Upgraded to latest code, and add lots of new languages
[moodle.git] / user / edit.php
CommitLineData
f9903ed0 1<?PHP // $Id$
2
dc2590e5 3 require_once("../config.php");
4 require_once("../lib/countries.php");
5 require_once("lib.php");
f9903ed0 6
7 require_variable($id); // user id
8 require_variable($course); // course id
9
10 if (! $user = get_record("user", "id", $id)) {
11 error("User ID was incorrect");
12 }
13
14 if (! $course = get_record("course", "id", $course)) {
0087d8a6 15 error("Course ID was incorrect");
f9903ed0 16 }
17
2c104c01 18 if ($user->confirmed and user_not_fully_set_up($user)) {
faebaf0f 19 // Special case which can only occur when a new account
20 // has just been created by EXTERNAL authentication
21 // This is the only page in Moodle that has the exception
22 // so that users can set up their accounts
23 $newaccount = true;
24
25 } else {
26 $newaccount = false;
dc2590e5 27 require_login($course->id);
faebaf0f 28 }
f9903ed0 29
a3447e10 30 if ($USER->id <> $user->id and !isadmin()) {
f9903ed0 31 error("You can only edit your own information");
32 }
33
603d4c72 34 if (isguest()) {
35 error("The guest user cannot edit their profile.");
36 }
37
a3447e10 38 if (isguest($user->id)) {
39 error("Sorry, the guest user cannot be edited.");
40 }
41
f9903ed0 42
43/// If data submitted, then process and store.
44
dc2590e5 45 if ($usernew = data_submitted()) {
a3447e10 46 $usernew->firstname = strip_tags($usernew->firstname);
47 $usernew->lastname = strip_tags($usernew->lastname);
dc2590e5 48 if (isset($usernew->username)) {
49 $usernew->username = trim(moodle_strtolower($usernew->username));
50 }
51
de38e262 52 if (empty($_FILES['imagefile'])) {
53 $_FILES['imagefile'] = NULL; // To avoid using uninitialised variable later
54 }
55
b913b369 56 if (find_form_errors($user, $usernew, $err)) {
607809b3 57 if ($filename = valid_uploaded_file($_FILES['imagefile'])) {
a406cdec 58 $usernew->picture = save_user_image($user->id, $filename);
59 }
60
a3447e10 61 $user = $usernew;
62
63 } else {
dc2590e5 64 $timenow = time();
f9903ed0 65
607809b3 66 if ($filename = valid_uploaded_file($_FILES['imagefile'])) {
a406cdec 67 $usernew->picture = save_user_image($user->id, $filename);
f9903ed0 68 } else {
69 $usernew->picture = $user->picture;
70 }
71
72 $usernew->timemodified = time();
73
a3447e10 74 if (isadmin()) {
f0eec3b6 75 if (!empty($usernew->newpassword)) {
a3447e10 76 $usernew->password = md5($usernew->newpassword);
77 }
78 } else {
79 if (isset($usernew->newpassword)) {
80 error("You can not change the password like that");
81 }
82 }
ef9955b0 83 if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
84 $usernew->url = "http://".$usernew->url;
85 }
873960de 86
f9903ed0 87 if (update_record("user", $usernew)) {
253ae7db 88 add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
873960de 89
a3447e10 90 if ($user->id == $USER->id) {
91 // Copy data into $USER session variable
92 $usernew = (array)$usernew;
93 foreach ($usernew as $variable => $value) {
94 $USER->$variable = $value;
95 }
dc2590e5 96 redirect("view.php?id=$user->id&course=$course->id", get_string("changessaved"));
a3447e10 97 } else {
dc2590e5 98 redirect("../admin/user.php", get_string("changessaved"));
873960de 99 }
f9903ed0 100 } else {
101 error("Could not update the user record ($user->id)");
102 }
dc2590e5 103 }
f9903ed0 104 }
105
106/// Otherwise fill and print the form.
107
faebaf0f 108 $streditmyprofile = get_string("editmyprofile");
109 $strparticipants = get_string("participants");
110 $strnewuser = get_string("newuser");
8553b700 111
faebaf0f 112 if (($user->firstname and $user->lastname) or $newaccount) {
113 if ($newaccount) {
114 $userfullname = $strnewuser;
115 } else {
116 $userfullname = "$user->firstname $user->lastname";
117 }
7cbb4c96 118 if ($course->category) {
dc2590e5 119 print_header("$course->shortname: $streditmyprofile", "$course->fullname: $streditmyprofile",
7cbb4c96 120 "<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A>
faebaf0f 121 -> <A HREF=\"index.php?id=$course->id\">$strparticipants</A>
7cbb4c96 122 -> <A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>
faebaf0f 123 -> $streditmyprofile", "");
7cbb4c96 124 } else {
dc2590e5 125 print_header("$course->shortname: $streditmyprofile", "$course->fullname",
7cbb4c96 126 "<A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>
faebaf0f 127 -> $streditmyprofile", "");
7cbb4c96 128 }
f9903ed0 129 } else {
faebaf0f 130 $userfullname = $strnewuser;
7cbb4c96 131 $straddnewuser = get_string("addnewuser");
132
133 $stradministration = get_string("administration");
dc2590e5 134 print_header("$course->shortname: $streditmyprofile", "$course->fullname",
7cbb4c96 135 "<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> ->
136 $straddnewuser", "");
f9903ed0 137 }
138
bda8d43a 139 $teacher = strtolower($course->teacher);
a3447e10 140 if (!isadmin()) {
141 $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
9c9f7d77 142 } else {
143 $teacheronly = "";
a3447e10 144 }
bda8d43a 145
7cbb4c96 146 print_heading( get_string("userprofilefor", "", "$userfullname") );
4d0dde91 147 print_simple_box_start("center", "", "$THEME->cellheading");
9c9f7d77 148 if (!empty($err)) {
a406cdec 149 echo "<CENTER>";
150 notify(get_string("someerrorswerefound"));
151 echo "</CENTER>";
152 }
dc2590e5 153 include("edit.html");
f9903ed0 154 print_simple_box_end();
f9903ed0 155 print_footer($course);
156
157
158
159
160/// FUNCTIONS ////////////////////
161
162function find_form_errors(&$user, &$usernew, &$err) {
163
a3447e10 164 if (isadmin()) {
2b25f2a0 165 if (empty($usernew->username)) {
a3447e10 166 $err["username"] = get_string("missingusername");
167
2b25f2a0 168 } else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
169 $err["username"] = get_string("usernameexists");
170
171 } else {
e6829515 172 $string = eregi_replace("[^(-\.[:alnum:])]", "", $usernew->username);
78e72ed1 173 if (strcmp($usernew->username, $string))
2b25f2a0 174 $err["username"] = get_string("alphanumerical");
175 }
176
a3447e10 177 if (empty($usernew->newpassword) and empty($user->password))
178 $err["newpassword"] = get_string("missingpassword");
e98e0915 179
09ba0c8a 180 if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) {
e98e0915 181 $err["newpassword"] = get_string("unsafepassword");
09ba0c8a 182 }
a3447e10 183 }
184
f9903ed0 185 if (empty($usernew->email))
8553b700 186 $err["email"] = get_string("missingemail");
f9903ed0 187
a3447e10 188 if (empty($usernew->description))
189 $err["description"] = get_string("missingdescription");
190
bda8d43a 191 if (empty($usernew->city))
8553b700 192 $err["city"] = get_string("missingcity");
bda8d43a 193
9c055aa5 194 if (empty($usernew->firstname))
195 $err["firstname"] = get_string("missingfirstname");
196
197 if (empty($usernew->lastname))
198 $err["lastname"] = get_string("missinglastname");
199
bda8d43a 200 if (empty($usernew->country))
8553b700 201 $err["country"] = get_string("missingcountry");
bda8d43a 202
a3447e10 203 if (! validate_email($usernew->email))
8553b700 204 $err["email"] = get_string("invalidemail");
f9903ed0 205
206 else if ($otheruser = get_record("user", "email", $usernew->email)) {
207 if ($otheruser->id <> $user->id) {
8553b700 208 $err["email"] = get_string("emailexists");
f9903ed0 209 }
210 }
211
212 $user->email = $usernew->email;
213
214 return count($err);
215}
216
217
218?>