moodle/admin/user.php

<?PHP // $Id$

	require("../config.php");
	require("../user/lib.php");
    require("../lib/countries.php");

    optional_variable($newuser, "");
    optional_variable($delete, "");
    optional_variable($confirm, "");
    optional_variable($sort, "name");
    optional_variable($dir, "ASC");

    if (! record_exists_sql("SELECT * FROM user_admins")) {   // No admin user yet
        $user->firstname = "Admin";
        $user->lastname  = "User";
        $user->username  = "admin";
        $user->password  = md5("admin");
        $user->email     = "root@localhost";
        $user->confirmed = 1;
        $user->maildisplay = 1;
        $user->timemodified = time();

        if (! $user->id = insert_record("user", $user)) {
            error("SERIOUS ERROR: Could not create admin user record !!!");
        }

        $admin->user = $user->id;

        if (! insert_record("user_admins", $admin)) {
            error("Could not make user $user->id an admin !!!");
        }

        if (! $user = get_record("user", "id", $user->id)) {     // Double check
            error("User ID was incorrect (can't find it)");
        }

        if (! $site = get_site()) {
            error("Could not find site-level course");
        }

        $teacher->user = $user->id;
        $teacher->course = $site->id;
        $teacher->authority = 1;
        if (! insert_record("user_teachers", $teacher)) {
            error("Could not make user $id a teacher of site-level course !!!");
        }

        $USER = $user;
        $USER->loggedin = true;
        $USER->site = $CFG->wwwroot;
        $USER->admin = true;
        $USER->teacher["$site->id"] = true;
        save_session("USER");

        redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");

    } else {
        if (! $site = get_site()) {
            error("Could not find site-level course");
        }
    }

    require_login();

    if (!isadmin()) {
        error("You must be an administrator to edit users this way.");
    }

    if ($newuser) {                 // Create a new user
        $user->firstname = "";
        $user->lastname  = "";
        $user->username  = "changeme";
        $user->password  = "";
        $user->email     = "";
        $user->confirmed = 1;
        $user->timemodified = time();

        if (! $user->id = insert_record("user", $user)) {
            if (!$user = get_record("user", "username", "changeme")) {   // half finished user from another time
                error("Could not start a new user!");
            }
        }

        redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
        
    } else {                        // List all users for editing

        $stredituser = get_string("edituser");
        $stradministration = get_string("administration");
        $stredit   = get_string("edit");
        $strdelete = get_string("delete");
        $strdeletecheck = get_string("deletecheck");

        print_header("$site->fullname : $stredituser", $site->fullname, 
                     "<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> -> $stredituser");

        if ($delete) {              // Delete a selected user, after confirmation
            if (!$user = get_record("user", "id", "$delete")) {
                error("No such user!");
            }
            if ($confirm != md5($delete)) {
                notice_yesno(get_string("deletecheckfull", "", "'$user->firstname $user->lastname'"),
                     "user.php?delete=$delete&confirm=".md5($delete), "user.php");

                exit;
            } else if (!$user->deleted) {
                $user->deleted = "1";
                $user->username = $user->email;  // Remember it just in case
                $user->email = "";               // Clear this field to free it up
                $user->timemodified = time();
                if (update_record("user", $user)) {
                    unenrol_student($user->id);  // From all courses
                    remove_teacher($user->id);   // From all courses
                    remove_admin($user->id);
                    notify(get_string("deletedactivity", "", "$user->firstname $user->lastname"));
                } else {
                    notify(get_string("deletednot", "", "$user->firstname $user->lastname"));
                }
            }
        }

        // Carry on with the user listing

        $columns = array("name", "email", "city", "country", "lastaccess");

        foreach ($columns as $column) {
            $string[$column] = get_string("$column");
            $columnsort = "$column";
            if ($column == "lastaccess") {
                $columndir = "DESC";
            } else {
                $columndir = "ASC";
            }
            if ($columnsort == $sort) {
               $$column = $string[$column];
            } else {
               $$column = "<A HREF=\"user.php?sort=$columnsort&dir=$columndir\">".$string[$column]."</A>";
            }
        }

        if ($sort == "name") {
            $sort = "firstname";
        }

        if ($users = get_records_sql("SELECT * from user WHERE username <> 'guest' 
                                      AND deleted <> '1' ORDER BY $sort $dir")) {

            foreach ($users as $key => $user) {
                $users[$key]->country = $COUNTRIES[$user->country];
            }
            if ($sort == "country") {  // Need to resort by full country name, not code
                foreach ($users as $user) {
                    $susers[$user->id] = $user->country;
                }
                asort($susers);
                foreach ($susers as $key => $value) {
                    $nusers[] = $users[$key];
                }
                $users = $nusers;
            }

            print_heading(get_string("chooseuser"));

            $table->head = array ($name, $email, $city, $country, $lastaccess, "", "");
            $table->align = array ("LEFT", "LEFT", "LEFT", "LEFT", "LEFT", "CENTER", "CENTER");
            $table->width = "95%";
            foreach ($users as $user) {
                if ($user->id == $USER->id or $user->username == "changeme") {
                    $deletebutton = "";
                } else {
                    $deletebutton = "<A HREF=\"user.php?delete=$user->id\" TARGET=\"$strdeletecheck\">$strdelete</A>";
                }
                if ($user->lastaccess) {
                    $strlastaccess = format_time(time() - $user->lastaccess);
                } else {
                    $strlastaccess = get_string("never");
                }
                $table->data[] = array ("<A HREF=\"../user/view.php?id=$user->id&course=$site->id\">$user->firstname $user->lastname</A>",
                                 "$user->email",
                                 "$user->city",
                                 "$user->country",
                                 $strlastaccess,
                                 "<A HREF=\"../user/edit.php?id=$user->id&course=$site->id\">$stredit</A>",
                                 $deletebutton);
            }
            print_table($table);

            print_heading("<A HREF=\"user.php?newuser=true\">".get_string("addnewuser")."</A>");
        } else {
            error("No users found!");
            
        }
        print_footer();
    }

?>
Initial revision 2001-11-22 06:23:56 +00:00			`<?PHP // $Id$`

			`require("../config.php");`
			`require("../user/lib.php");`
More admin cleanups - improved user listing 2002-08-03 04:57:45 +00:00			`require("../lib/countries.php");`
Initial revision 2001-11-22 06:23:56 +00:00
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`optional_variable($newuser, "");`
			`optional_variable($delete, "");`
			`optional_variable($confirm, "");`
			`optional_variable($sort, "name");`
			`optional_variable($dir, "ASC");`

Tweaks to creation of user account while searching for the login problem some people are having ... 2002-08-22 06:41:30 +00:00			`if (! record_exists_sql("SELECT * FROM user_admins")) { // No admin user yet`
Initial revision 2001-11-22 06:23:56 +00:00			`$user->firstname = "Admin";`
			`$user->lastname = "User";`
			`$user->username = "admin";`
BUG FIX: In the last version I introduced a new security feature (keeping the site URL stored in the USER session object) but forgot to add this to the brand new admin user - causing it to fail. Fixed. 2002-09-05 02:04:00 +00:00			`$user->password = md5("admin");`
Initial revision 2001-11-22 06:23:56 +00:00			`$user->email = "root@localhost";`
			`$user->confirmed = 1;`
Tweaks to creation of user account while searching for the login problem some people are having ... 2002-08-22 06:41:30 +00:00			`$user->maildisplay = 1;`
Initial revision 2001-11-22 06:23:56 +00:00			`$user->timemodified = time();`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (! $user->id = insert_record("user", $user)) {`
			`error("SERIOUS ERROR: Could not create admin user record !!!");`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`$admin->user = $user->id;`
Initial revision 2001-11-22 06:23:56 +00:00
			`if (! insert_record("user_admins", $admin)) {`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`error("Could not make user $user->id an admin !!!");`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (! $user = get_record("user", "id", $user->id)) { // Double check`
Initial revision 2001-11-22 06:23:56 +00:00			`error("User ID was incorrect (can't find it)");`
			`}`

Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`if (! $site = get_site()) {`
Initial revision 2001-11-22 06:23:56 +00:00			`error("Could not find site-level course");`
			`}`

			`$teacher->user = $user->id;`
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`$teacher->course = $site->id;`
Initial revision 2001-11-22 06:23:56 +00:00			`$teacher->authority = 1;`
			`if (! insert_record("user_teachers", $teacher)) {`
			`error("Could not make user $id a teacher of site-level course !!!");`
			`}`

			`$USER = $user;`
			`$USER->loggedin = true;`
BUG FIX: In the last version I introduced a new security feature (keeping the site URL stored in the USER session object) but forgot to add this to the brand new admin user - causing it to fail. Fixed. 2002-09-05 02:04:00 +00:00			`$USER->site = $CFG->wwwroot;`
Initial revision 2001-11-22 06:23:56 +00:00			`$USER->admin = true;`
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`$USER->teacher["$site->id"] = true;`
Widespread changes throughout Moodle to make sure it works on servers that have register_globals turned off (this is the default setting on newer version of PHP). In fact it's partly a hack that globalises all GET, POST, FILES AND COOKIE variables. Unfortunately though the SESSION and USER global session variables are only available as $_SESSION["USER"] and $_SESSION["SESSION"], which is cumbersome to use. So, for every request I now make a copy of these two session variables into $USER and $SESSION. Whenever I update them thoughout Moodle I now have to call save_session("USER") which copies them back to the session variable. This seems to be working well now. Because I'm using $_SESSION etc now this will raise the required minimum version of PHP to 4.1.0 2002-08-06 17:23:45 +00:00			`save_session("USER");`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00
			`} else {`
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`if (! $site = get_site()) {`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`error("Could not find site-level course");`
			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

			`require_login();`

			`if (!isadmin()) {`
			`error("You must be an administrator to edit users this way.");`
			`}`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if ($newuser) { // Create a new user`
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`$user->firstname = "";`
			`$user->lastname = "";`
			`$user->username = "changeme";`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`$user->password = "";`
			`$user->email = "";`
			`$user->confirmed = 1;`
			`$user->timemodified = time();`
Initial revision 2001-11-22 06:23:56 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (! $user->id = insert_record("user", $user)) {`
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`if (!$user = get_record("user", "username", "changeme")) { // half finished user from another time`
			`error("Could not start a new user!");`
			`}`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`}`
Initial revision 2001-11-22 06:23:56 +00:00
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`} else { // List all users for editing`
Initial revision 2001-11-22 06:23:56 +00:00
Changes to enable DELETION of user accounts. Accounts aren't actually deleted, they are just marked with a deleteion flag that prevents them from logging in, or from being listed anywhere. 2002-09-22 03:01:17 +00:00			`$stredituser = get_string("edituser");`
			`$stradministration = get_string("administration");`
			`$stredit = get_string("edit");`
			`$strdelete = get_string("delete");`
			`$strdeletecheck = get_string("deletecheck");`

			`print_header("$site->fullname : $stredituser", $site->fullname,`
			`"<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> -> $stredituser");`

Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`if ($delete) { // Delete a selected user, after confirmation`
			`if (!$user = get_record("user", "id", "$delete")) {`
			`error("No such user!");`
			`}`
			`if ($confirm != md5($delete)) {`
			`notice_yesno(get_string("deletecheckfull", "", "'$user->firstname $user->lastname'"),`
			`"user.php?delete=$delete&confirm=".md5($delete), "user.php");`

			`exit;`
Don't delete a user if already deleted (reloading page, say) 2002-09-22 14:42:32 +00:00			`} else if (!$user->deleted) {`
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`$user->deleted = "1";`
			`$user->username = $user->email; // Remember it just in case`
			`$user->email = ""; // Clear this field to free it up`
			`$user->timemodified = time();`
			`if (update_record("user", $user)) {`
			`unenrol_student($user->id); // From all courses`
			`remove_teacher($user->id); // From all courses`
			`remove_admin($user->id);`
			`notify(get_string("deletedactivity", "", "$user->firstname $user->lastname"));`
			`} else {`
			`notify(get_string("deletednot", "", "$user->firstname $user->lastname"));`
Changes to enable DELETION of user accounts. Accounts aren't actually deleted, they are just marked with a deleteion flag that prevents them from logging in, or from being listed anywhere. 2002-09-22 03:01:17 +00:00			`}`
			`}`
			`}`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`// Carry on with the user listing`

			`$columns = array("name", "email", "city", "country", "lastaccess");`

			`foreach ($columns as $column) {`
			`$string[$column] = get_string("$column");`
			`$columnsort = "$column";`
			`if ($column == "lastaccess") {`
			`$columndir = "DESC";`
			`} else {`
			`$columndir = "ASC";`
			`}`
			`if ($columnsort == $sort) {`
			`$$column = $string[$column];`
			`} else {`
			`$$column = "<A HREF=\"user.php?sort=$columnsort&dir=$columndir\">".$string[$column]."</A>";`
			`}`
			`}`

			`if ($sort == "name") {`
			`$sort = "firstname";`
			`}`

			`if ($users = get_records_sql("SELECT * from user WHERE username <> 'guest'`
			`AND deleted <> '1' ORDER BY $sort $dir")) {`

Fixes to country sorting 2002-09-22 16:03:01 +00:00			`foreach ($users as $key => $user) {`
			`$users[$key]->country = $COUNTRIES[$user->country];`
Better handling of country sorting 2002-09-22 15:57:23 +00:00			`}`
			`if ($sort == "country") { // Need to resort by full country name, not code`
			`foreach ($users as $user) {`
Better way of sorting countries 2002-09-22 16:12:49 +00:00			`$susers[$user->id] = $user->country;`
Better handling of country sorting 2002-09-22 15:57:23 +00:00			`}`
Better way of sorting countries 2002-09-22 16:12:49 +00:00			`asort($susers);`
			`foreach ($susers as $key => $value) {`
			`$nusers[] = $users[$key];`
			`}`
			`$users = $nusers;`
Better handling of country sorting 2002-09-22 15:57:23 +00:00			`}`

Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`print_heading(get_string("chooseuser"));`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`$table->head = array ($name, $email, $city, $country, $lastaccess, "", "");`
			`$table->align = array ("LEFT", "LEFT", "LEFT", "LEFT", "LEFT", "CENTER", "CENTER");`
Fixes to table widths 2002-09-22 14:11:45 +00:00			`$table->width = "95%";`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`foreach ($users as $user) {`
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`if ($user->id == $USER->id or $user->username == "changeme") {`
			`$deletebutton = "";`
			`} else {`
			`$deletebutton = "<A HREF=\"user.php?delete=$user->id\" TARGET=\"$strdeletecheck\">$strdelete</A>";`
			`}`
			`if ($user->lastaccess) {`
			`$strlastaccess = format_time(time() - $user->lastaccess);`
			`} else {`
			`$strlastaccess = get_string("never");`
			`}`
In user list, name goes to full page instead of editing (because there is an edit link at the end of the row, as well as on the ful page) 2002-08-11 04:30:25 +00:00			`$table->data[] = array ("<A HREF=\"../user/view.php?id=$user->id&course=$site->id\">$user->firstname $user->lastname</A>",`
Changes to enable DELETION of user accounts. Accounts aren't actually deleted, they are just marked with a deleteion flag that prevents them from logging in, or from being listed anywhere. 2002-09-22 03:01:17 +00:00			`"$user->email",`
			`"$user->city",`
Better handling of country sorting 2002-09-22 15:57:23 +00:00			`"$user->country",`
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`$strlastaccess,`
Changes to enable DELETION of user accounts. Accounts aren't actually deleted, they are just marked with a deleteion flag that prevents them from logging in, or from being listed anywhere. 2002-09-22 03:01:17 +00:00			`"<A HREF=\"../user/edit.php?id=$user->id&course=$site->id\">$stredit</A>",`
Major cleanup of user administration and display, including sortable listings, confirmation on deletions, removing deleted user from all student lists, teacher lists and subscription lists and freeing up their username and email to be used again. 2002-09-22 14:06:38 +00:00			`$deletebutton);`
Initial revision 2001-11-22 06:23:56 +00:00			`}`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`print_table($table);`
Changes to make uploaded user pictures work properly on Windows :-( 2002-08-09 09:09:36 +00:00
			`print_heading("<A HREF=\"user.php?newuser=true\">".get_string("addnewuser")."</A>");`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`} else {`
			`error("No users found!");`

Initial revision 2001-11-22 06:23:56 +00:00			`}`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`print_footer();`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

			`?>`