mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 05:58:34 +01:00
Code Issues Projects Releases Wiki Activity
moodle/user/edit.php

240 lines
8.0 KiB
PHP
Raw Normal View History

Initial revision
2001-11-22 06:23:56 +00:00
<?PHP // $Id$
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
require_once("../config.php");
require_once("lib.php");
Initial revision
2001-11-22 06:23:56 +00:00
require_variable($id); // user id
require_variable($course); // course id
if (! $user = get_record("user", "id", $id)) {
error("User ID was incorrect");
}
if (! $course = get_record("course", "id", $course)) {
Tweaks to the headers
2002-08-08 16:02:39 +00:00
error("Course ID was incorrect");
Initial revision
2001-11-22 06:23:56 +00:00
}
Fixed redirection when user not completed yet in some instances when using external authentication
2003-01-14 14:54:45 +00:00
if ($user->confirmed and user_not_fully_set_up($user)) {
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
// Special case which can only occur when a new account
// has just been created by EXTERNAL authentication
// This is the only page in Moodle that has the exception
// so that users can set up their accounts
$newaccount = true;
Fixed missing bracket
2004-01-03 15:41:15 +00:00
if (empty($USER)) {
Added an error message to catch some cases of sessions not working
2004-01-02 14:11:21 +00:00
error("Sessions don't seem to be working on this server!");
}
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
} else {
$newaccount = false;
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
require_login($course->id);
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
}
Initial revision
2001-11-22 06:23:56 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if ($USER->id <> $user->id and !isadmin()) {
Initial revision
2001-11-22 06:23:56 +00:00
error("You can only edit your own information");
}
Better handling of guest user
2002-06-10 04:33:46 +00:00
if (isguest()) {
error("The guest user cannot edit their profile.");
}
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if (isguest($user->id)) {
error("Sorry, the guest user cannot be edited.");
}
Initial revision
2001-11-22 06:23:56 +00:00
/// If data submitted, then process and store.
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
if ($usernew = data_submitted()) {
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
$usernew->firstname = strip_tags($usernew->firstname);
$usernew->lastname = strip_tags($usernew->lastname);
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
if (isset($usernew->username)) {
$usernew->username = trim(moodle_strtolower($usernew->username));
}
More robust use of $_FILES['imagefile']
2003-04-15 02:08:27 +00:00
if (empty($_FILES['imagefile'])) {
$_FILES['imagefile'] = NULL; // To avoid using uninitialised variable later
}
Small bugfix with uploading new user images
2002-11-21 10:17:08 +00:00
if (find_form_errors($user, $usernew, $err)) {
OK a number of small changes here. Firstly, I'm replacing all use of old-style global variables like $HTTY_REFERER with their new-style equivalent $_SERVER["HTTP_REFERER"] Also using $_POST instead $HTTP_POST_VARS etc Secondly, if gdversion == 0 (ie GD is not installed) then: - users are not even allowed to upload new images - graphs now just print a message instead of failing. this allows Moodle to still be used even if GD is not present
2003-01-05 06:45:20 +00:00
if ($filename = valid_uploaded_file($_FILES['imagefile'])) {
Made the user profile a little more robust. Uploaded images are now saved even if the rest of the form has errors. If errors are found in the form then a message is printed up the top to make it clearer that they need to fix something.
2002-11-20 14:52:32 +00:00
$usernew->picture = save_user_image($user->id, $filename);
}
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
$user = $usernew;
} else {
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
$timenow = time();
Initial revision
2001-11-22 06:23:56 +00:00
OK a number of small changes here. Firstly, I'm replacing all use of old-style global variables like $HTTY_REFERER with their new-style equivalent $_SERVER["HTTP_REFERER"] Also using $_POST instead $HTTP_POST_VARS etc Secondly, if gdversion == 0 (ie GD is not installed) then: - users are not even allowed to upload new images - graphs now just print a message instead of failing. this allows Moodle to still be used even if GD is not present
2003-01-05 06:45:20 +00:00
if ($filename = valid_uploaded_file($_FILES['imagefile'])) {
Made the user profile a little more robust. Uploaded images are now saved even if the rest of the form has errors. If errors are found in the form then a message is printed up the top to make it clearer that they need to fix something.
2002-11-20 14:52:32 +00:00
$usernew->picture = save_user_image($user->id, $filename);
Initial revision
2001-11-22 06:23:56 +00:00
} else {
$usernew->picture = $user->picture;
}
$usernew->timemodified = time();
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if (isadmin()) {
Whoops ... left and old line in there during the last fix
2003-04-28 02:43:18 +00:00
if (!empty($usernew->newpassword)) {
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
$usernew->password = md5($usernew->newpassword);
}
} else {
if (isset($usernew->newpassword)) {
error("You can not change the password like that");
}
}
Better handling of user-entered URLs (add http:// if missing)
2002-09-04 05:07:17 +00:00
if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
$usernew->url = "http://".$usernew->url;
}
Changes related to timezone display. Datetime display now uses userdate() which itself uses the USER variable timezone to alter the displayed time.
2002-06-05 03:15:30 +00:00
Initial revision
2001-11-22 06:23:56 +00:00
if (update_record("user", $usernew)) {
Typo on add_to_log URL
2002-06-05 06:10:45 +00:00
add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
Changes related to timezone display. Datetime display now uses userdate() which itself uses the USER variable timezone to alter the displayed time.
2002-06-05 03:15:30 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if ($user->id == $USER->id) {
// Copy data into $USER session variable
$usernew = (array)$usernew;
foreach ($usernew as $variable => $value) {
Stripslashes off data before adding them to current USER session record
2003-08-30 06:19:44 +00:00
$USER->$variable = stripslashes($value);
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
}
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done.
2003-05-06 15:58:20 +00:00
if (isset($USER->newadminuser)) {
unset($USER->newadminuser);
Fixed missing slashes
2003-07-30 05:21:24 +00:00
redirect("$CFG->wwwroot/", get_string("changessaved"));
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done.
2003-05-06 15:58:20 +00:00
}
redirect("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id", get_string("changessaved"));
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
} else {
Fixed a typo (not using $CFG->admin)
2003-12-16 05:31:52 +00:00
redirect("$CFG->wwwroot/$CFG->admin/user.php", get_string("changessaved"));
Changes related to timezone display. Datetime display now uses userdate() which itself uses the USER variable timezone to alter the displayed time.
2002-06-05 03:15:30 +00:00
}
Initial revision
2001-11-22 06:23:56 +00:00
} else {
error("Could not update the user record ($user->id)");
}
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
}
Initial revision
2001-11-22 06:23:56 +00:00
}
/// Otherwise fill and print the form.
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
$streditmyprofile = get_string("editmyprofile");
$strparticipants = get_string("participants");
$strnewuser = get_string("newuser");
Changes related to internationalision strings and printing them
2002-07-11 05:30:57 +00:00
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
if (($user->firstname and $user->lastname) or $newaccount) {
if ($newaccount) {
$userfullname = $strnewuser;
} else {
Use the new fullname function
2003-11-19 16:15:56 +00:00
$userfullname = fullname($user, isteacher($course->id));
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
}
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
if ($course->category) {
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
print_header("$course->shortname: $streditmyprofile", "$course->fullname: $streditmyprofile",
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
"<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A>
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
-> <A HREF=\"index.php?id=$course->id\">$strparticipants</A>
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
-> <A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
-> $streditmyprofile", "");
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
} else {
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done.
2003-05-06 15:58:20 +00:00
if (isset($USER->newadminuser)) {
print_header();
} else {
print_header("$course->shortname: $streditmyprofile", "$course->fullname",
"<A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>
-> $streditmyprofile", "");
}
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
}
Initial revision
2001-11-22 06:23:56 +00:00
} else {
First implementation of new authentication system, which can now use pluggable modules in the 'auth' directory. Everything is done through authentication_user_login in lib/moodlelib.php As well as the old default "email" confirmation, I added a new type of confirmation "none", which basically does no confirmation at all.
2002-09-26 07:03:22 +00:00
$userfullname = $strnewuser;
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
$straddnewuser = get_string("addnewuser");
$stradministration = get_string("administration");
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
print_header("$course->shortname: $streditmyprofile", "$course->fullname",
Some cleanups of the admin page to make it - more explanatory - more expandable Apologies for the lost muscle memories, but I think this will work better in the long run.
2003-08-10 08:01:14 +00:00
"<a href=\"$CFG->wwwroot/$CFG->admin/\">$stradministration</a> -> ".
"<a href=\"$CFG->wwwroot/$CFG->admin/users.php\">$strusers</a> -> $straddnewuser", "");
Initial revision
2001-11-22 06:23:56 +00:00
}
Changes to user settings, now it matches the stored data better
2002-06-05 05:37:55 +00:00
$teacher = strtolower($course->teacher);
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if (!isadmin()) {
$teacheronly = "(".get_string("teacheronly", "", $teacher).")";
Various little fixes to remove warnings (usually about empty variables) when error_reporting is turned up to 15 or so ... more of these to come ...
2002-12-29 17:32:32 +00:00
} else {
$teacheronly = "";
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
}
Changes to user settings, now it matches the stored data better
2002-06-05 05:37:55 +00:00
Tidied up headers of user/edit.php
2002-08-14 01:51:58 +00:00
print_heading( get_string("userprofilefor", "", "$userfullname") );
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done.
2003-05-06 15:58:20 +00:00
if (isset($USER->newadminuser)) {
Another big checkin. This includes some significant cleanups to the new course categories system. The basic idea is that the categories/course browser is now unified under one system, and admin features related to that have all been moved into the browser (as little icons). I'm much happier with this as a foundation that can scale and be built upon. Still to go: - searching - paging - polishing Also in here are a lot of little cleanups around the place, such as the initial setup process.
2003-08-07 16:01:31 +00:00
print_simple_box(get_string("configintroadmin"), "center", "50%");
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done.
2003-05-06 15:58:20 +00:00
echo "<br />";
}
Some consistency in headers on editing forms
2002-09-19 13:55:40 +00:00
print_simple_box_start("center", "", "$THEME->cellheading");
Various little fixes to remove warnings (usually about empty variables) when error_reporting is turned up to 15 or so ... more of these to come ...
2002-12-29 17:32:32 +00:00
if (!empty($err)) {
Made the user profile a little more robust. Uploaded images are now saved even if the rest of the form has errors. If errors are found in the form then a message is printed up the top to make it clearer that they need to fix something.
2002-11-20 14:52:32 +00:00
echo "<CENTER>";
notify(get_string("someerrorswerefound"));
echo "</CENTER>";
}
Don't process $usernew->username if it doesn't exist (prevents normal users from editing profile).
2003-04-27 14:50:03 +00:00
include("edit.html");
Initial revision
2001-11-22 06:23:56 +00:00
print_simple_box_end();
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done.
2003-05-06 15:58:20 +00:00
if (!isset($USER->newadminuser)) {
print_footer($course);
}
exit;
Initial revision
2001-11-22 06:23:56 +00:00
/// FUNCTIONS ////////////////////
function find_form_errors(&$user, &$usernew, &$err) {
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if (isadmin()) {
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-)
2002-08-08 15:51:23 +00:00
if (empty($usernew->username)) {
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
$err["username"] = get_string("missingusername");
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-)
2002-08-08 15:51:23 +00:00
} else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
$err["username"] = get_string("usernameexists");
} else {
Bug fix from Ray Le Couteur ... alphanumeric check was checking old username but not the new username
2003-03-15 08:26:00 +00:00
$string = eregi_replace("[^(-\.[:alnum:])]", "", $usernew->username);
Didn't quite finish the last patch of user -> usernew
2003-03-15 09:15:44 +00:00
if (strcmp($usernew->username, $string))
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-)
2002-08-08 15:51:23 +00:00
$err["username"] = get_string("alphanumerical");
}
Use the new is_internal_auth function
2003-09-22 14:01:45 +00:00
if (empty($usernew->newpassword) and empty($user->password) and is_internal_auth() )
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
$err["newpassword"] = get_string("missingpassword");
New error when the admin user is (still) set to the default "admin".
2002-09-05 02:17:33 +00:00
Fixed bug in password checking for new admin user ...
2002-09-05 17:31:08 +00:00
if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) {
New error when the admin user is (still) set to the default "admin".
2002-09-05 02:17:33 +00:00
$err["newpassword"] = get_string("unsafepassword");
Fixed bug in password checking for new admin user ...
2002-09-05 17:31:08 +00:00
}
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
}
Initial revision
2001-11-22 06:23:56 +00:00
if (empty($usernew->email))
Changes related to internationalision strings and printing them
2002-07-11 05:30:57 +00:00
$err["email"] = get_string("missingemail");
Initial revision
2001-11-22 06:23:56 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if (empty($usernew->description))
$err["description"] = get_string("missingdescription");
Changes to user settings, now it matches the stored data better
2002-06-05 05:37:55 +00:00
if (empty($usernew->city))
Changes related to internationalision strings and printing them
2002-07-11 05:30:57 +00:00
$err["city"] = get_string("missingcity");
Changes to user settings, now it matches the stored data better
2002-06-05 05:37:55 +00:00
Can now edit own firstname and lastname, and some tidying
2002-08-06 09:36:42 +00:00
if (empty($usernew->firstname))
$err["firstname"] = get_string("missingfirstname");
if (empty($usernew->lastname))
$err["lastname"] = get_string("missinglastname");
Changes to user settings, now it matches the stored data better
2002-06-05 05:37:55 +00:00
if (empty($usernew->country))
Changes related to internationalision strings and printing them
2002-07-11 05:30:57 +00:00
$err["country"] = get_string("missingcountry");
Changes to user settings, now it matches the stored data better
2002-06-05 05:37:55 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-)
2002-08-08 14:17:55 +00:00
if (! validate_email($usernew->email))
Changes related to internationalision strings and printing them
2002-07-11 05:30:57 +00:00
$err["email"] = get_string("invalidemail");
Initial revision
2001-11-22 06:23:56 +00:00
else if ($otheruser = get_record("user", "email", $usernew->email)) {
if ($otheruser->id <> $user->id) {
Changes related to internationalision strings and printing them
2002-07-11 05:30:57 +00:00
$err["email"] = get_string("emailexists");
Initial revision
2001-11-22 06:23:56 +00:00
}
}
$user->email = $usernew->email;
return count($err);
}
?>
Reference in New Issue Copy Permalink