=>$USER->id))) { + print_error('cannotsaveagreement'); } - exit; } + $USER->policyagreed = 1; - $strpolicyagree = get_string('policyagree'); - $strpolicyagreement = get_string('policyagreement'); - $strpolicyagreementclick = get_string('policyagreementclick'); + if (!empty($SESSION->wantsurl)) { + $wantsurl = $SESSION->wantsurl; + unset($SESSION->wantsurl); + redirect($wantsurl); + } else { + redirect($CFG->wwwroot.'/'); + } + exit; +} - $PAGE->set_title($strpolicyagreement); - $PAGE->set_heading($SITE->fullname); - $PAGE->navbar->add($strpolicyagreement); +$strpolicyagree = get_string('policyagree'); +$strpolicyagreement = get_string('policyagreement'); +$strpolicyagreementclick = get_string('policyagreementclick'); - echo $OUTPUT->header(); - echo $OUTPUT->heading($strpolicyagreement); +$PAGE->set_title($strpolicyagreement); +$PAGE->set_heading($SITE->fullname); +$PAGE->navbar->add($strpolicyagreement); - $mimetype = mimeinfo('type', $CFG->sitepolicy); - if ($mimetype == 'document/unknown') { - //fallback for missing index.php, index.html - $mimetype = 'text/html'; - } +echo $OUTPUT->header(); +echo $OUTPUT->heading($strpolicyagreement); + +$mimetype = mimeinfo('type', $CFG->sitepolicy); +if ($mimetype == 'document/unknown') { + //fallback for missing index.php, index.html + $mimetype = 'text/html'; +} + +echo '
'; +echo ''; +// we can not use our popups here, because the url may be arbitrary, see MDL-9823 +echo ''.$strpolicyagreementclick.''; +echo '
'; - echo '
'; - echo ''; - // we can not use our popups here, because the url may be arbitrary, see MDL-9823 - echo ''.$strpolicyagreementclick.''; - echo '
'; - - $formcontinue = html_form::make_button('policy.php', array('agree'=>1), get_string('yes')); - $formcancel = html_form::make_button($CFG->wwwroot.'/login/logout.php', array(), get_string('no')); - echo $OUTPUT->confirm($strpolicyagree, $formcontinue, $formcancel); +$formcontinue = html_form::make_button('policy.php', array('agree'=>1), get_string('yes')); +$formcancel = html_form::make_button($CFG->wwwroot.'/login/logout.php', array(), get_string('no')); +echo $OUTPUT->confirm($strpolicyagree, $formcontinue, $formcancel); - echo $OUTPUT->footer(); +echo $OUTPUT->footer(); -?> +?> \ No newline at end of file diff --git a/user/portfolio.php b/user/portfolio.php index 84a204f5c0..d9a4f8c59f 100644 --- a/user/portfolio.php +++ b/user/portfolio.php @@ -1,5 +1,28 @@ . + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + require_once(dirname(dirname(__FILE__)) . '/config.php'); if (empty($CFG->enableportfolios)) { @@ -10,9 +33,17 @@ require_once($CFG->libdir . '/portfoliolib.php'); $config = optional_param('config', 0, PARAM_INT); $hide = optional_param('hide', 0, PARAM_INT); - $course = optional_param('course', SITEID, PARAM_INT); +$url = new moodle_url($CFG->wwwroot.'/user/portfolio.php', array('course'=>$course)); +if ($hide !== 0) { + $url->param('hide', $hide); +} +if ($config !== 0) { + $url->param('config', $config); +} +$PAGE->set_url($url); + if (! $course = $DB->get_record("course", array("id"=>$course))) { print_error('invalidcourseid'); } @@ -91,4 +122,4 @@ if ($display) { } echo $OUTPUT->footer(); -?> +?> \ No newline at end of file diff --git a/user/portfoliologs.php b/user/portfoliologs.php index d2ef8b1794..c08f11c775 100644 --- a/user/portfoliologs.php +++ b/user/portfoliologs.php @@ -1,5 +1,28 @@ . + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + require_once(dirname(dirname(__FILE__)) . '/config.php'); if (empty($CFG->enableportfolios)) { @@ -9,6 +32,9 @@ if (empty($CFG->enableportfolios)) { require_once($CFG->libdir . '/portfoliolib.php'); $course = optional_param('course', SITEID, PARAM_INT); + +$url = new moodle_url($CFG->wwwroot.'/user/portfoliologs.php', array('course'=>$course)); + if (! $course = $DB->get_record("course", array("id"=>$course))) { print_error('invalidcourseid'); } @@ -22,6 +48,14 @@ require_login($course, false); $page = optional_param('page', 0, PARAM_INT); $perpage = optional_param('perpage', 10, PARAM_INT); +if ($page !== 0) { + $url->param('page', $page); +} +if ($perpage !== 0) { + $url->param('perpage', $perpage); +} +$PAGE->set_url($url); + $PAGE->set_title("$course->fullname: $fullname: $strportfolios"); $PAGE->set_heading($course->fullname); diff --git a/user/repository.php b/user/repository.php index db59f2e30f..087c066f4e 100644 --- a/user/repository.php +++ b/user/repository.php @@ -1,12 +1,40 @@ -. + +/** + * This file is part of the User section Moodle + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ require_once(dirname(dirname(__FILE__)) . '/config.php'); require_once($CFG->dirroot . '/repository/lib.php'); $config = optional_param('config', 0, PARAM_INT); - $course = optional_param('course', SITEID, PARAM_INT); +$url = new moodle_url($CFG->wwwroot.'/user/repository.php', array('course'=>$course)); +if ($config !== 0) { + $url->param('config', $config); +} +$PAGE->set_url($url); + if (! $course = $DB->get_record("course", array("id"=>$course))) { print_error('invalidcourseid'); } diff --git a/user/selector/search.php b/user/selector/search.php index b7f198a85a..d5f71903ae 100644 --- a/user/selector/search.php +++ b/user/selector/search.php @@ -1,38 +1,33 @@ -. /** * Code to search for users in response to an ajax call from a user selector. * - * @license http://www.gnu.org/copyleft/gpl.html GNU Public License - * @package userselector - *//** */ + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ require_once(dirname(__FILE__) . '/../../config.php'); require_once($CFG->dirroot . '/user/selector/lib.php'); +$PAGE->set_url(new moodle_url($CFG->wwwroot.'/user/selector/search.php')); + // In developer debug mode, when there is a debug=1 in the URL send as plain text // for easier debugging. if (debugging('', DEBUG_DEVELOPER) && optional_param('debug', false, PARAM_BOOL)) { diff --git a/user/view.php b/user/view.php index 37e07871e7..a841cadc7d 100644 --- a/user/view.php +++ b/user/view.php @@ -1,181 +1,214 @@ -dirroot.'/user/profile/lib.php'); - require_once($CFG->dirroot.'/tag/lib.php'); - - $id = optional_param('id', 0, PARAM_INT); // user id - $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) - $enable = optional_param('enable', 0, PARAM_BOOL); // enable email - $disable = optional_param('disable', 0, PARAM_BOOL); // disable email +. + +/** + * Display profile for a particular user + * + * @copyright 1999 Martin Dougiamas http://dougiamas.com + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + * @package user + */ + +require_once("../config.php"); +require_once($CFG->dirroot.'/user/profile/lib.php'); +require_once($CFG->dirroot.'/tag/lib.php'); + +$id = optional_param('id', 0, PARAM_INT); // user id +$course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) +$enable = optional_param('enable', 0, PARAM_BOOL); // enable email +$disable = optional_param('disable', 0, PARAM_BOOL); // disable email + +if (empty($id)) { // See your own profile by default + require_login(); + $id = $USER->id; +} - if (empty($id)) { // See your own profile by default - require_login(); - $id = $USER->id; - } +$url = new moodle_url($CFG->wwwroot.'/user/view.php', array('id'=>$id)); +if ($course !== 0) { + $url->param('course', $course); +} +if ($enable !== 0) { + $url->param('enable', $enable); +} +if ($disable !== 0) { + $url->param('disable', $disable); +} +$PAGE->set_url($url); - if (! $user = $DB->get_record("user", array("id"=>$id))) { - print_error('invaliduserid'); - } +if (! $user = $DB->get_record("user", array("id"=>$id))) { + print_error('invaliduserid'); +} - if (! $course = $DB->get_record("course", array("id"=>$course))) { - print_error('invalidcourseid'); - } +if (! $course = $DB->get_record("course", array("id"=>$course))) { + print_error('invalidcourseid'); +} - // special hack for cli installer - continue to site settings - $systemcontext = get_context_instance(CONTEXT_SYSTEM); - if ($SITE->shortname === '' and has_capability('moodle/site:config', $systemcontext)) { - redirect($CFG->wwwroot .'/'. $CFG->admin .'/index.php'); - } +// special hack for cli installer - continue to site settings +$systemcontext = get_context_instance(CONTEXT_SYSTEM); +if ($SITE->shortname === '' and has_capability('moodle/site:config', $systemcontext)) { + redirect($CFG->wwwroot .'/'. $CFG->admin .'/index.php'); +} /// Set up page URL for blocks etc - if ($course->id == SITEID) { - $PAGE->set_url('user/view.php', array('id' => $user->id)); - } else { - $PAGE->set_url('user/view.php', array('id' => $user->id, 'course' => $course->id)); - } +if ($course->id == SITEID) { + $PAGE->set_url('user/view.php', array('id' => $user->id)); +} else { + $PAGE->set_url('user/view.php', array('id' => $user->id, 'course' => $course->id)); +} /// Make sure the current user is allowed to see this user - if (empty($USER->id)) { - $currentuser = false; - } else { - $currentuser = ($user->id == $USER->id); - } +if (empty($USER->id)) { + $currentuser = false; +} else { + $currentuser = ($user->id == $USER->id); +} - if ($course->id == SITEID) { - $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context - } else { - $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context - } - $usercontext = get_context_instance(CONTEXT_USER, $user->id); // User context +if ($course->id == SITEID) { + $coursecontext = $systemcontext; // SYSTEM context +} else { + $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context +} +$usercontext = get_context_instance(CONTEXT_USER, $user->id); // User context - $PAGE->set_context($usercontext); +$PAGE->set_context($usercontext); - if (!empty($CFG->forcelogin) || $course->id != SITEID) { - // do not force parents to enrol - if (!$DB->get_record('role_assignments', array('userid'=>$USER->id, 'contextid'=>$usercontext->id))) { - require_login($course->id); - } +if (!empty($CFG->forcelogin) || $course->id != SITEID) { + // do not force parents to enrol + if (!$DB->get_record('role_assignments', array('userid'=>$USER->id, 'contextid'=>$usercontext->id))) { + require_login($course->id); } +} - if (!empty($CFG->forceloginforprofiles)) { - require_login(); - if (isguest()) { - redirect(get_login_url()); - } +if (!empty($CFG->forceloginforprofiles)) { + require_login(); + if (has_capability('moodle/legacy:guest', $systemcontext, 0, false)) { + redirect(get_login_url()); } +} - $strpersonalprofile = get_string('personalprofile'); - $strparticipants = get_string("participants"); - $struser = get_string("user"); +$strpersonalprofile = get_string('personalprofile'); +$strparticipants = get_string("participants"); +$struser = get_string("user"); - $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext)); +$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext)); - $link = null; - if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { - $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); - } - if ($course->id===SITEID) { - $PAGE->navbar->ignore_active(); - } - $PAGE->navbar->add($strparticipants, $link); +$link = null; +if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) { + $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id)); +} +if ($course->id===SITEID) { + $PAGE->navbar->ignore_active(); +} +$PAGE->navbar->add($strparticipants, $link); /// If the user being shown is not ourselves, then make sure we are allowed to see them! - if (!$currentuser) { +if (!$currentuser) { - $PAGE->set_title("$strpersonalprofile: "); - $PAGE->set_heading("$strpersonalprofile: "); + $PAGE->set_title("$strpersonalprofile: "); + $PAGE->set_heading("$strpersonalprofile: "); - if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level - if ($CFG->forceloginforprofiles and !isteacherinanycourse() - and !isteacherinanycourse($user->id) - and !has_capability('moodle/user:viewdetails', $usercontext)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366) + if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level + if ($CFG->forceloginforprofiles and !isteacherinanycourse() + and !isteacherinanycourse($user->id) + and !has_capability('moodle/user:viewdetails', $usercontext)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366) - $PAGE->navbar->add($struser); - echo $OUTPUT->header(); - echo $OUTPUT->heading(get_string('usernotavailable', 'error')); - echo $OUTPUT->footer(); - exit; - } - } else { // Normal course - // check capabilities - if (!has_capability('moodle/user:viewdetails', $coursecontext) && - !has_capability('moodle/user:viewdetails', $usercontext)) { - print_error('cannotviewprofile'); - } + $PAGE->navbar->add($struser); + echo $OUTPUT->header(); + echo $OUTPUT->heading(get_string('usernotavailable', 'error')); + echo $OUTPUT->footer(); + exit; + } + } else { // Normal course + // check capabilities + if (!has_capability('moodle/user:viewdetails', $coursecontext) && + !has_capability('moodle/user:viewdetails', $usercontext)) { + print_error('cannotviewprofile'); + } - if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) { - if (has_capability('moodle/course:view', $coursecontext)) { - $PAGE->navbar->add($fullname); - echo $OUTPUT->heading(get_string('notenrolled', $fullname)); - } else { - $PAGE->navbar->add($struser); - echo $OUTPUT->heading(get_string('notenrolledprofile')); - } - echo $OUTPUT->continue_button($_SERVER['HTTP_REFERER']); - echo $OUTPUT->footer(); - exit; + if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) { + if (has_capability('moodle/course:view', $coursecontext)) { + $PAGE->navbar->add($fullname); + echo $OUTPUT->heading(get_string('notenrolled', $fullname)); + } else { + $PAGE->navbar->add($struser); + echo $OUTPUT->heading(get_string('notenrolledprofile')); } + echo $OUTPUT->continue_button($_SERVER['HTTP_REFERER']); + echo $OUTPUT->footer(); + exit; } + } - // If groups are in use, make sure we can see that group - if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { - require_login(); - ///this is changed because of mygroupid - $gtrue = (bool)groups_get_all_groups($course->id, $user->id); - if (!$gtrue) { - print_error("groupnotamember", '', "../course/view.php?id=$course->id"); - } + // If groups are in use, make sure we can see that group + if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { + require_login(); + ///this is changed because of mygroupid + $gtrue = (bool)groups_get_all_groups($course->id, $user->id); + if (!$gtrue) { + print_error("groupnotamember", '', "../course/view.php?id=$course->id"); } } +} /// We've established they can see the user's name at least, so what about the rest? - $PAGE->navbar->add($struser); - $PAGE->set_title("$course->fullname: $strpersonalprofile: $fullname"); - $PAGE->set_heading($course->fullname); - echo $OUTPUT->header(); +$PAGE->navbar->add($struser); +$PAGE->set_title("$course->fullname: $strpersonalprofile: $fullname"); +$PAGE->set_heading($course->fullname); +echo $OUTPUT->header(); - if (($course->id != SITEID) and ! isguest() ) { // Need to have access to a course to see that info - if (!has_capability('moodle/course:view', $coursecontext, $user->id)) { - echo $OUTPUT->heading(get_string('notenrolled', '', $fullname)); - echo $OUTPUT->footer(); - die; - } +if (($course->id != SITEID) and ! has_capability('moodle/legacy:guest', $systemcontext, 0, false) ) { // Need to have access to a course to see that info + if (!has_capability('moodle/course:view', $coursecontext, $user->id)) { + echo $OUTPUT->heading(get_string('notenrolled', '', $fullname)); + echo $OUTPUT->footer(); + die; } +} - if ($user->deleted) { - echo $OUTPUT->heading(get_string('userdeleted')); - if (!has_capability('moodle/user:update', $coursecontext)) { - echo $OUTPUT->footer(); - die; - } +if ($user->deleted) { + echo $OUTPUT->heading(get_string('userdeleted')); + if (!has_capability('moodle/user:update', $coursecontext)) { + echo $OUTPUT->footer(); + die; } +} /// OK, security out the way, now we are showing the user - add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id"); +add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id"); - if ($course->id != SITEID) { - $user->lastaccess = false; - if ($lastaccess = $DB->get_record('user_lastaccess', array('userid'=>$user->id, 'courseid'=>$course->id))) { - $user->lastaccess = $lastaccess->timeaccess; - } +if ($course->id != SITEID) { + $user->lastaccess = false; + if ($lastaccess = $DB->get_record('user_lastaccess', array('userid'=>$user->id, 'courseid'=>$course->id))) { + $user->lastaccess = $lastaccess->timeaccess; } +} /// Get the hidden field list - if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) { - $hiddenfields = array(); - } else { - $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields)); - } +if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) { + $hiddenfields = array(); +} else { + $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields)); +} /// Print tabs at top /// This same call is made in: @@ -183,366 +216,366 @@ /// /user/edit.php /// /course/user.php - $currenttab = 'profile'; - $showroles = 1; - if (!$user->deleted) { - include('tabs.php'); - } +$currenttab = 'profile'; +$showroles = 1; +if (!$user->deleted) { + include('tabs.php'); +} - if (is_mnet_remote_user($user)) { - $sql = " - SELECT DISTINCT h.id, h.name, h.wwwroot, - a.name as application, a.display_name - FROM {mnet_host} h, {mnet_application} a - WHERE h.id = ? AND h.applicationid = a.id - ORDER BY a.display_name, h.name"; +if (is_mnet_remote_user($user)) { + $sql = " + SELECT DISTINCT h.id, h.name, h.wwwroot, + a.name as application, a.display_name + FROM {mnet_host} h, {mnet_application} a + WHERE h.id = ? AND h.applicationid = a.id + ORDER BY a.display_name, h.name"; - $remotehost = $DB->get_record_sql($sql, array($user->mnethostid)); + $remotehost = $DB->get_record_sql($sql, array($user->mnethostid)); - echo '

'.get_string('remoteappuser', $remotehost->application)."
\n"; - if ($USER->id == $user->id) { - if ($remotehost->application =='moodle') { - echo "Remote {$remotehost->display_name}: wwwroot}/user/edit.php\">{$remotehost->name} ".get_string('editremoteprofile')."

\n"; - } else { - echo "Remote {$remotehost->display_name}: wwwroot}/\">{$remotehost->name} ".get_string('gotoyourserver')."

\n"; - } + echo '

'.get_string('remoteappuser', $remotehost->application)."
\n"; + if ($USER->id == $user->id) { + if ($remotehost->application =='moodle') { + echo "Remote {$remotehost->display_name}: wwwroot}/user/edit.php\">{$remotehost->name} ".get_string('editremoteprofile')."

\n"; } else { - echo "Remote {$remotehost->display_name}: wwwroot}/\">{$remotehost->name}

\n"; + echo "Remote {$remotehost->display_name}: wwwroot}/\">{$remotehost->name} ".get_string('gotoyourserver')."

\n"; } + } else { + echo "Remote {$remotehost->display_name}: wwwroot}/\">{$remotehost->name}

\n"; } +} - echo ''; - echo ''; - echo '
'; - $userpic = moodle_user_picture::make($user, $course->id); - $userpic->size = 100; - echo $OUTPUT->user_picture($userpic); - echo ''; +echo ''; +echo ''; +echo '
'; +$userpic = moodle_user_picture::make($user, $course->id); +$userpic->size = 100; +echo $OUTPUT->user_picture($userpic); +echo ''; - // Print the description +// Print the description - if ($user->description && !isset($hiddenfields['description'])) { - $has_courseid = ($course->id != SITEID); - if (!$has_courseid && !empty($CFG->profilesforenrolledusersonly) && !$DB->record_exists('role_assignments', array('userid'=>$id))) { - echo get_string('profilenotshown', 'moodle').'
'; - } else { - echo format_text($user->description, FORMAT_MOODLE)."
"; - } +if ($user->description && !isset($hiddenfields['description'])) { + $has_courseid = ($course->id != SITEID); + if (!$has_courseid && !empty($CFG->profilesforenrolledusersonly) && !$DB->record_exists('role_assignments', array('userid'=>$id))) { + echo get_string('profilenotshown', 'moodle').'
'; + } else { + echo format_text($user->description, FORMAT_MOODLE)."
"; } +} - // Print all the little details in a list +// Print all the little details in a list - echo ''; +echo '
'; - if (! isset($hiddenfields['country']) && $user->country) { - $countries = get_list_of_countries(); - print_row(get_string('country') . ':', $countries[$user->country]); - } +if (! isset($hiddenfields['country']) && $user->country) { + $countries = get_list_of_countries(); + print_row(get_string('country') . ':', $countries[$user->country]); +} - if (! isset($hiddenfields['city']) && $user->city) { - print_row(get_string('city') . ':', $user->city); - } +if (! isset($hiddenfields['city']) && $user->city) { + print_row(get_string('city') . ':', $user->city); +} - if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) { - if ($user->address) { - print_row(get_string("address").":", "$user->address"); - } - if ($user->phone1) { - print_row(get_string("phone").":", "$user->phone1"); - } - if ($user->phone2) { - print_row(get_string("phone2").":", "$user->phone2"); - } +if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) { + if ($user->address) { + print_row(get_string("address").":", "$user->address"); + } + if ($user->phone1) { + print_row(get_string("phone").":", "$user->phone1"); + } + if ($user->phone2) { + print_row(get_string("phone2").":", "$user->phone2"); } +} - if ($user->maildisplay == 1 or - ($user->maildisplay == 2 and ($course->id != SITEID) and !isguest()) or - has_capability('moodle/course:useremail', $coursecontext)) { +if ($user->maildisplay == 1 or + ($user->maildisplay == 2 and ($course->id != SITEID) and !isguest()) or + has_capability('moodle/course:useremail', $coursecontext)) { - $emailswitch = ''; + $emailswitch = ''; - if (has_capability('moodle/course:useremail', $coursecontext) or $currentuser) { /// Can use the enable/disable email stuff - if (!empty($enable)) { /// Recieved a parameter to enable the email address - $DB->set_field('user', 'emailstop', 0, array('id'=>$user->id)); - $user->emailstop = 0; - } - if (!empty($disable)) { /// Recieved a parameter to disable the email address - $DB->set_field('user', 'emailstop', 1, array('id'=>$user->id)); - $user->emailstop = 1; - } + if (has_capability('moodle/course:useremail', $coursecontext) or $currentuser) { /// Can use the enable/disable email stuff + if (!empty($enable)) { /// Recieved a parameter to enable the email address + $DB->set_field('user', 'emailstop', 0, array('id'=>$user->id)); + $user->emailstop = 0; } - - if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff - if ($user->emailstop) { - $switchparam = 'enable'; - $switchtitle = get_string('emaildisable'); - $switchclick = get_string('emailenableclick'); - $switchpix = 't/emailno'; - } else { - $switchparam = 'disable'; - $switchtitle = get_string('emailenable'); - $switchclick = get_string('emaildisableclick'); - $switchpix = 't/email'; - } - $emailswitch = " id&course=$course->id&$switchparam=1\">". - "old_icon_url("$switchpix") . "\" alt=\"$switchclick\" />"; - - } else if ($currentuser) { /// Can only re-enable an email this way - if ($user->emailstop) { // Include link that tells how to re-enable their email - $switchparam = 'enable'; - $switchtitle = get_string('emaildisable'); - $switchclick = get_string('emailenableclick'); - - $emailswitch = " (id&course=$course->id&enable=1\">$switchtitle)"; - } + if (!empty($disable)) { /// Recieved a parameter to disable the email address + $DB->set_field('user', 'emailstop', 1, array('id'=>$user->id)); + $user->emailstop = 1; } - - print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch"); } - if ($user->url && !isset($hiddenfields['webpage'])) { - $url = $user->url; - if (strpos($user->url, '://') === false) { - $url = 'http://'. $url; + if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff + if ($user->emailstop) { + $switchparam = 'enable'; + $switchtitle = get_string('emaildisable'); + $switchclick = get_string('emailenableclick'); + $switchpix = 't/emailno'; + } else { + $switchparam = 'disable'; + $switchtitle = get_string('emailenable'); + $switchclick = get_string('emaildisableclick'); + $switchpix = 't/email'; + } + $emailswitch = " id&course=$course->id&$switchparam=1\">". + "old_icon_url("$switchpix") . "\" alt=\"$switchclick\" />"; + + } else if ($currentuser) { /// Can only re-enable an email this way + if ($user->emailstop) { // Include link that tells how to re-enable their email + $switchparam = 'enable'; + $switchtitle = get_string('emaildisable'); + $switchclick = get_string('emailenableclick'); + + $emailswitch = " (id&course=$course->id&enable=1\">$switchtitle)"; } - print_row(get_string("webpage") .":", "$user->url"); } - if ($user->icq && !isset($hiddenfields['icqnumber'])) { - print_row(get_string('icqnumber').':',"icq\">$user->icq icq&img=5\" alt=\"\" />"); - } + print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch"); +} - if ($user->skype && !isset($hiddenfields['skypeid'])) { - print_row(get_string('skypeid').':',''.s($user->skype). - ' '.get_string('status').''); - } - if ($user->yahoo && !isset($hiddenfields['yahooid'])) { - print_row(get_string('yahooid').':', ''.s($user->yahoo)." yahoo)."&m=g&t=0\" alt=\"\">"); - } - if ($user->aim && !isset($hiddenfields['aimid'])) { - print_row(get_string('aimid').':', ''.s($user->aim).''); - } - if ($user->msn && !isset($hiddenfields['msnid'])) { - print_row(get_string('msnid').':', s($user->msn)); +if ($user->url && !isset($hiddenfields['webpage'])) { + $url = $user->url; + if (strpos($user->url, '://') === false) { + $url = 'http://'. $url; } + print_row(get_string("webpage") .":", "$user->url"); +} - /// Print the Custom User Fields - profile_display_fields($user->id); - - - if (!isset($hiddenfields['mycourses'])) { - if ($mycourses = get_my_courses($user->id, null, null, false, 21)) { - $shown=0; - $courselisting = ''; - foreach ($mycourses as $mycourse) { - if ($mycourse->category) { - if ($mycourse->id != $course->id){ - $class = ''; - if ($mycourse->visible == 0) { - // get_my_courses will filter courses $USER cannot see - // if we get one with visible 0 it just means it's hidden - // ... but not from $USER - $class = 'class="dimmed"'; - } - $courselisting .= "wwwroot}/user/view.php?id={$user->id}&course={$mycourse->id}\" $class >" - . format_string($mycourse->fullname) . ", "; - } - else { - $courselisting .= format_string($mycourse->fullname) . ", "; +if ($user->icq && !isset($hiddenfields['icqnumber'])) { + print_row(get_string('icqnumber').':',"icq\">$user->icq icq&img=5\" alt=\"\" />"); +} + +if ($user->skype && !isset($hiddenfields['skypeid'])) { + print_row(get_string('skypeid').':',''.s($user->skype). + ' '.get_string('status').''); +} +if ($user->yahoo && !isset($hiddenfields['yahooid'])) { + print_row(get_string('yahooid').':', ''.s($user->yahoo)." yahoo)."&m=g&t=0\" alt=\"\">"); +} +if ($user->aim && !isset($hiddenfields['aimid'])) { + print_row(get_string('aimid').':', ''.s($user->aim).''); +} +if ($user->msn && !isset($hiddenfields['msnid'])) { + print_row(get_string('msnid').':', s($user->msn)); +} + +/// Print the Custom User Fields +profile_display_fields($user->id); + + +if (!isset($hiddenfields['mycourses'])) { + if ($mycourses = get_my_courses($user->id, null, null, false, 21)) { + $shown=0; + $courselisting = ''; + foreach ($mycourses as $mycourse) { + if ($mycourse->category) { + if ($mycourse->id != $course->id){ + $class = ''; + if ($mycourse->visible == 0) { + // get_my_courses will filter courses $USER cannot see + // if we get one with visible 0 it just means it's hidden + // ... but not from $USER + $class = 'class="dimmed"'; } + $courselisting .= "wwwroot}/user/view.php?id={$user->id}&course={$mycourse->id}\" $class >" + . format_string($mycourse->fullname) . ", "; } - $shown++; - if($shown==20) { - $courselisting.= "..."; - break; + else { + $courselisting .= format_string($mycourse->fullname) . ", "; } } - print_row(get_string('courses').':', rtrim($courselisting,', ')); + $shown++; + if($shown==20) { + $courselisting.= "..."; + break; + } } + print_row(get_string('courses').':', rtrim($courselisting,', ')); } - if (!isset($hiddenfields['firstaccess'])) { - if ($user->firstaccess) { - $datestring = userdate($user->firstaccess)."  (".format_time(time() - $user->firstaccess).")"; - } else { - $datestring = get_string("never"); - } - print_row(get_string("firstaccess").":", $datestring); +} +if (!isset($hiddenfields['firstaccess'])) { + if ($user->firstaccess) { + $datestring = userdate($user->firstaccess)."  (".format_time(time() - $user->firstaccess).")"; + } else { + $datestring = get_string("never"); } - if (!isset($hiddenfields['lastaccess'])) { - if ($user->lastaccess) { - $datestring = userdate($user->lastaccess)."  (".format_time(time() - $user->lastaccess).")"; - } else { - $datestring = get_string("never"); - } - print_row(get_string("lastaccess").":", $datestring); + print_row(get_string("firstaccess").":", $datestring); +} +if (!isset($hiddenfields['lastaccess'])) { + if ($user->lastaccess) { + $datestring = userdate($user->lastaccess)."  (".format_time(time() - $user->lastaccess).")"; + } else { + $datestring = get_string("never"); } + print_row(get_string("lastaccess").":", $datestring); +} /// printing roles - if ($rolestring = get_user_roles_in_context($id, $coursecontext)) { - print_row(get_string('roles').':', format_string($rolestring, false)); - } +if ($rolestring = get_user_roles_in_context($id, $coursecontext)) { + print_row(get_string('roles').':', format_string($rolestring, false)); +} /// Printing groups - if (!isset($hiddenfields['groups'])) { - $isseparategroups = ($course->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)); - if (!$isseparategroups){ - if ($usergroups = groups_get_all_groups($course->id, $user->id)){ - $groupstr = ''; - foreach ($usergroups as $group){ - $groupstr .= ' '.format_string($group->name).','; - } - print_row(get_string("group").":", rtrim($groupstr, ', ')); +if (!isset($hiddenfields['groups'])) { + $isseparategroups = ($course->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)); + if (!$isseparategroups){ + if ($usergroups = groups_get_all_groups($course->id, $user->id)){ + $groupstr = ''; + foreach ($usergroups as $group){ + $groupstr .= ' '.format_string($group->name).','; } + print_row(get_string("group").":", rtrim($groupstr, ', ')); } } +} /// End of printing groups /// Printing Interests - if( !empty($CFG->usetags)) { - if ( $interests = tag_get_tags_csv('user', $user->id) ) { - print_row(get_string('interests') .": ", $interests); - } + if( !empty($CFG->usetags)) { + if ( $interests = tag_get_tags_csv('user', $user->id) ) { + print_row(get_string('interests') .": ", $interests); } +} /// End of Printing Interests - echo "
"; +echo "
"; - echo "
"; +echo ""; - $userauth = get_auth_plugin($user->auth); +$userauth = get_auth_plugin($user->auth); - $passwordchangeurl = false; - if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) { - if (!$passwordchangeurl = $userauth->change_password_url()) { - if (empty($CFG->loginhttps)) { - $passwordchangeurl = "$CFG->wwwroot/login/change_password.php"; - } else { - $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php'); - } +$passwordchangeurl = false; +if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) { + if (!$passwordchangeurl = $userauth->change_password_url()) { + if (empty($CFG->loginhttps)) { + $passwordchangeurl = "$CFG->wwwroot/login/change_password.php"; + } else { + $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php'); } } +} // Print other functions - echo '
'; +echo '
'; - if ($passwordchangeurl) { - $params = array('id'=>$course->id); +if ($passwordchangeurl) { + $params = array('id'=>$course->id); - if (session_is_loggedinas()) { - $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data - } else { - $parts = explode('?', $passwordchangeurl); - $passwordchangeurl = reset($parts); - $after = next($parts); - preg_match_all('/([^&=]+)=([^&=]+)/', $after, $matches); - if (count($matches)) { - foreach($matches[0] as $key=>$match) { - $params[$matches[1][$key]] = $matches[2][$key]; - } + if (session_is_loggedinas()) { + $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data + } else { + $parts = explode('?', $passwordchangeurl); + $passwordchangeurl = reset($parts); + $after = next($parts); + preg_match_all('/([^&=]+)=([^&=]+)/', $after, $matches); + if (count($matches)) { + foreach($matches[0] as $key=>$match) { + $params[$matches[1][$key]] = $matches[2][$key]; } } - echo "
"; - echo "
"; - foreach($params as $key=>$value) { - echo ''; - } - if (session_is_loggedinas()) { - // changing of password when "Logged in as" is not allowed - echo ""; - } else { - echo ""; - } - echo "
"; - echo "
"; } + echo "
"; + echo "
"; + foreach($params as $key=>$value) { + echo ''; + } + if (session_is_loggedinas()) { + // changing of password when "Logged in as" is not allowed + echo ""; + } else { + echo ""; + } + echo "
"; + echo "
"; +} - if ($course->id != SITEID && empty($course->metacourse)) { // Mostly only useful at course level +if ($course->id != SITEID && empty($course->metacourse)) { // Mostly only useful at course level - $canunenrol = false; + $canunenrol = false; - if ($user->id == $USER->id) { // Myself - $canunenrol = has_capability('moodle/course:view', $coursecontext, NULL) && // Course participant - has_capability('moodle/role:unassignself', $coursecontext, NULL, false) && // Can unassign myself - get_user_roles($coursecontext, $user->id, false); // Must have role in course + if ($user->id == $USER->id) { // Myself + $canunenrol = has_capability('moodle/course:view', $coursecontext, NULL) && // Course participant + has_capability('moodle/role:unassignself', $coursecontext, NULL, false) && // Can unassign myself + get_user_roles($coursecontext, $user->id, false); // Must have role in course - } else if (has_capability('moodle/role:assign', $coursecontext, NULL)) { // I can assign roles - if ($roles = get_user_roles($coursecontext, $user->id, false)) { - $canunenrol = true; - foreach($roles as $role) { - if (!user_can_assign($coursecontext, $role->roleid)) { - $canunenrol = false; // I can not unassign all roles in this course :-( - break; - } + } else if (has_capability('moodle/role:assign', $coursecontext, NULL)) { // I can assign roles + if ($roles = get_user_roles($coursecontext, $user->id, false)) { + $canunenrol = true; + foreach($roles as $role) { + if (!user_can_assign($coursecontext, $role->roleid)) { + $canunenrol = false; // I can not unassign all roles in this course :-( + break; } } } - - if ($canunenrol) { - echo '
'; - echo '
'; - echo ''; - echo ''; - echo ''; - echo '
'; - echo '
'; - } } - if (!$user->deleted and $USER->id != $user->id && !session_is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) && - ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) { - echo '
'; + if ($canunenrol) { + echo ''; echo '
'; echo ''; echo ''; - echo ''; - echo ''; + echo ''; echo '
'; echo '
'; } +} - if (!$user->deleted and !empty($CFG->messaging) and !isguest() and has_capability('moodle/site:sendmessage', get_context_instance(CONTEXT_SYSTEM))) { - if (!empty($USER->id) and ($USER->id == $user->id)) { - if ($countmessages = $DB->count_records('message', array('useridto'=>$user->id))) { - $messagebuttonname = get_string("messages", "message")."($countmessages)"; - } else { - $messagebuttonname = get_string("messages", "message"); - } - echo "
"; - echo "
"; - echo ""; - echo "
"; - echo "
"; +if (!$user->deleted and $USER->id != $user->id && !session_is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) && + ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) { + echo '
'; + echo '
'; + echo ''; + echo ''; + echo ''; + echo ''; + echo '
'; + echo '
'; +} + +if (!$user->deleted and !empty($CFG->messaging) and !isguest() and has_capability('moodle/site:sendmessage', $systemcontext)) { + if (!empty($USER->id) and ($USER->id == $user->id)) { + if ($countmessages = $DB->count_records('message', array('useridto'=>$user->id))) { + $messagebuttonname = get_string("messages", "message")."($countmessages)"; } else { - echo "
id'\" action=\"../message/discussion.php\" method=\"get\">"; - echo "
"; - echo "id\" />"; - echo "id', 'message_$user->id', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />"; - echo "
"; - echo "
"; + $messagebuttonname = get_string("messages", "message"); } - } - // Authorize.net: User Payments - if ($course->enrol == 'authorize' || (empty($course->enrol) && $CFG->enrol == 'authorize')) { - echo "
"; + echo ""; + echo "
"; + echo ""; + echo "
"; + echo "
"; + } else { + echo "
id'\" action=\"../message/discussion.php\" method=\"get\">"; echo "
"; - echo "id\" />"; - echo "id\" />"; - echo ""; + echo "id\" />"; + echo "id', 'message_$user->id', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />"; echo "
"; echo "
"; } - echo "
\n"; +} +// Authorize.net: User Payments +if ($course->enrol == 'authorize' || (empty($course->enrol) && $CFG->enrol == 'authorize')) { + echo "
"; + echo "
"; + echo "id\" />"; + echo "id\" />"; + echo ""; + echo "
"; + echo "
"; +} +echo "
\n"; - if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $USER->id == $user->id) { // Show user object - echo '
'; - echo $OUTPUT->heading('DEBUG MODE: User session variables'); - print_object($USER); - } +if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $USER->id == $user->id) { // Show user object + echo '
'; + echo $OUTPUT->heading('DEBUG MODE: User session variables'); + print_object($USER); +} - echo $OUTPUT->footer(); +echo $OUTPUT->footer(); /// Functions /////// @@ -550,4 +583,4 @@ function print_row($left, $right) { echo "\n$left$right\n"; } -?> +?> \ No newline at end of file -- 2.39.5