[moodle.git] / user / edit.php

<?PHP // $Id$

	require("../config.php");
	require("../lib/countries.php");
	require("lib.php");

    require_variable($id);       // user id
    require_variable($course);   // course id

    if (! $user = get_record("user", "id", $id)) {
        error("User ID was incorrect");
    }

    if (! $course = get_record("course", "id", $course)) {
        error("Course ID was incorrect");
    }

	require_login($course->id);

    if ($USER->id <> $user->id and !isadmin()) {
        error("You can only edit your own information");
    }

    if (isguest()) {
        error("The guest user cannot edit their profile.");
    }

    if (isguest($user->id)) {
        error("Sorry, the guest user cannot be edited.");
    }


/// If data submitted, then process and store.

	if (match_referer() && isset($HTTP_POST_VARS)) {

        $usernew = (object)$HTTP_POST_VARS;

        $usernew->firstname = strip_tags($usernew->firstname);
        $usernew->lastname  = strip_tags($usernew->lastname);

        if (find_form_errors($user, $usernew, $err) ) {
            $user = $usernew;

        } else {

		    $timenow = time();

            if ($filename = valid_uploaded_file($imagefile)) { 
                $imageinfo = GetImageSize($filename);
                $image->width  = $imageinfo[0];
                $image->height = $imageinfo[1];
                $image->type   = $imageinfo[2];
    
                switch ($image->type) {
                    case 2: $im = ImageCreateFromJPEG($filename); break;
                    case 3: $im = ImageCreateFromPNG($filename); break;
                    default: error("Image must be in JPG or PNG format");
                }
                if (function_exists("ImageCreateTrueColor") and $CFG->gdversion >= 2) {
                    $im1 = ImageCreateTrueColor(100,100);
                    $im2 = ImageCreateTrueColor(35,35);
                } else {
                    $im1 = ImageCreate(100,100);
                    $im2 = ImageCreate(35,35);
                }
                
                $cx = $image->width / 2;
                $cy = $image->height / 2;
    
                if ($image->width < $image->height) {
                    $half = floor($image->width / 2.0);
                } else {
                    $half = floor($image->height / 2.0);
                }
    
                if (!file_exists("$CFG->dataroot/users")) {
                    if (! mkdir("$CFG->dataroot/users", 0777)) {
                        $badpermissions = true;
                    }
                }
                if (!file_exists("$CFG->dataroot/users/$user->id")) {
                    if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) {
                        $badpermissions = true;
                    }
                }
                
                if ($badpermissions) {
                    $usernew->picture = "0";

                } else {
                    ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half*2, $half*2);
                    ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half*2, $half*2);
    
                    // Draw borders over the top.
                    $black1 = ImageColorAllocate ($im1, 0, 0, 0);
                    $black2 = ImageColorAllocate ($im2, 0, 0, 0);
                    ImageLine ($im1, 0, 0, 0, 99, $black1);
                    ImageLine ($im1, 0, 99, 99, 99, $black1);
                    ImageLine ($im1, 99, 99, 99, 0, $black1);
                    ImageLine ($im1, 99, 0, 0, 0, $black1);
                    ImageLine ($im2, 0, 0, 0, 34, $black2);
                    ImageLine ($im2, 0, 34, 34, 34, $black2);
                    ImageLine ($im2, 34, 34, 34, 0, $black2);
                    ImageLine ($im2, 34, 0, 0, 0, $black2);
                
                    ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90);
                    ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95);
                    $usernew->picture = "1";
                }
            } else {
                $usernew->picture = $user->picture;
            }
    
            $usernew->timemodified = time();

            if (isadmin()) {
                if ($usernew->newpassword) {
                    $usernew->password = md5($usernew->newpassword);
                }
            } else {
                if (isset($usernew->newpassword)) {
                    error("You can not change the password like that");
                }
            }

            if (update_record("user", $usernew)) {
                add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");

                if ($user->id == $USER->id) {
                    // Copy data into $USER session variable
                    $usernew = (array)$usernew;
                    foreach ($usernew as $variable => $value) {
                        $USER->$variable = $value;
                    }
                    save_session("USER");
		            redirect("view.php?id=$user->id&course=$course->id", "Changes saved");
                } else {
		            redirect("../admin/user.php", "Changes saved");
                }
            } else {
                error("Could not update the user record ($user->id)");
            }
	    }
    }
    
/// Otherwise fill and print the form.

    $editmyprofile = get_string("editmyprofile");
    $participants = get_string("participants");

    if ($course->category) {
	    print_header("$course->fullname: $editmyprofile", "$course->fullname: $editmyprofile",
                    "<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A> 
                    -> <A HREF=\"index.php?id=$course->id\">$participants</A>
                    -> <A HREF=\"view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A> 
                    -> $editmyprofile", "");
    } else {
	    print_header("$course->fullname: $editmyprofile", "$course->fullname",
                     "<A HREF=\"view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A> 
                      -> $editmyprofile", "");
    }

    $teacher = strtolower($course->teacher);
    if (!isadmin()) {
        $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
    }

    print_simple_box_start("center", "", "$THEME->cellheading");
    print_heading( get_string("userprofilefor", "", "$user->firstname $user->lastname") );
	include("edit.html");
    print_simple_box_end();
    print_footer($course);


/// FUNCTIONS ////////////////////

function find_form_errors(&$user, &$usernew, &$err) {

    if (isadmin()) {
        if (empty($usernew->username)) {
            $err["username"] = get_string("missingusername");

        } else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
                $err["username"] = get_string("usernameexists");

        } else {
            $string = eregi_replace("[^([:alnum:])]", "", $user->username);
            if (strcmp($user->username, $string)) 
                $err["username"] = get_string("alphanumerical");
        }

        if (empty($usernew->newpassword) and empty($user->password))
            $err["newpassword"] = get_string("missingpassword");
    }

    if (empty($usernew->email))
        $err["email"] = get_string("missingemail");

    if (empty($usernew->description))
        $err["description"] = get_string("missingdescription");

    if (empty($usernew->city))
        $err["city"] = get_string("missingcity");

    if (empty($usernew->firstname))
        $err["firstname"] = get_string("missingfirstname");

    if (empty($usernew->lastname))
        $err["lastname"] = get_string("missinglastname");

    if (empty($usernew->country))
        $err["country"] = get_string("missingcountry");

    if (! validate_email($usernew->email))
        $err["email"] = get_string("invalidemail");

    else if ($otheruser = get_record("user", "email", $usernew->email)) {
        if ($otheruser->id <> $user->id) {
            $err["email"] = get_string("emailexists");
        }
    }

    $user->email = $usernew->email;

    return count($err);
}


?>
Commit	Line	Data
f9903ed0	1	<?PHP // $Id$
	2
	3	require("../config.php");
bda8d43a	4	require("../lib/countries.php");
f9903ed0	5	require("lib.php");
	6
	7	require_variable($id); // user id
	8	require_variable($course); // course id
	9
	10	if (! $user = get_record("user", "id", $id)) {
	11	error("User ID was incorrect");
	12	}
	13
	14	if (! $course = get_record("course", "id", $course)) {
0087d8a6	15	error("Course ID was incorrect");
f9903ed0	16	}
	17
	18	require_login($course->id);
	19
a3447e10	20	if ($USER->id <> $user->id and !isadmin()) {
f9903ed0	21	error("You can only edit your own information");
	22	}
	23
603d4c72	24	if (isguest()) {
	25	error("The guest user cannot edit their profile.");
	26	}
	27
a3447e10	28	if (isguest($user->id)) {
	29	error("Sorry, the guest user cannot be edited.");
	30	}
	31
f9903ed0	32
	33	/// If data submitted, then process and store.
	34
	35	if (match_referer() && isset($HTTP_POST_VARS)) {
	36
	37	$usernew = (object)$HTTP_POST_VARS;
	38
a3447e10	39	$usernew->firstname = strip_tags($usernew->firstname);
	40	$usernew->lastname = strip_tags($usernew->lastname);
	41
	42	if (find_form_errors($user, $usernew, $err) ) {
	43	$user = $usernew;
	44
	45	} else {
f9903ed0	46
	47	$timenow = time();
	48
8223d271	49	if ($filename = valid_uploaded_file($imagefile)) {
8223d271	50	$imageinfo = GetImageSize($filename);
f9903ed0	51	$image->width = $imageinfo[0];
	52	$image->height = $imageinfo[1];
	53	$image->type = $imageinfo[2];
	54
	55	switch ($image->type) {
8223d271	56	case 2: $im = ImageCreateFromJPEG($filename); break;
8223d271	57	case 3: $im = ImageCreateFromPNG($filename); break;
f9903ed0	58	default: error("Image must be in JPG or PNG format");
f9903ed0	59	}
22f4320b	60	if (function_exists("ImageCreateTrueColor") and $CFG->gdversion >= 2) {
f9903ed0	61	$im1 = ImageCreateTrueColor(100,100);
	62	$im2 = ImageCreateTrueColor(35,35);
	63	} else {
	64	$im1 = ImageCreate(100,100);
	65	$im2 = ImageCreate(35,35);
	66	}
	67
	68	$cx = $image->width / 2;
	69	$cy = $image->height / 2;
	70
	71	if ($image->width < $image->height) {
	72	$half = floor($image->width / 2.0);
	73	} else {
	74	$half = floor($image->height / 2.0);
	75	}
	76
	77	if (!file_exists("$CFG->dataroot/users")) {
54bdcdbe	78	if (! mkdir("$CFG->dataroot/users", 0777)) {
	79	$badpermissions = true;
	80	}
f9903ed0	81	}
a3447e10	82	if (!file_exists("$CFG->dataroot/users/$user->id")) {
a3447e10	83	if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) {
54bdcdbe	84	$badpermissions = true;
54bdcdbe	85	}
f9903ed0	86	}
f9903ed0	87
54bdcdbe	88	if ($badpermissions) {
	89	$usernew->picture = "0";
	90
	91	} else {
	92	ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half2, $half2);
	93	ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half2, $half2);
f9903ed0	94
54bdcdbe	95	// Draw borders over the top.
	96	$black1 = ImageColorAllocate ($im1, 0, 0, 0);
	97	$black2 = ImageColorAllocate ($im2, 0, 0, 0);
	98	ImageLine ($im1, 0, 0, 0, 99, $black1);
	99	ImageLine ($im1, 0, 99, 99, 99, $black1);
	100	ImageLine ($im1, 99, 99, 99, 0, $black1);
	101	ImageLine ($im1, 99, 0, 0, 0, $black1);
	102	ImageLine ($im2, 0, 0, 0, 34, $black2);
	103	ImageLine ($im2, 0, 34, 34, 34, $black2);
	104	ImageLine ($im2, 34, 34, 34, 0, $black2);
	105	ImageLine ($im2, 34, 0, 0, 0, $black2);
	106
a3447e10	107	ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90);
a3447e10	108	ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95);
54bdcdbe	109	$usernew->picture = "1";
54bdcdbe	110	}
f9903ed0	111	} else {
	112	$usernew->picture = $user->picture;
	113	}
	114
	115	$usernew->timemodified = time();
	116
a3447e10	117	if (isadmin()) {
	118	if ($usernew->newpassword) {
	119	$usernew->password = md5($usernew->newpassword);
	120	}
	121	} else {
	122	if (isset($usernew->newpassword)) {
	123	error("You can not change the password like that");
	124	}
	125	}
873960de	126
f9903ed0	127	if (update_record("user", $usernew)) {
253ae7db	128	add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
873960de	129
a3447e10	130	if ($user->id == $USER->id) {
	131	// Copy data into $USER session variable
	132	$usernew = (array)$usernew;
	133	foreach ($usernew as $variable => $value) {
	134	$USER->$variable = $value;
	135	}
	136	save_session("USER");
	137	redirect("view.php?id=$user->id&course=$course->id", "Changes saved");
	138	} else {
	139	redirect("../admin/user.php", "Changes saved");
873960de	140	}
f9903ed0	141	} else {
	142	error("Could not update the user record ($user->id)");
	143	}
	144	}
	145	}
	146
	147	/// Otherwise fill and print the form.
	148
8553b700	149	$editmyprofile = get_string("editmyprofile");
	150	$participants = get_string("participants");
	151
f9903ed0	152	if ($course->category) {
0087d8a6	153	print_header("$course->fullname: $editmyprofile", "$course->fullname: $editmyprofile",
f9903ed0	154	"<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A>
8553b700	155	-> <A HREF=\"index.php?id=$course->id\">$participants</A>
a3447e10	156	-> <A HREF=\"view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A>
8553b700	157	-> $editmyprofile", "");
f9903ed0	158	} else {
0087d8a6	159	print_header("$course->fullname: $editmyprofile", "$course->fullname",
a3447e10	160	"<A HREF=\"view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A>
8553b700	161	-> $editmyprofile", "");
f9903ed0	162	}
f9903ed0	163
bda8d43a	164	$teacher = strtolower($course->teacher);
a3447e10	165	if (!isadmin()) {
	166	$teacheronly = "(".get_string("teacheronly", "", $teacher).")";
	167	}
bda8d43a	168
f9903ed0	169	print_simple_box_start("center", "", "$THEME->cellheading");
8553b700	170	print_heading( get_string("userprofilefor", "", "$user->firstname $user->lastname") );
f9903ed0	171	include("edit.html");
f9903ed0	172	print_simple_box_end();
f9903ed0	173	print_footer($course);
	174
	175
	176
	177
	178	/// FUNCTIONS ////////////////////
	179
	180	function find_form_errors(&$user, &$usernew, &$err) {
	181
a3447e10	182	if (isadmin()) {
2b25f2a0	183	if (empty($usernew->username)) {
a3447e10	184	$err["username"] = get_string("missingusername");
a3447e10	185
2b25f2a0	186	} else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
	187	$err["username"] = get_string("usernameexists");
	188
	189	} else {
	190	$string = eregi_replace("[^([:alnum:])]", "", $user->username);
	191	if (strcmp($user->username, $string))
	192	$err["username"] = get_string("alphanumerical");
	193	}
	194
a3447e10	195	if (empty($usernew->newpassword) and empty($user->password))
	196	$err["newpassword"] = get_string("missingpassword");
	197	}
	198
f9903ed0	199	if (empty($usernew->email))
8553b700	200	$err["email"] = get_string("missingemail");
f9903ed0	201
a3447e10	202	if (empty($usernew->description))
	203	$err["description"] = get_string("missingdescription");
	204
bda8d43a	205	if (empty($usernew->city))
8553b700	206	$err["city"] = get_string("missingcity");
bda8d43a	207
9c055aa5	208	if (empty($usernew->firstname))
	209	$err["firstname"] = get_string("missingfirstname");
	210
	211	if (empty($usernew->lastname))
	212	$err["lastname"] = get_string("missinglastname");
	213
bda8d43a	214	if (empty($usernew->country))
8553b700	215	$err["country"] = get_string("missingcountry");
bda8d43a	216
a3447e10	217	if (! validate_email($usernew->email))
8553b700	218	$err["email"] = get_string("invalidemail");
f9903ed0	219
	220	else if ($otheruser = get_record("user", "email", $usernew->email)) {
	221	if ($otheruser->id <> $user->id) {
8553b700	222	$err["email"] = get_string("emailexists");
f9903ed0	223	}
	224	}
	225
	226	$user->email = $usernew->email;
	227
	228	return count($err);
	229	}
	230
	231
	232	?>