moodle/user/edit.php

<?PHP // $Id$

	require("../config.php");
	require("../lib/countries.php");
	require("lib.php");

    require_variable($id);       // user id
    require_variable($course);   // course id

    if (! $user = get_record("user", "id", $id)) {
        error("User ID was incorrect");
    }

    if (! $course = get_record("course", "id", $course)) {
        error("Course ID was incorrect");
    }

	require_login($course->id);

    if ($USER->id <> $user->id and !isadmin()) {
        error("You can only edit your own information");
    }

    if (isguest()) {
        error("The guest user cannot edit their profile.");
    }

    if (isguest($user->id)) {
        error("Sorry, the guest user cannot be edited.");
    }


/// If data submitted, then process and store.

	if (match_referer() && isset($HTTP_POST_VARS)) {

        $usernew = (object)$HTTP_POST_VARS;

        $usernew->firstname = strip_tags($usernew->firstname);
        $usernew->lastname  = strip_tags($usernew->lastname);

        if (find_form_errors($user, $usernew, $err) ) {
            $user = $usernew;

        } else {
		    $timenow = time();

            if ($filename = valid_uploaded_file($imagefile)) { 
                $imageinfo = GetImageSize($filename);
                $image->width  = $imageinfo[0];
                $image->height = $imageinfo[1];
                $image->type   = $imageinfo[2];
    
                switch ($image->type) {
                    case 2: $im = ImageCreateFromJPEG($filename); break;
                    case 3: $im = ImageCreateFromPNG($filename); break;
                    default: error("Image must be in JPG or PNG format");
                }
                if (function_exists("ImageCreateTrueColor") and $CFG->gdversion >= 2) {
                    $im1 = ImageCreateTrueColor(100,100);
                    $im2 = ImageCreateTrueColor(35,35);
                } else {
                    $im1 = ImageCreate(100,100);
                    $im2 = ImageCreate(35,35);
                }
                
                $cx = $image->width / 2;
                $cy = $image->height / 2;
    
                if ($image->width < $image->height) {
                    $half = floor($image->width / 2.0);
                } else {
                    $half = floor($image->height / 2.0);
                }
    
                if (!file_exists("$CFG->dataroot/users")) {
                    if (! mkdir("$CFG->dataroot/users", 0777)) {
                        $badpermissions = true;
                    }
                }
                if (!file_exists("$CFG->dataroot/users/$user->id")) {
                    if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) {
                        $badpermissions = true;
                    }
                }
                
                if ($badpermissions) {
                    $usernew->picture = "0";

                } else {
                    ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half*2, $half*2);
                    ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half*2, $half*2);
    
                    // Draw borders over the top.
                    $black1 = ImageColorAllocate ($im1, 0, 0, 0);
                    $black2 = ImageColorAllocate ($im2, 0, 0, 0);
                    ImageLine ($im1, 0, 0, 0, 99, $black1);
                    ImageLine ($im1, 0, 99, 99, 99, $black1);
                    ImageLine ($im1, 99, 99, 99, 0, $black1);
                    ImageLine ($im1, 99, 0, 0, 0, $black1);
                    ImageLine ($im2, 0, 0, 0, 34, $black2);
                    ImageLine ($im2, 0, 34, 34, 34, $black2);
                    ImageLine ($im2, 34, 34, 34, 0, $black2);
                    ImageLine ($im2, 34, 0, 0, 0, $black2);
                
                    ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90);
                    ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95);
                    $usernew->picture = "1";
                }
            } else {
                $usernew->picture = $user->picture;
            }
    
            $usernew->timemodified = time();

            if (isadmin()) {
                if ($usernew->newpassword) {
                    $usernew->password = md5($usernew->newpassword);
                }
            } else {
                if (isset($usernew->newpassword)) {
                    error("You can not change the password like that");
                }
            }
            if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
                $usernew->url = "http://".$usernew->url;
            }

            if (update_record("user", $usernew)) {
                add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");

                if ($user->id == $USER->id) {
                    // Copy data into $USER session variable
                    $usernew = (array)$usernew;
                    foreach ($usernew as $variable => $value) {
                        $USER->$variable = $value;
                    }
                    save_session("USER");
		            redirect("view.php?id=$user->id&course=$course->id", "Changes saved");
                } else {
		            redirect("../admin/user.php", "Changes saved");
                }
            } else {
                error("Could not update the user record ($user->id)");
            }
	    }
    }
    
/// Otherwise fill and print the form.

    $editmyprofile = get_string("editmyprofile");
    $participants = get_string("participants");

    if ($user->firstname and $user->lastname) {
        $userfullname = "$user->firstname $user->lastname";
        if ($course->category) {
	        print_header("$course->fullname: $editmyprofile", "$course->fullname: $editmyprofile",
                        "<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A> 
                        -> <A HREF=\"index.php?id=$course->id\">$participants</A>
                        -> <A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A> 
                        -> $editmyprofile", "");
        } else {
	        print_header("$course->fullname: $editmyprofile", "$course->fullname",
                         "<A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A> 
                          -> $editmyprofile", "");
        }
    } else {
        $userfullname = get_string("newuser");
        $straddnewuser = get_string("addnewuser");

        $stradministration = get_string("administration");
	    print_header("$course->fullname: $editmyprofile", "$course->fullname",
                     "<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> ->
                      $straddnewuser", "");
    }

    $teacher = strtolower($course->teacher);
    if (!isadmin()) {
        $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
    }

    print_simple_box_start("center", "", "$THEME->cellheading");
    print_heading( get_string("userprofilefor", "", "$userfullname") );
	include("edit.html");
    print_simple_box_end();
    print_footer($course);


/// FUNCTIONS ////////////////////

function find_form_errors(&$user, &$usernew, &$err) {

    if (isadmin()) {
        if (empty($usernew->username)) {
            $err["username"] = get_string("missingusername");

        } else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
                $err["username"] = get_string("usernameexists");

        } else {
            $string = eregi_replace("[^([:alnum:])]", "", $user->username);
            if (strcmp($user->username, $string)) 
                $err["username"] = get_string("alphanumerical");
        }

        if (empty($usernew->newpassword) and empty($user->password))
            $err["newpassword"] = get_string("missingpassword");
    }

    if (empty($usernew->email))
        $err["email"] = get_string("missingemail");

    if (empty($usernew->description))
        $err["description"] = get_string("missingdescription");

    if (empty($usernew->city))
        $err["city"] = get_string("missingcity");

    if (empty($usernew->firstname))
        $err["firstname"] = get_string("missingfirstname");

    if (empty($usernew->lastname))
        $err["lastname"] = get_string("missinglastname");

    if (empty($usernew->country))
        $err["country"] = get_string("missingcountry");

    if (! validate_email($usernew->email))
        $err["email"] = get_string("invalidemail");

    else if ($otheruser = get_record("user", "email", $usernew->email)) {
        if ($otheruser->id <> $user->id) {
            $err["email"] = get_string("emailexists");
        }
    }

    $user->email = $usernew->email;

    return count($err);
}


?>
Initial revision 2001-11-22 06:23:56 +00:00			`<?PHP // $Id$`

			`require("../config.php");`
Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00			`require("../lib/countries.php");`
Initial revision 2001-11-22 06:23:56 +00:00			`require("lib.php");`

			`require_variable($id); // user id`
			`require_variable($course); // course id`

			`if (! $user = get_record("user", "id", $id)) {`
			`error("User ID was incorrect");`
			`}`

			`if (! $course = get_record("course", "id", $course)) {`
Tweaks to the headers 2002-08-08 16:02:39 +00:00			`error("Course ID was incorrect");`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

			`require_login($course->id);`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if ($USER->id <> $user->id and !isadmin()) {`
Initial revision 2001-11-22 06:23:56 +00:00			`error("You can only edit your own information");`
			`}`

Better handling of guest user 2002-06-10 04:33:46 +00:00			`if (isguest()) {`
			`error("The guest user cannot edit their profile.");`
			`}`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (isguest($user->id)) {`
			`error("Sorry, the guest user cannot be edited.");`
			`}`

Initial revision 2001-11-22 06:23:56 +00:00
			`/// If data submitted, then process and store.`

			`if (match_referer() && isset($HTTP_POST_VARS)) {`

			`$usernew = (object)$HTTP_POST_VARS;`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`$usernew->firstname = strip_tags($usernew->firstname);`
			`$usernew->lastname = strip_tags($usernew->lastname);`

			`if (find_form_errors($user, $usernew, $err) ) {`
			`$user = $usernew;`

			`} else {`
Initial revision 2001-11-22 06:23:56 +00:00			`$timenow = time();`

Widespread changes throughout Moodle to make sure it works on servers that have register_globals turned off (this is the default setting on newer version of PHP). In fact it's partly a hack that globalises all GET, POST, FILES AND COOKIE variables. Unfortunately though the SESSION and USER global session variables are only available as $_SESSION["USER"] and $_SESSION["SESSION"], which is cumbersome to use. So, for every request I now make a copy of these two session variables into $USER and $SESSION. Whenever I update them thoughout Moodle I now have to call save_session("USER") which copies them back to the session variable. This seems to be working well now. Because I'm using $_SESSION etc now this will raise the required minimum version of PHP to 4.1.0 2002-08-06 17:23:45 +00:00			`if ($filename = valid_uploaded_file($imagefile)) {`
			`$imageinfo = GetImageSize($filename);`
Initial revision 2001-11-22 06:23:56 +00:00			`$image->width = $imageinfo[0];`
			`$image->height = $imageinfo[1];`
			`$image->type = $imageinfo[2];`

			`switch ($image->type) {`
Widespread changes throughout Moodle to make sure it works on servers that have register_globals turned off (this is the default setting on newer version of PHP). In fact it's partly a hack that globalises all GET, POST, FILES AND COOKIE variables. Unfortunately though the SESSION and USER global session variables are only available as $_SESSION["USER"] and $_SESSION["SESSION"], which is cumbersome to use. So, for every request I now make a copy of these two session variables into $USER and $SESSION. Whenever I update them thoughout Moodle I now have to call save_session("USER") which copies them back to the session variable. This seems to be working well now. Because I'm using $_SESSION etc now this will raise the required minimum version of PHP to 4.1.0 2002-08-06 17:23:45 +00:00			`case 2: $im = ImageCreateFromJPEG($filename); break;`
			`case 3: $im = ImageCreateFromPNG($filename); break;`
Initial revision 2001-11-22 06:23:56 +00:00			`default: error("Image must be in JPG or PNG format");`
			`}`
Changes to support GD 1 and GD 2. Well, to be more accurate, we now rely on the administrator to tell us which is installed because PHP is not reliable (eg GD 2.* functions are available in 4.0.6 and later EVEN WHEN gd 2 is not present ... sigh). So, new config variable $CFG->gdversion 2002-06-13 11:18:52 +00:00			`if (function_exists("ImageCreateTrueColor") and $CFG->gdversion >= 2) {`
Initial revision 2001-11-22 06:23:56 +00:00			`$im1 = ImageCreateTrueColor(100,100);`
			`$im2 = ImageCreateTrueColor(35,35);`
			`} else {`
			`$im1 = ImageCreate(100,100);`
			`$im2 = ImageCreate(35,35);`
			`}`

			`$cx = $image->width / 2;`
			`$cy = $image->height / 2;`

			`if ($image->width < $image->height) {`
			`$half = floor($image->width / 2.0);`
			`} else {`
			`$half = floor($image->height / 2.0);`
			`}`

			`if (!file_exists("$CFG->dataroot/users")) {`
Checks for bad permissions and defaults to default picture 2002-05-18 03:13:44 +00:00			`if (! mkdir("$CFG->dataroot/users", 0777)) {`
			`$badpermissions = true;`
			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`}`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (!file_exists("$CFG->dataroot/users/$user->id")) {`
			`if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) {`
Checks for bad permissions and defaults to default picture 2002-05-18 03:13:44 +00:00			`$badpermissions = true;`
			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

Checks for bad permissions and defaults to default picture 2002-05-18 03:13:44 +00:00			`if ($badpermissions) {`
			`$usernew->picture = "0";`

			`} else {`
			`ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half2, $half2);`
			`ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half2, $half2);`
Initial revision 2001-11-22 06:23:56 +00:00
Checks for bad permissions and defaults to default picture 2002-05-18 03:13:44 +00:00			`// Draw borders over the top.`
			`$black1 = ImageColorAllocate ($im1, 0, 0, 0);`
			`$black2 = ImageColorAllocate ($im2, 0, 0, 0);`
			`ImageLine ($im1, 0, 0, 0, 99, $black1);`
			`ImageLine ($im1, 0, 99, 99, 99, $black1);`
			`ImageLine ($im1, 99, 99, 99, 0, $black1);`
			`ImageLine ($im1, 99, 0, 0, 0, $black1);`
			`ImageLine ($im2, 0, 0, 0, 34, $black2);`
			`ImageLine ($im2, 0, 34, 34, 34, $black2);`
			`ImageLine ($im2, 34, 34, 34, 0, $black2);`
			`ImageLine ($im2, 34, 0, 0, 0, $black2);`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90);`
			`ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95);`
Checks for bad permissions and defaults to default picture 2002-05-18 03:13:44 +00:00			`$usernew->picture = "1";`
			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`} else {`
			`$usernew->picture = $user->picture;`
			`}`

			`$usernew->timemodified = time();`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (isadmin()) {`
			`if ($usernew->newpassword) {`
			`$usernew->password = md5($usernew->newpassword);`
			`}`
			`} else {`
			`if (isset($usernew->newpassword)) {`
			`error("You can not change the password like that");`
			`}`
			`}`
Better handling of user-entered URLs (add http:// if missing) 2002-09-04 05:07:17 +00:00			`if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {`
			`$usernew->url = "http://".$usernew->url;`
			`}`
Changes related to timezone display. Datetime display now uses userdate() which itself uses the USER variable timezone to alter the displayed time. 2002-06-05 03:15:30 +00:00
Initial revision 2001-11-22 06:23:56 +00:00			`if (update_record("user", $usernew)) {`
Typo on add_to_log URL 2002-06-05 06:10:45 +00:00			`add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");`
Changes related to timezone display. Datetime display now uses userdate() which itself uses the USER variable timezone to alter the displayed time. 2002-06-05 03:15:30 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if ($user->id == $USER->id) {`
			`// Copy data into $USER session variable`
			`$usernew = (array)$usernew;`
			`foreach ($usernew as $variable => $value) {`
			`$USER->$variable = $value;`
			`}`
			`save_session("USER");`
			`redirect("view.php?id=$user->id&course=$course->id", "Changes saved");`
			`} else {`
			`redirect("../admin/user.php", "Changes saved");`
Changes related to timezone display. Datetime display now uses userdate() which itself uses the USER variable timezone to alter the displayed time. 2002-06-05 03:15:30 +00:00			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`} else {`
			`error("Could not update the user record ($user->id)");`
			`}`
			`}`
			`}`

			`/// Otherwise fill and print the form.`

Changes related to internationalision strings and printing them 2002-07-11 05:30:57 +00:00			`$editmyprofile = get_string("editmyprofile");`
			`$participants = get_string("participants");`

Tidied up headers of user/edit.php 2002-08-14 01:51:58 +00:00			`if ($user->firstname and $user->lastname) {`
			`$userfullname = "$user->firstname $user->lastname";`
			`if ($course->category) {`
			`print_header("$course->fullname: $editmyprofile", "$course->fullname: $editmyprofile",`
			`"<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A>`
			`-> <A HREF=\"index.php?id=$course->id\">$participants</A>`
			`-> <A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>`
			`-> $editmyprofile", "");`
			`} else {`
			`print_header("$course->fullname: $editmyprofile", "$course->fullname",`
			`"<A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>`
			`-> $editmyprofile", "");`
			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`} else {`
Tidied up headers of user/edit.php 2002-08-14 01:51:58 +00:00			`$userfullname = get_string("newuser");`
			`$straddnewuser = get_string("addnewuser");`

			`$stradministration = get_string("administration");`
Tweaks to the headers 2002-08-08 16:02:39 +00:00			`print_header("$course->fullname: $editmyprofile", "$course->fullname",`
Tidied up headers of user/edit.php 2002-08-14 01:51:58 +00:00			`"<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> ->`
			`$straddnewuser", "");`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00			`$teacher = strtolower($course->teacher);`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (!isadmin()) {`
			`$teacheronly = "(".get_string("teacheronly", "", $teacher).")";`
			`}`
Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00
Initial revision 2001-11-22 06:23:56 +00:00			`print_simple_box_start("center", "", "$THEME->cellheading");`
Tidied up headers of user/edit.php 2002-08-14 01:51:58 +00:00			`print_heading( get_string("userprofilefor", "", "$userfullname") );`
Initial revision 2001-11-22 06:23:56 +00:00			`include("edit.html");`
			`print_simple_box_end();`
			`print_footer($course);`




			`/// FUNCTIONS ////////////////////`

			`function find_form_errors(&$user, &$usernew, &$err) {`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (isadmin()) {`
Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`if (empty($usernew->username)) {`
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`$err["username"] = get_string("missingusername");`

Further excellent tidy-ups to the admin pages. They are actually starting to look/work as slick as the rest of the site. :-) 2002-08-08 15:51:23 +00:00			`} else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {`
			`$err["username"] = get_string("usernameexists");`

			`} else {`
			`$string = eregi_replace("[^([:alnum:])]", "", $user->username);`
			`if (strcmp($user->username, $string))`
			`$err["username"] = get_string("alphanumerical");`
			`}`

Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (empty($usernew->newpassword) and empty($user->password))`
			`$err["newpassword"] = get_string("missingpassword");`
			`}`

Initial revision 2001-11-22 06:23:56 +00:00			`if (empty($usernew->email))`
Changes related to internationalision strings and printing them 2002-07-11 05:30:57 +00:00			`$err["email"] = get_string("missingemail");`
Initial revision 2001-11-22 06:23:56 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (empty($usernew->description))`
			`$err["description"] = get_string("missingdescription");`

Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00			`if (empty($usernew->city))`
Changes related to internationalision strings and printing them 2002-07-11 05:30:57 +00:00			`$err["city"] = get_string("missingcity");`
Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00
Can now edit own firstname and lastname, and some tidying 2002-08-06 09:36:42 +00:00			`if (empty($usernew->firstname))`
			`$err["firstname"] = get_string("missingfirstname");`

			`if (empty($usernew->lastname))`
			`$err["lastname"] = get_string("missinglastname");`

Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00			`if (empty($usernew->country))`
Changes related to internationalision strings and printing them 2002-07-11 05:30:57 +00:00			`$err["country"] = get_string("missingcountry");`
Changes to user settings, now it matches the stored data better 2002-06-05 05:37:55 +00:00
Cleanup of the admin interface - especially the user management Bugs fixed, duplicate code removed, plus you can now add new users. Aaah much better. :-) 2002-08-08 14:17:55 +00:00			`if (! validate_email($usernew->email))`
Changes related to internationalision strings and printing them 2002-07-11 05:30:57 +00:00			`$err["email"] = get_string("invalidemail");`
Initial revision 2001-11-22 06:23:56 +00:00
			`else if ($otheruser = get_record("user", "email", $usernew->email)) {`
			`if ($otheruser->id <> $user->id) {`
Changes related to internationalision strings and printing them 2002-07-11 05:30:57 +00:00			`$err["email"] = get_string("emailexists");`
Initial revision 2001-11-22 06:23:56 +00:00			`}`
			`}`

			`$user->email = $usernew->email;`

			`return count($err);`
			`}`


			`?>`