2004-10-06 16:52:24 +00:00
|
|
|
<?php // $Id$
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
require_once("../config.php");
|
2004-01-10 16:41:29 +00:00
|
|
|
require_once("$CFG->libdir/gdlib.php");
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2005-04-04 03:42:01 +00:00
|
|
|
$id = optional_param('id', 0, PARAM_INT); // user id
|
|
|
|
|
$course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-25 12:53:35 +00:00
|
|
|
if (empty($id)) { // See your own profile by default
|
|
|
|
|
require_login();
|
|
|
|
|
$id = $USER->id;
|
|
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
if (! $user = get_record("user", "id", $id)) {
|
|
|
|
|
error("User ID was incorrect");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (! $course = get_record("course", "id", $course)) {
|
2002-08-08 16:02:39 +00:00
|
|
|
error("Course ID was incorrect");
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
|
2003-01-14 14:54:45 +00:00
|
|
|
if ($user->confirmed and user_not_fully_set_up($user)) {
|
2004-09-21 11:41:58 +00:00
|
|
|
// Special case which can only occur when a new account
|
2002-09-26 07:03:22 +00:00
|
|
|
// has just been created by EXTERNAL authentication
|
|
|
|
|
// This is the only page in Moodle that has the exception
|
|
|
|
|
// so that users can set up their accounts
|
|
|
|
|
$newaccount = true;
|
|
|
|
|
|
2004-10-06 16:52:24 +00:00
|
|
|
if (empty($USER->id)) {
|
2004-01-02 14:11:21 +00:00
|
|
|
error("Sessions don't seem to be working on this server!");
|
|
|
|
|
}
|
|
|
|
|
|
2002-09-26 07:03:22 +00:00
|
|
|
} else {
|
|
|
|
|
$newaccount = false;
|
2003-04-27 14:50:03 +00:00
|
|
|
require_login($course->id);
|
2002-09-26 07:03:22 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2005-03-18 12:11:35 +00:00
|
|
|
if ($USER->id <> $user->id) { // Current user editing someone else's profile
|
|
|
|
|
if (isadmin()) { // Current user is an admin
|
|
|
|
|
if ($mainadmin = get_admin()) {
|
|
|
|
|
if ($user->id == $mainadmin->id) { // Can't edit primary admin
|
|
|
|
|
print_error('adminprimarynoedit');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
print_error('onlyeditown');
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
|
2002-06-10 04:33:46 +00:00
|
|
|
if (isguest()) {
|
|
|
|
|
error("The guest user cannot edit their profile.");
|
|
|
|
|
}
|
|
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if (isguest($user->id)) {
|
|
|
|
|
error("Sorry, the guest user cannot be edited.");
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-18 12:11:35 +00:00
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
// load the relevant auth libraries
|
|
|
|
|
if ($user->auth) {
|
|
|
|
|
$auth = $user->auth;
|
|
|
|
|
if (!file_exists("$CFG->dirroot/auth/$auth/lib.php")) {
|
|
|
|
|
$auth = "manual"; // Can't find auth module, default to internal
|
|
|
|
|
}
|
|
|
|
|
require_once("$CFG->dirroot/auth/$auth/lib.php");
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
/// If data submitted, then process and store.
|
|
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
if ($usernew = data_submitted()) {
|
2004-01-14 13:31:28 +00:00
|
|
|
|
2004-09-27 13:26:06 +00:00
|
|
|
if (($USER->id <> $usernew->id) && !isadmin()) {
|
|
|
|
|
error("You can only edit your own information");
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-30 08:29:35 +00:00
|
|
|
if (isset($USER->username)) {
|
|
|
|
|
check_for_restricted_user($USER->username, "$CFG->wwwroot/course/view.php?id=$course->id");
|
|
|
|
|
}
|
|
|
|
|
|
2005-01-27 03:51:33 +00:00
|
|
|
// data cleanup
|
|
|
|
|
// username is validated in find_form_errors
|
|
|
|
|
$usernew->country = clean_param($usernew->country, PARAM_ALPHA);
|
|
|
|
|
$usernew->lang = clean_param($usernew->lang, PARAM_FILE);
|
|
|
|
|
$usernew->url = clean_param($usernew->url, PARAM_URL);
|
|
|
|
|
$usernew->icq = clean_param($usernew->icq, PARAM_INT);
|
2005-03-05 05:57:10 +00:00
|
|
|
if (!$usernew->icq) {
|
|
|
|
|
$usernew->icq = '';
|
|
|
|
|
}
|
|
|
|
|
$usernew->skype = clean_param($usernew->skype, PARAM_CLEAN);
|
|
|
|
|
$usernew->yahoo = clean_param($usernew->yahoo, PARAM_CLEAN);
|
|
|
|
|
$usernew->aim = clean_param($usernew->aim, PARAM_CLEAN);
|
|
|
|
|
$usernew->msn = clean_param($usernew->msn, PARAM_CLEAN);
|
2005-01-27 03:51:33 +00:00
|
|
|
|
|
|
|
|
$usernew->maildisplay = clean_param($usernew->maildisplay, PARAM_INT);
|
|
|
|
|
$usernew->mailformat = clean_param($usernew->mailformat, PARAM_INT);
|
|
|
|
|
$usernew->maildigest = clean_param($usernew->maildigest, PARAM_INT);
|
|
|
|
|
$usernew->autosubscribe = clean_param($usernew->autosubscribe, PARAM_INT);
|
|
|
|
|
$usernew->htmleditor = clean_param($usernew->htmleditor, PARAM_INT);
|
|
|
|
|
$usernew->emailstop = clean_param($usernew->emailstop, PARAM_INT);
|
2005-03-23 01:54:45 +00:00
|
|
|
|
2005-04-11 08:01:58 +00:00
|
|
|
if (isset($usernew->timezone)) {
|
|
|
|
|
if ($CFG->forcetimezone != 99) { // Don't allow changing this in any way
|
|
|
|
|
unset($usernew->timezone);
|
|
|
|
|
} else { // Clean up the data a bit, just in case of injections
|
|
|
|
|
$usernew->timezone = str_replace(';', '', $usernew->timezone);
|
|
|
|
|
$usernew->timezone = str_replace('\'', '', $usernew->timezone);
|
|
|
|
|
}
|
2005-04-09 09:36:47 +00:00
|
|
|
}
|
2005-03-23 01:54:45 +00:00
|
|
|
|
2004-01-14 13:31:28 +00:00
|
|
|
foreach ($usernew as $key => $data) {
|
2005-04-08 02:24:09 +00:00
|
|
|
$usernew->$key = addslashes(clean_text(stripslashes(trim($usernew->$key)), FORMAT_MOODLE));
|
2004-01-14 13:31:28 +00:00
|
|
|
}
|
|
|
|
|
|
2005-04-08 02:24:09 +00:00
|
|
|
$usernew->firstname = strip_tags($usernew->firstname);
|
|
|
|
|
$usernew->lastname = strip_tags($usernew->lastname);
|
2004-01-14 13:31:28 +00:00
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
if (isset($usernew->username)) {
|
2005-04-08 02:24:09 +00:00
|
|
|
$usernew->username = moodle_strtolower($usernew->username);
|
2003-04-27 14:50:03 +00:00
|
|
|
}
|
|
|
|
|
|
2003-04-15 02:08:27 +00:00
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
require_once($CFG->dirroot.'/lib/uploadlib.php');
|
2004-09-17 04:21:41 +00:00
|
|
|
$um = new upload_manager('imagefile',false,false,null,false,0,true,true);
|
2004-09-16 00:16:48 +00:00
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
if (find_form_errors($user, $usernew, $err, $um)) {
|
2004-09-16 00:16:48 +00:00
|
|
|
if (empty($err['imagefile']) && $usernew->picture = save_profile_image($user->id, $um,'users')) {
|
2004-04-30 04:44:47 +00:00
|
|
|
set_field('user', 'picture', $usernew->picture, 'id', $user->id); /// Note picture in DB
|
2004-05-01 14:34:21 +00:00
|
|
|
} else {
|
|
|
|
|
if (!empty($usernew->deletepicture)) {
|
|
|
|
|
set_field('user', 'picture', 0, 'id', $user->id); /// Delete picture
|
|
|
|
|
$usernew->picture = 0;
|
|
|
|
|
}
|
2002-11-20 14:52:32 +00:00
|
|
|
}
|
|
|
|
|
|
Auth/LDAP
Bugfix - value truncation to fit Moodle database
- Added truncate_userinfo() to cleanup data coming from external auth
- Fixed auth_user_create() to truncate user info as appropriate
Auth_ldap_user_sync
- created external script that calls the function
- much faster update strategy on postgres and mysql: auth_sync_users now to uses bulk inserts into a temp table, and then use LEFT JOINs and plain old SELECTs to determine what users it has to insert.
- we now loop over smaller sets of data -- we are still memory-bound, but (a) it'll be easy to use LIMIT to manage that and (b) memory use is much lower now in all cases.
- postgres: phased commits in auth_user_sync() for the batch user upload phase
- Several feature and performance enhancements:
- if a value is removed from ldap, it will be cleared from moodle
- no-op updates (where the data does not change) are skipped
- if a user disappears and then reappears in LDAP in two separate calls to auth_user_sync(),the account will be marked deleted and then be revived. before, the account would have been deleted and created anew.
Multi-source ldap values:
The LDAP auth module now accepts a comma separated set of LDAP field names. When creating or updating a user record, auth/ldap will retrieve all the relevant fields. The right-most values overwrites all the others.
This is particularly useful when updating the user's email address from an LDAP source, which may contain the email address in one of several fields (traditionally: mail, mailForwardingAddress, mailAlternateAddress).
If a value is updated and is set to update external auth and this field is using this multi-source ldap configuration, the auth/ldap module will retrieve the old value, find which field it was sourced from, and update that field in LDAP. If it fails to find the original source of the value, it will log it in error_log.
Log of patchsets applied:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-131
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-137
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-139
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-173
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-189
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-190
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-208
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-212
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-216
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-279
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-282
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-287
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-294
2004-11-22 07:46:10 +00:00
|
|
|
$usernew->auth = $user->auth;
|
2002-08-08 14:17:55 +00:00
|
|
|
$user = $usernew;
|
|
|
|
|
|
|
|
|
|
} else {
|
2003-04-27 14:50:03 +00:00
|
|
|
$timenow = time();
|
Auth/LDAP
Bugfix - value truncation to fit Moodle database
- Added truncate_userinfo() to cleanup data coming from external auth
- Fixed auth_user_create() to truncate user info as appropriate
Auth_ldap_user_sync
- created external script that calls the function
- much faster update strategy on postgres and mysql: auth_sync_users now to uses bulk inserts into a temp table, and then use LEFT JOINs and plain old SELECTs to determine what users it has to insert.
- we now loop over smaller sets of data -- we are still memory-bound, but (a) it'll be easy to use LIMIT to manage that and (b) memory use is much lower now in all cases.
- postgres: phased commits in auth_user_sync() for the batch user upload phase
- Several feature and performance enhancements:
- if a value is removed from ldap, it will be cleared from moodle
- no-op updates (where the data does not change) are skipped
- if a user disappears and then reappears in LDAP in two separate calls to auth_user_sync(),the account will be marked deleted and then be revived. before, the account would have been deleted and created anew.
Multi-source ldap values:
The LDAP auth module now accepts a comma separated set of LDAP field names. When creating or updating a user record, auth/ldap will retrieve all the relevant fields. The right-most values overwrites all the others.
This is particularly useful when updating the user's email address from an LDAP source, which may contain the email address in one of several fields (traditionally: mail, mailForwardingAddress, mailAlternateAddress).
If a value is updated and is set to update external auth and this field is using this multi-source ldap configuration, the auth/ldap module will retrieve the old value, find which field it was sourced from, and update that field in LDAP. If it fails to find the original source of the value, it will log it in error_log.
Log of patchsets applied:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-131
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-137
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-139
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-173
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-189
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-190
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-208
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-212
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-216
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-279
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-282
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-287
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-294
2004-11-22 07:46:10 +00:00
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
if (!$usernew->picture = save_profile_image($user->id,$um,'users')) {
|
2004-05-01 14:34:21 +00:00
|
|
|
if (!empty($usernew->deletepicture)) {
|
|
|
|
|
set_field('user', 'picture', 0, 'id', $user->id); /// Delete picture
|
|
|
|
|
$usernew->picture = 0;
|
|
|
|
|
} else {
|
|
|
|
|
$usernew->picture = $user->picture;
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
$usernew->timemodified = time();
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if (isadmin()) {
|
2003-04-28 02:43:18 +00:00
|
|
|
if (!empty($usernew->newpassword)) {
|
2002-08-08 14:17:55 +00:00
|
|
|
$usernew->password = md5($usernew->newpassword);
|
2004-09-20 09:08:57 +00:00
|
|
|
// update external passwords
|
|
|
|
|
if (!empty($CFG->{'auth_'. $user->auth.'_stdchangepassword'})) {
|
2004-09-23 03:56:53 +00:00
|
|
|
if (function_exists('auth_user_update_password')){
|
2004-09-20 09:08:57 +00:00
|
|
|
if (!auth_user_update_password($user->username, $usernew->newpassword)){
|
|
|
|
|
error('Failed to update password on external auth: ' . $user->auth .
|
|
|
|
|
'. See the server logs for more details.');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
error('Your external authentication module is misconfigued!');
|
|
|
|
|
}
|
|
|
|
|
}
|
2004-09-23 03:56:53 +00:00
|
|
|
}
|
|
|
|
|
// store forcepasswordchange in user's preferences
|
2004-09-23 04:15:19 +00:00
|
|
|
if (!empty($usernew->forcepasswordchange)){
|
2004-09-23 03:56:53 +00:00
|
|
|
set_user_preference('auth_forcepasswordchange', 1, $user->id);
|
|
|
|
|
} else {
|
2004-09-23 04:15:19 +00:00
|
|
|
unset_user_preference('auth_forcepasswordchange', $user->id);
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (isset($usernew->newpassword)) {
|
|
|
|
|
error("You can not change the password like that");
|
|
|
|
|
}
|
|
|
|
|
}
|
2002-09-04 05:07:17 +00:00
|
|
|
if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
|
|
|
|
|
$usernew->url = "http://".$usernew->url;
|
|
|
|
|
}
|
2002-06-05 03:15:30 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
if (update_record("user", $usernew)) {
|
Auth/LDAP
Bugfix - value truncation to fit Moodle database
- Added truncate_userinfo() to cleanup data coming from external auth
- Fixed auth_user_create() to truncate user info as appropriate
Auth_ldap_user_sync
- created external script that calls the function
- much faster update strategy on postgres and mysql: auth_sync_users now to uses bulk inserts into a temp table, and then use LEFT JOINs and plain old SELECTs to determine what users it has to insert.
- we now loop over smaller sets of data -- we are still memory-bound, but (a) it'll be easy to use LIMIT to manage that and (b) memory use is much lower now in all cases.
- postgres: phased commits in auth_user_sync() for the batch user upload phase
- Several feature and performance enhancements:
- if a value is removed from ldap, it will be cleared from moodle
- no-op updates (where the data does not change) are skipped
- if a user disappears and then reappears in LDAP in two separate calls to auth_user_sync(),the account will be marked deleted and then be revived. before, the account would have been deleted and created anew.
Multi-source ldap values:
The LDAP auth module now accepts a comma separated set of LDAP field names. When creating or updating a user record, auth/ldap will retrieve all the relevant fields. The right-most values overwrites all the others.
This is particularly useful when updating the user's email address from an LDAP source, which may contain the email address in one of several fields (traditionally: mail, mailForwardingAddress, mailAlternateAddress).
If a value is updated and is set to update external auth and this field is using this multi-source ldap configuration, the auth/ldap module will retrieve the old value, find which field it was sourced from, and update that field in LDAP. If it fails to find the original source of the value, it will log it in error_log.
Log of patchsets applied:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-131
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-137
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-139
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-173
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-189
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-190
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-208
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-212
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-216
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-279
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-282
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-287
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-294
2004-11-22 07:46:10 +00:00
|
|
|
if (function_exists("auth_user_update")){
|
|
|
|
|
// pass a true $userold here
|
|
|
|
|
auth_user_update($userold, $usernew);
|
|
|
|
|
};
|
|
|
|
|
|
First cut of email to module (or core) processing.
This patch contains:
* email_to_user will set the envelope sender to a special bounce processing address (based on $CFG settings)
* email_to_user will accept (and set) a reply-to header, to be generated by the module calling the function.
* new functions:
* generate_email_processing_address - ALWAYS use this to generate the reply-to header. reply-to header will look like this:
(LIMIT: 64 chars total)
prefix - EXACTLY four chars
encodeded, packed, moduleid (0 for core) (2 chars)
up to 42 chars for the modules to put anything they want it (can contain userid (or, eg for forum, postids to reply to), or anything really. 42 chars is ABSOLUTE LIMIT)
16 char hash (half an md5) of the first part of the address, together with a site "secret"
* moodle_process_email - any non-module email processing goes here (currently used for processing bounces)
* bounce handling:
* config settings for bounce threshold and ratio (and whether to handle bounces at all)
* if too many bounces occur against any given user, user_not_fully_set_up will force an email address change
* associated functions (over_bounce_threshold, set_send_count, set_bounce_count)
* handling emails to noreply address (see below)
* new script - admin/process_email.php
This script needs to be called from your mail program for anything starting with the 4 char prefix described above (and optionally, the noreply address)
It will bounce emails to the noreplyaddress, with a friendly "this is not a real email address" message
It will break down and unencode the email address into moduleid and validate the half md5 hash, and call $modname_process_email (if it exists). Arguments to these functions are: $modargs (any part of the email address that isn't the prefix, modid or the hash) and the contents of the email (read from STDIN).
* associated string changes/additions
* changes in config-dist.php to give clues as to how to set this up.
MODULE WRITERS!
take a look at new functions moodle_process_email and generate_email_processing_address in moodlelib.php for ideas about how to
* encode and unencode the arguments your module needs to do the processing
* how to deal with multiple "actions" for any given module.
Martin Langhoff <martin@catalyst.net.nz> will be writing up some PROPER documentation, containing amongst other things config settings for different mail servers (this was developed against Postfix). Feel free to email me with any feedback on the code or design, penny@catalyst.net.nz. Or post on the developer fourm.
2005-02-08 02:57:14 +00:00
|
|
|
if ($userold->email != $usernew->email) {
|
|
|
|
|
set_bounce_count($usernew,true);
|
|
|
|
|
set_send_count($usernew,true);
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-25 00:56:19 +00:00
|
|
|
/// Update forum track preference.
|
|
|
|
|
if (($usernew->trackforums != $USER->trackforums) && !$usernew->trackforums) {
|
|
|
|
|
require_once($CFG->dirroot.'/mod/forum/lib.php');
|
|
|
|
|
forum_tp_delete_read_records($USER->id);
|
|
|
|
|
}
|
|
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
|
2002-06-05 03:15:30 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if ($user->id == $USER->id) {
|
|
|
|
|
// Copy data into $USER session variable
|
|
|
|
|
$usernew = (array)$usernew;
|
|
|
|
|
foreach ($usernew as $variable => $value) {
|
2003-08-30 06:19:44 +00:00
|
|
|
$USER->$variable = stripslashes($value);
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
2003-05-06 15:58:20 +00:00
|
|
|
if (isset($USER->newadminuser)) {
|
|
|
|
|
unset($USER->newadminuser);
|
2003-07-30 05:21:24 +00:00
|
|
|
redirect("$CFG->wwwroot/", get_string("changessaved"));
|
2003-05-06 15:58:20 +00:00
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
redirect("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id", get_string("changessaved"));
|
2002-08-08 14:17:55 +00:00
|
|
|
} else {
|
2003-12-16 05:31:52 +00:00
|
|
|
redirect("$CFG->wwwroot/$CFG->admin/user.php", get_string("changessaved"));
|
2002-06-05 03:15:30 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
} else {
|
|
|
|
|
error("Could not update the user record ($user->id)");
|
|
|
|
|
}
|
2003-04-27 14:50:03 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
/// Otherwise fill and print the form.
|
|
|
|
|
|
2002-09-26 07:03:22 +00:00
|
|
|
$streditmyprofile = get_string("editmyprofile");
|
|
|
|
|
$strparticipants = get_string("participants");
|
|
|
|
|
$strnewuser = get_string("newuser");
|
2002-07-11 05:30:57 +00:00
|
|
|
|
First cut of email to module (or core) processing.
This patch contains:
* email_to_user will set the envelope sender to a special bounce processing address (based on $CFG settings)
* email_to_user will accept (and set) a reply-to header, to be generated by the module calling the function.
* new functions:
* generate_email_processing_address - ALWAYS use this to generate the reply-to header. reply-to header will look like this:
(LIMIT: 64 chars total)
prefix - EXACTLY four chars
encodeded, packed, moduleid (0 for core) (2 chars)
up to 42 chars for the modules to put anything they want it (can contain userid (or, eg for forum, postids to reply to), or anything really. 42 chars is ABSOLUTE LIMIT)
16 char hash (half an md5) of the first part of the address, together with a site "secret"
* moodle_process_email - any non-module email processing goes here (currently used for processing bounces)
* bounce handling:
* config settings for bounce threshold and ratio (and whether to handle bounces at all)
* if too many bounces occur against any given user, user_not_fully_set_up will force an email address change
* associated functions (over_bounce_threshold, set_send_count, set_bounce_count)
* handling emails to noreply address (see below)
* new script - admin/process_email.php
This script needs to be called from your mail program for anything starting with the 4 char prefix described above (and optionally, the noreply address)
It will bounce emails to the noreplyaddress, with a friendly "this is not a real email address" message
It will break down and unencode the email address into moduleid and validate the half md5 hash, and call $modname_process_email (if it exists). Arguments to these functions are: $modargs (any part of the email address that isn't the prefix, modid or the hash) and the contents of the email (read from STDIN).
* associated string changes/additions
* changes in config-dist.php to give clues as to how to set this up.
MODULE WRITERS!
take a look at new functions moodle_process_email and generate_email_processing_address in moodlelib.php for ideas about how to
* encode and unencode the arguments your module needs to do the processing
* how to deal with multiple "actions" for any given module.
Martin Langhoff <martin@catalyst.net.nz> will be writing up some PROPER documentation, containing amongst other things config settings for different mail servers (this was developed against Postfix). Feel free to email me with any feedback on the code or design, penny@catalyst.net.nz. Or post on the developer fourm.
2005-02-08 02:57:14 +00:00
|
|
|
if (over_bounce_threshold($user) && empty($err['email'])) {
|
|
|
|
|
$err['email'] = get_string('toomanybounces');
|
|
|
|
|
}
|
|
|
|
|
|
2002-09-26 07:03:22 +00:00
|
|
|
if (($user->firstname and $user->lastname) or $newaccount) {
|
|
|
|
|
if ($newaccount) {
|
|
|
|
|
$userfullname = $strnewuser;
|
|
|
|
|
} else {
|
2003-11-19 16:15:56 +00:00
|
|
|
$userfullname = fullname($user, isteacher($course->id));
|
2002-09-26 07:03:22 +00:00
|
|
|
}
|
2002-08-14 01:51:58 +00:00
|
|
|
if ($course->category) {
|
2003-04-27 14:50:03 +00:00
|
|
|
print_header("$course->shortname: $streditmyprofile", "$course->fullname: $streditmyprofile",
|
2004-09-21 11:41:58 +00:00
|
|
|
"<a href=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</a>
|
2004-09-07 08:05:25 +00:00
|
|
|
-> <a href=\"index.php?id=$course->id\">$strparticipants</a>
|
2004-09-21 11:41:58 +00:00
|
|
|
-> <a href=\"view.php?id=$user->id&course=$course->id\">$userfullname</a>
|
2002-09-26 07:03:22 +00:00
|
|
|
-> $streditmyprofile", "");
|
2002-08-14 01:51:58 +00:00
|
|
|
} else {
|
2003-05-06 15:58:20 +00:00
|
|
|
if (isset($USER->newadminuser)) {
|
|
|
|
|
print_header();
|
|
|
|
|
} else {
|
|
|
|
|
print_header("$course->shortname: $streditmyprofile", "$course->fullname",
|
2004-09-21 11:41:58 +00:00
|
|
|
"<a href=\"view.php?id=$user->id&course=$course->id\">$userfullname</a>
|
2003-05-06 15:58:20 +00:00
|
|
|
-> $streditmyprofile", "");
|
|
|
|
|
}
|
2002-08-14 01:51:58 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
} else {
|
2002-09-26 07:03:22 +00:00
|
|
|
$userfullname = $strnewuser;
|
2002-08-14 01:51:58 +00:00
|
|
|
$straddnewuser = get_string("addnewuser");
|
|
|
|
|
|
|
|
|
|
$stradministration = get_string("administration");
|
2003-04-27 14:50:03 +00:00
|
|
|
print_header("$course->shortname: $streditmyprofile", "$course->fullname",
|
2003-08-10 08:01:14 +00:00
|
|
|
"<a href=\"$CFG->wwwroot/$CFG->admin/\">$stradministration</a> -> ".
|
|
|
|
|
"<a href=\"$CFG->wwwroot/$CFG->admin/users.php\">$strusers</a> -> $straddnewuser", "");
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-20 12:02:14 +00:00
|
|
|
|
|
|
|
|
/// Print tabs at top
|
|
|
|
|
/// This same call is made in:
|
|
|
|
|
/// /user/view.php
|
|
|
|
|
/// /user/edit.php
|
|
|
|
|
/// /course/user.php
|
|
|
|
|
$currenttab = 'editprofile';
|
|
|
|
|
include('tabs.php');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2002-06-05 05:37:55 +00:00
|
|
|
$teacher = strtolower($course->teacher);
|
2002-08-08 14:17:55 +00:00
|
|
|
if (!isadmin()) {
|
|
|
|
|
$teacheronly = "(".get_string("teacheronly", "", $teacher).")";
|
2002-12-29 17:32:32 +00:00
|
|
|
} else {
|
|
|
|
|
$teacheronly = "";
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
2002-06-05 05:37:55 +00:00
|
|
|
|
2003-05-06 15:58:20 +00:00
|
|
|
if (isset($USER->newadminuser)) {
|
2005-02-24 08:49:32 +00:00
|
|
|
print_simple_box(get_string("configintroadmin", 'admin'), "center", "50%");
|
2003-05-06 15:58:20 +00:00
|
|
|
echo "<br />";
|
|
|
|
|
}
|
|
|
|
|
|
2005-01-25 13:43:09 +00:00
|
|
|
print_simple_box_start("center");
|
2004-09-23 03:56:53 +00:00
|
|
|
|
2002-12-29 17:32:32 +00:00
|
|
|
if (!empty($err)) {
|
2004-09-20 09:08:57 +00:00
|
|
|
echo "<center>";
|
|
|
|
|
notify(get_string("someerrorswerefound"));
|
|
|
|
|
echo "</center>";
|
2002-11-20 14:52:32 +00:00
|
|
|
}
|
2004-09-23 03:56:53 +00:00
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
include("edit.html");
|
2004-09-23 03:56:53 +00:00
|
|
|
|
|
|
|
|
if (!isadmin()) { /// Lock all the locked fields using Javascript
|
|
|
|
|
$fields = get_user_fieldnames();
|
|
|
|
|
|
|
|
|
|
echo '<script type="text/javascript">'."\n";
|
|
|
|
|
echo '<!--'."\n";
|
|
|
|
|
|
|
|
|
|
foreach ($fields as $field) {
|
|
|
|
|
$configvariable = 'auth_user_'.$field.'_editlock';
|
|
|
|
|
if (!empty($CFG->$configvariable)) {
|
|
|
|
|
echo "eval('document.form.$field.disabled=true');\n";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
echo '-->'."\n";
|
|
|
|
|
echo '</script>'."\n";
|
|
|
|
|
}
|
|
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
print_simple_box_end();
|
|
|
|
|
|
2003-05-06 15:58:20 +00:00
|
|
|
if (!isset($USER->newadminuser)) {
|
|
|
|
|
print_footer($course);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exit;
|
2001-11-22 06:23:56 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/// FUNCTIONS ////////////////////
|
|
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
function find_form_errors(&$user, &$usernew, &$err, &$um) {
|
2004-05-15 07:30:31 +00:00
|
|
|
global $CFG;
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if (isadmin()) {
|
2002-08-08 15:51:23 +00:00
|
|
|
if (empty($usernew->username)) {
|
2002-08-08 14:17:55 +00:00
|
|
|
$err["username"] = get_string("missingusername");
|
|
|
|
|
|
2002-08-08 15:51:23 +00:00
|
|
|
} else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
|
2004-09-20 09:08:57 +00:00
|
|
|
$err["username"] = get_string("usernameexists");
|
2002-08-08 15:51:23 +00:00
|
|
|
|
|
|
|
|
} else {
|
2004-05-15 07:30:31 +00:00
|
|
|
if (empty($CFG->extendedusernamechars)) {
|
|
|
|
|
$string = eregi_replace("[^(-\.[:alnum:])]", "", $usernew->username);
|
|
|
|
|
if (strcmp($usernew->username, $string)) {
|
|
|
|
|
$err["username"] = get_string("alphanumerical");
|
|
|
|
|
}
|
|
|
|
|
}
|
2002-08-08 15:51:23 +00:00
|
|
|
}
|
|
|
|
|
|
2003-09-22 14:01:45 +00:00
|
|
|
if (empty($usernew->newpassword) and empty($user->password) and is_internal_auth() )
|
2002-08-08 14:17:55 +00:00
|
|
|
$err["newpassword"] = get_string("missingpassword");
|
2002-09-05 02:17:33 +00:00
|
|
|
|
2002-09-05 17:31:08 +00:00
|
|
|
if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) {
|
2002-09-05 02:17:33 +00:00
|
|
|
$err["newpassword"] = get_string("unsafepassword");
|
2002-09-05 17:31:08 +00:00
|
|
|
}
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
|
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
if (empty($usernew->email))
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["email"] = get_string("missingemail");
|
2001-11-22 06:23:56 +00:00
|
|
|
|
First cut of email to module (or core) processing.
This patch contains:
* email_to_user will set the envelope sender to a special bounce processing address (based on $CFG settings)
* email_to_user will accept (and set) a reply-to header, to be generated by the module calling the function.
* new functions:
* generate_email_processing_address - ALWAYS use this to generate the reply-to header. reply-to header will look like this:
(LIMIT: 64 chars total)
prefix - EXACTLY four chars
encodeded, packed, moduleid (0 for core) (2 chars)
up to 42 chars for the modules to put anything they want it (can contain userid (or, eg for forum, postids to reply to), or anything really. 42 chars is ABSOLUTE LIMIT)
16 char hash (half an md5) of the first part of the address, together with a site "secret"
* moodle_process_email - any non-module email processing goes here (currently used for processing bounces)
* bounce handling:
* config settings for bounce threshold and ratio (and whether to handle bounces at all)
* if too many bounces occur against any given user, user_not_fully_set_up will force an email address change
* associated functions (over_bounce_threshold, set_send_count, set_bounce_count)
* handling emails to noreply address (see below)
* new script - admin/process_email.php
This script needs to be called from your mail program for anything starting with the 4 char prefix described above (and optionally, the noreply address)
It will bounce emails to the noreplyaddress, with a friendly "this is not a real email address" message
It will break down and unencode the email address into moduleid and validate the half md5 hash, and call $modname_process_email (if it exists). Arguments to these functions are: $modargs (any part of the email address that isn't the prefix, modid or the hash) and the contents of the email (read from STDIN).
* associated string changes/additions
* changes in config-dist.php to give clues as to how to set this up.
MODULE WRITERS!
take a look at new functions moodle_process_email and generate_email_processing_address in moodlelib.php for ideas about how to
* encode and unencode the arguments your module needs to do the processing
* how to deal with multiple "actions" for any given module.
Martin Langhoff <martin@catalyst.net.nz> will be writing up some PROPER documentation, containing amongst other things config settings for different mail servers (this was developed against Postfix). Feel free to email me with any feedback on the code or design, penny@catalyst.net.nz. Or post on the developer fourm.
2005-02-08 02:57:14 +00:00
|
|
|
if (over_bounce_threshold($user) && $user->email == $usernew->email)
|
|
|
|
|
$err['email'] = get_string('toomanybounces');
|
|
|
|
|
|
2004-05-30 21:55:44 +00:00
|
|
|
if (empty($usernew->description) and !isadmin())
|
2002-08-08 14:17:55 +00:00
|
|
|
$err["description"] = get_string("missingdescription");
|
|
|
|
|
|
2002-06-05 05:37:55 +00:00
|
|
|
if (empty($usernew->city))
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["city"] = get_string("missingcity");
|
2002-06-05 05:37:55 +00:00
|
|
|
|
2002-08-06 09:36:42 +00:00
|
|
|
if (empty($usernew->firstname))
|
|
|
|
|
$err["firstname"] = get_string("missingfirstname");
|
|
|
|
|
|
|
|
|
|
if (empty($usernew->lastname))
|
|
|
|
|
$err["lastname"] = get_string("missinglastname");
|
|
|
|
|
|
2002-06-05 05:37:55 +00:00
|
|
|
if (empty($usernew->country))
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["country"] = get_string("missingcountry");
|
2002-06-05 05:37:55 +00:00
|
|
|
|
2004-09-06 04:38:40 +00:00
|
|
|
if (! validate_email($usernew->email)) {
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["email"] = get_string("invalidemail");
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-06 04:38:40 +00:00
|
|
|
} else if ($otheruser = get_record("user", "email", $usernew->email)) {
|
2001-11-22 06:23:56 +00:00
|
|
|
if ($otheruser->id <> $user->id) {
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["email"] = get_string("emailexists");
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2004-09-06 04:38:40 +00:00
|
|
|
if (empty($err["email"]) and !isadmin()) {
|
2004-09-06 15:21:22 +00:00
|
|
|
if ($error = email_is_not_allowed($usernew->email)) {
|
|
|
|
|
$err["email"] = $error;
|
2004-09-06 04:38:40 +00:00
|
|
|
}
|
|
|
|
|
}
|
2004-09-23 03:56:53 +00:00
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
if (!$um->preprocess_files()) {
|
|
|
|
|
$err['imagefile'] = $um->notify;
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-23 03:56:53 +00:00
|
|
|
if (!isadmin()) { /// Make sure that locked fields are not being edited
|
|
|
|
|
$fields = get_user_fieldnames();
|
|
|
|
|
|
|
|
|
|
foreach ($fields as $field) {
|
|
|
|
|
$configvariable = 'auth_user_'.$field.'_editlock';
|
|
|
|
|
if (!empty($CFG->$configvariable)) {
|
|
|
|
|
if ($user->$field !== $usernew->$field) {
|
|
|
|
|
$err[$field] = get_string("editlock");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2004-09-20 09:08:57 +00:00
|
|
|
}
|
|
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
$user->email = $usernew->email;
|
|
|
|
|
|
|
|
|
|
return count($err);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
?>
|
