2001-11-22 06:23:56 +00:00
|
|
|
<?PHP // $Id$
|
|
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
require_once("../config.php");
|
2004-01-10 16:41:29 +00:00
|
|
|
require_once("$CFG->libdir/gdlib.php");
|
2001-11-22 06:23:56 +00:00
|
|
|
|
|
|
|
|
require_variable($id); // user id
|
|
|
|
|
require_variable($course); // course id
|
|
|
|
|
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2004-09-07 10:18:52 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
if (! $user = get_record("user", "id", $id)) {
|
|
|
|
|
error("User ID was incorrect");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (! $course = get_record("course", "id", $course)) {
|
2002-08-08 16:02:39 +00:00
|
|
|
error("Course ID was incorrect");
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
|
2003-01-14 14:54:45 +00:00
|
|
|
if ($user->confirmed and user_not_fully_set_up($user)) {
|
2004-09-21 11:41:58 +00:00
|
|
|
// Special case which can only occur when a new account
|
2002-09-26 07:03:22 +00:00
|
|
|
// has just been created by EXTERNAL authentication
|
|
|
|
|
// This is the only page in Moodle that has the exception
|
|
|
|
|
// so that users can set up their accounts
|
|
|
|
|
$newaccount = true;
|
|
|
|
|
|
2004-01-03 15:41:15 +00:00
|
|
|
if (empty($USER)) {
|
2004-01-02 14:11:21 +00:00
|
|
|
error("Sessions don't seem to be working on this server!");
|
|
|
|
|
}
|
|
|
|
|
|
2002-09-26 07:03:22 +00:00
|
|
|
} else {
|
|
|
|
|
$newaccount = false;
|
2003-04-27 14:50:03 +00:00
|
|
|
require_login($course->id);
|
2002-09-26 07:03:22 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if ($USER->id <> $user->id and !isadmin()) {
|
2001-11-22 06:23:56 +00:00
|
|
|
error("You can only edit your own information");
|
|
|
|
|
}
|
|
|
|
|
|
2002-06-10 04:33:46 +00:00
|
|
|
if (isguest()) {
|
|
|
|
|
error("The guest user cannot edit their profile.");
|
|
|
|
|
}
|
|
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if (isguest($user->id)) {
|
|
|
|
|
error("Sorry, the guest user cannot be edited.");
|
|
|
|
|
}
|
|
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
// load the relevant auth libraries
|
|
|
|
|
if ($user->auth) {
|
|
|
|
|
$auth = $user->auth;
|
|
|
|
|
if (!file_exists("$CFG->dirroot/auth/$auth/lib.php")) {
|
|
|
|
|
$auth = "manual"; // Can't find auth module, default to internal
|
|
|
|
|
}
|
|
|
|
|
require_once("$CFG->dirroot/auth/$auth/lib.php");
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
/// If data submitted, then process and store.
|
|
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
if ($usernew = data_submitted()) {
|
2004-01-14 13:31:28 +00:00
|
|
|
|
2004-01-30 08:29:35 +00:00
|
|
|
if (isset($USER->username)) {
|
|
|
|
|
check_for_restricted_user($USER->username, "$CFG->wwwroot/course/view.php?id=$course->id");
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-14 13:31:28 +00:00
|
|
|
foreach ($usernew as $key => $data) {
|
2004-08-28 07:59:41 +00:00
|
|
|
$usernew->$key = addslashes(clean_text(stripslashes($usernew->$key), FORMAT_MOODLE));
|
2004-01-14 13:31:28 +00:00
|
|
|
}
|
|
|
|
|
|
2004-05-15 22:18:53 +00:00
|
|
|
$usernew->firstname = trim(strip_tags($usernew->firstname));
|
|
|
|
|
$usernew->lastname = trim(strip_tags($usernew->lastname));
|
2004-01-14 13:31:28 +00:00
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
if (isset($usernew->username)) {
|
|
|
|
|
$usernew->username = trim(moodle_strtolower($usernew->username));
|
|
|
|
|
}
|
|
|
|
|
|
2003-04-15 02:08:27 +00:00
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
require_once($CFG->dirroot.'/lib/uploadlib.php');
|
2004-09-17 04:21:41 +00:00
|
|
|
$um = new upload_manager('imagefile',false,false,null,false,0,true,true);
|
2004-09-16 00:16:48 +00:00
|
|
|
|
2004-09-20 09:08:57 +00:00
|
|
|
if (find_form_errors($user, $usernew, $err, $um)) {
|
2004-09-16 00:16:48 +00:00
|
|
|
if (empty($err['imagefile']) && $usernew->picture = save_profile_image($user->id, $um,'users')) {
|
2004-04-30 04:44:47 +00:00
|
|
|
set_field('user', 'picture', $usernew->picture, 'id', $user->id); /// Note picture in DB
|
2004-05-01 14:34:21 +00:00
|
|
|
} else {
|
|
|
|
|
if (!empty($usernew->deletepicture)) {
|
|
|
|
|
set_field('user', 'picture', 0, 'id', $user->id); /// Delete picture
|
|
|
|
|
$usernew->picture = 0;
|
|
|
|
|
}
|
2002-11-20 14:52:32 +00:00
|
|
|
}
|
|
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
$user = $usernew;
|
|
|
|
|
|
|
|
|
|
} else {
|
2003-04-27 14:50:03 +00:00
|
|
|
$timenow = time();
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
if (!$usernew->picture = save_profile_image($user->id,$um,'users')) {
|
2004-05-01 14:34:21 +00:00
|
|
|
if (!empty($usernew->deletepicture)) {
|
|
|
|
|
set_field('user', 'picture', 0, 'id', $user->id); /// Delete picture
|
|
|
|
|
$usernew->picture = 0;
|
|
|
|
|
} else {
|
|
|
|
|
$usernew->picture = $user->picture;
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
$usernew->timemodified = time();
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if (isadmin()) {
|
2003-04-28 02:43:18 +00:00
|
|
|
if (!empty($usernew->newpassword)) {
|
2002-08-08 14:17:55 +00:00
|
|
|
$usernew->password = md5($usernew->newpassword);
|
2004-09-20 09:08:57 +00:00
|
|
|
// update external passwords
|
|
|
|
|
if (!empty($CFG->{'auth_'. $user->auth.'_stdchangepassword'})) {
|
2004-09-23 03:56:53 +00:00
|
|
|
if (function_exists('auth_user_update_password')){
|
2004-09-20 09:08:57 +00:00
|
|
|
if (!auth_user_update_password($user->username, $usernew->newpassword)){
|
|
|
|
|
error('Failed to update password on external auth: ' . $user->auth .
|
|
|
|
|
'. See the server logs for more details.');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
error('Your external authentication module is misconfigued!');
|
|
|
|
|
}
|
|
|
|
|
}
|
2004-09-23 03:56:53 +00:00
|
|
|
}
|
|
|
|
|
// store forcepasswordchange in user's preferences
|
2004-09-23 04:15:19 +00:00
|
|
|
if (!empty($usernew->forcepasswordchange)){
|
2004-09-23 03:56:53 +00:00
|
|
|
set_user_preference('auth_forcepasswordchange', 1, $user->id);
|
|
|
|
|
} else {
|
2004-09-23 04:15:19 +00:00
|
|
|
unset_user_preference('auth_forcepasswordchange', $user->id);
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (isset($usernew->newpassword)) {
|
|
|
|
|
error("You can not change the password like that");
|
|
|
|
|
}
|
|
|
|
|
}
|
2002-09-04 05:07:17 +00:00
|
|
|
if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
|
|
|
|
|
$usernew->url = "http://".$usernew->url;
|
|
|
|
|
}
|
2002-06-05 03:15:30 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
if (update_record("user", $usernew)) {
|
2004-09-20 09:08:57 +00:00
|
|
|
if (function_exists("auth_user_update")){
|
|
|
|
|
auth_user_update($user, $usernew);
|
|
|
|
|
}
|
|
|
|
|
add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
|
2002-06-05 03:15:30 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if ($user->id == $USER->id) {
|
|
|
|
|
// Copy data into $USER session variable
|
|
|
|
|
$usernew = (array)$usernew;
|
|
|
|
|
foreach ($usernew as $variable => $value) {
|
2003-08-30 06:19:44 +00:00
|
|
|
$USER->$variable = stripslashes($value);
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
2003-05-06 15:58:20 +00:00
|
|
|
if (isset($USER->newadminuser)) {
|
|
|
|
|
unset($USER->newadminuser);
|
2003-07-30 05:21:24 +00:00
|
|
|
redirect("$CFG->wwwroot/", get_string("changessaved"));
|
2003-05-06 15:58:20 +00:00
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
redirect("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id", get_string("changessaved"));
|
2002-08-08 14:17:55 +00:00
|
|
|
} else {
|
2003-12-16 05:31:52 +00:00
|
|
|
redirect("$CFG->wwwroot/$CFG->admin/user.php", get_string("changessaved"));
|
2002-06-05 03:15:30 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
} else {
|
|
|
|
|
error("Could not update the user record ($user->id)");
|
|
|
|
|
}
|
2003-04-27 14:50:03 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
/// Otherwise fill and print the form.
|
|
|
|
|
|
2002-09-26 07:03:22 +00:00
|
|
|
$streditmyprofile = get_string("editmyprofile");
|
|
|
|
|
$strparticipants = get_string("participants");
|
|
|
|
|
$strnewuser = get_string("newuser");
|
2002-07-11 05:30:57 +00:00
|
|
|
|
2002-09-26 07:03:22 +00:00
|
|
|
if (($user->firstname and $user->lastname) or $newaccount) {
|
|
|
|
|
if ($newaccount) {
|
|
|
|
|
$userfullname = $strnewuser;
|
|
|
|
|
} else {
|
2003-11-19 16:15:56 +00:00
|
|
|
$userfullname = fullname($user, isteacher($course->id));
|
2002-09-26 07:03:22 +00:00
|
|
|
}
|
2002-08-14 01:51:58 +00:00
|
|
|
if ($course->category) {
|
2003-04-27 14:50:03 +00:00
|
|
|
print_header("$course->shortname: $streditmyprofile", "$course->fullname: $streditmyprofile",
|
2004-09-21 11:41:58 +00:00
|
|
|
"<a href=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</a>
|
2004-09-07 08:05:25 +00:00
|
|
|
-> <a href=\"index.php?id=$course->id\">$strparticipants</a>
|
2004-09-21 11:41:58 +00:00
|
|
|
-> <a href=\"view.php?id=$user->id&course=$course->id\">$userfullname</a>
|
2002-09-26 07:03:22 +00:00
|
|
|
-> $streditmyprofile", "");
|
2002-08-14 01:51:58 +00:00
|
|
|
} else {
|
2003-05-06 15:58:20 +00:00
|
|
|
if (isset($USER->newadminuser)) {
|
|
|
|
|
print_header();
|
|
|
|
|
} else {
|
|
|
|
|
print_header("$course->shortname: $streditmyprofile", "$course->fullname",
|
2004-09-21 11:41:58 +00:00
|
|
|
"<a href=\"view.php?id=$user->id&course=$course->id\">$userfullname</a>
|
2003-05-06 15:58:20 +00:00
|
|
|
-> $streditmyprofile", "");
|
|
|
|
|
}
|
2002-08-14 01:51:58 +00:00
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
} else {
|
2002-09-26 07:03:22 +00:00
|
|
|
$userfullname = $strnewuser;
|
2002-08-14 01:51:58 +00:00
|
|
|
$straddnewuser = get_string("addnewuser");
|
|
|
|
|
|
|
|
|
|
$stradministration = get_string("administration");
|
2003-04-27 14:50:03 +00:00
|
|
|
print_header("$course->shortname: $streditmyprofile", "$course->fullname",
|
2003-08-10 08:01:14 +00:00
|
|
|
"<a href=\"$CFG->wwwroot/$CFG->admin/\">$stradministration</a> -> ".
|
|
|
|
|
"<a href=\"$CFG->wwwroot/$CFG->admin/users.php\">$strusers</a> -> $straddnewuser", "");
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
|
2002-06-05 05:37:55 +00:00
|
|
|
$teacher = strtolower($course->teacher);
|
2002-08-08 14:17:55 +00:00
|
|
|
if (!isadmin()) {
|
|
|
|
|
$teacheronly = "(".get_string("teacheronly", "", $teacher).")";
|
2002-12-29 17:32:32 +00:00
|
|
|
} else {
|
|
|
|
|
$teacheronly = "";
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
2002-06-05 05:37:55 +00:00
|
|
|
|
2002-08-14 01:51:58 +00:00
|
|
|
print_heading( get_string("userprofilefor", "", "$userfullname") );
|
2003-05-06 15:58:20 +00:00
|
|
|
|
|
|
|
|
if (isset($USER->newadminuser)) {
|
2003-08-07 16:01:31 +00:00
|
|
|
print_simple_box(get_string("configintroadmin"), "center", "50%");
|
2003-05-06 15:58:20 +00:00
|
|
|
echo "<br />";
|
|
|
|
|
}
|
|
|
|
|
|
2002-09-19 13:55:40 +00:00
|
|
|
print_simple_box_start("center", "", "$THEME->cellheading");
|
2004-09-23 03:56:53 +00:00
|
|
|
|
2002-12-29 17:32:32 +00:00
|
|
|
if (!empty($err)) {
|
2004-09-20 09:08:57 +00:00
|
|
|
echo "<center>";
|
|
|
|
|
notify(get_string("someerrorswerefound"));
|
|
|
|
|
echo "</center>";
|
2002-11-20 14:52:32 +00:00
|
|
|
}
|
2004-09-23 03:56:53 +00:00
|
|
|
|
2003-04-27 14:50:03 +00:00
|
|
|
include("edit.html");
|
2004-09-23 03:56:53 +00:00
|
|
|
|
|
|
|
|
if (!isadmin()) { /// Lock all the locked fields using Javascript
|
|
|
|
|
$fields = get_user_fieldnames();
|
|
|
|
|
|
|
|
|
|
echo '<script type="text/javascript">'."\n";
|
|
|
|
|
echo '<!--'."\n";
|
|
|
|
|
|
|
|
|
|
foreach ($fields as $field) {
|
|
|
|
|
$configvariable = 'auth_user_'.$field.'_editlock';
|
|
|
|
|
if (!empty($CFG->$configvariable)) {
|
|
|
|
|
echo "eval('document.form.$field.disabled=true');\n";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
echo '-->'."\n";
|
|
|
|
|
echo '</script>'."\n";
|
|
|
|
|
}
|
|
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
print_simple_box_end();
|
|
|
|
|
|
2003-05-06 15:58:20 +00:00
|
|
|
if (!isset($USER->newadminuser)) {
|
|
|
|
|
print_footer($course);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exit;
|
2001-11-22 06:23:56 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/// FUNCTIONS ////////////////////
|
|
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
function find_form_errors(&$user, &$usernew, &$err, &$um) {
|
2004-05-15 07:30:31 +00:00
|
|
|
global $CFG;
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2002-08-08 14:17:55 +00:00
|
|
|
if (isadmin()) {
|
2002-08-08 15:51:23 +00:00
|
|
|
if (empty($usernew->username)) {
|
2002-08-08 14:17:55 +00:00
|
|
|
$err["username"] = get_string("missingusername");
|
|
|
|
|
|
2002-08-08 15:51:23 +00:00
|
|
|
} else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
|
2004-09-20 09:08:57 +00:00
|
|
|
$err["username"] = get_string("usernameexists");
|
2002-08-08 15:51:23 +00:00
|
|
|
|
|
|
|
|
} else {
|
2004-05-15 07:30:31 +00:00
|
|
|
if (empty($CFG->extendedusernamechars)) {
|
|
|
|
|
$string = eregi_replace("[^(-\.[:alnum:])]", "", $usernew->username);
|
|
|
|
|
if (strcmp($usernew->username, $string)) {
|
|
|
|
|
$err["username"] = get_string("alphanumerical");
|
|
|
|
|
}
|
|
|
|
|
}
|
2002-08-08 15:51:23 +00:00
|
|
|
}
|
|
|
|
|
|
2003-09-22 14:01:45 +00:00
|
|
|
if (empty($usernew->newpassword) and empty($user->password) and is_internal_auth() )
|
2002-08-08 14:17:55 +00:00
|
|
|
$err["newpassword"] = get_string("missingpassword");
|
2002-09-05 02:17:33 +00:00
|
|
|
|
2002-09-05 17:31:08 +00:00
|
|
|
if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) {
|
2002-09-05 02:17:33 +00:00
|
|
|
$err["newpassword"] = get_string("unsafepassword");
|
2002-09-05 17:31:08 +00:00
|
|
|
}
|
2002-08-08 14:17:55 +00:00
|
|
|
}
|
|
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
if (empty($usernew->email))
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["email"] = get_string("missingemail");
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-05-30 21:55:44 +00:00
|
|
|
if (empty($usernew->description) and !isadmin())
|
2002-08-08 14:17:55 +00:00
|
|
|
$err["description"] = get_string("missingdescription");
|
|
|
|
|
|
2002-06-05 05:37:55 +00:00
|
|
|
if (empty($usernew->city))
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["city"] = get_string("missingcity");
|
2002-06-05 05:37:55 +00:00
|
|
|
|
2002-08-06 09:36:42 +00:00
|
|
|
if (empty($usernew->firstname))
|
|
|
|
|
$err["firstname"] = get_string("missingfirstname");
|
|
|
|
|
|
|
|
|
|
if (empty($usernew->lastname))
|
|
|
|
|
$err["lastname"] = get_string("missinglastname");
|
|
|
|
|
|
2002-06-05 05:37:55 +00:00
|
|
|
if (empty($usernew->country))
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["country"] = get_string("missingcountry");
|
2002-06-05 05:37:55 +00:00
|
|
|
|
2004-09-06 04:38:40 +00:00
|
|
|
if (! validate_email($usernew->email)) {
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["email"] = get_string("invalidemail");
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-06 04:38:40 +00:00
|
|
|
} else if ($otheruser = get_record("user", "email", $usernew->email)) {
|
2001-11-22 06:23:56 +00:00
|
|
|
if ($otheruser->id <> $user->id) {
|
2002-07-11 05:30:57 +00:00
|
|
|
$err["email"] = get_string("emailexists");
|
2001-11-22 06:23:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
2004-09-21 11:41:58 +00:00
|
|
|
|
2004-09-06 04:38:40 +00:00
|
|
|
if (empty($err["email"]) and !isadmin()) {
|
2004-09-06 15:21:22 +00:00
|
|
|
if ($error = email_is_not_allowed($usernew->email)) {
|
|
|
|
|
$err["email"] = $error;
|
2004-09-06 04:38:40 +00:00
|
|
|
}
|
|
|
|
|
}
|
2004-09-23 03:56:53 +00:00
|
|
|
|
2004-09-16 00:16:48 +00:00
|
|
|
if (!$um->preprocess_files()) {
|
|
|
|
|
$err['imagefile'] = $um->notify;
|
|
|
|
|
}
|
2001-11-22 06:23:56 +00:00
|
|
|
|
2004-09-23 03:56:53 +00:00
|
|
|
if (!isadmin()) { /// Make sure that locked fields are not being edited
|
|
|
|
|
$fields = get_user_fieldnames();
|
|
|
|
|
|
|
|
|
|
foreach ($fields as $field) {
|
|
|
|
|
$configvariable = 'auth_user_'.$field.'_editlock';
|
|
|
|
|
if (!empty($CFG->$configvariable)) {
|
|
|
|
|
if ($user->$field !== $usernew->$field) {
|
|
|
|
|
$err[$field] = get_string("editlock");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2004-09-20 09:08:57 +00:00
|
|
|
}
|
|
|
|
|
|
2001-11-22 06:23:56 +00:00
|
|
|
$user->email = $usernew->email;
|
|
|
|
|
|
|
|
|
|
return count($err);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
?>
|
