Latest tags
[moodle.git] / user / edit.php
CommitLineData
f9903ed0 1<?PHP // $Id$
2
dc2590e5 3 require_once("../config.php");
951b22a8 4 require_once("$CFG->libdir/gdlib.php");
f9903ed0 5
6 require_variable($id); // user id
7 require_variable($course); // course id
8
f971d502 9
10
f9903ed0 11 if (! $user = get_record("user", "id", $id)) {
12 error("User ID was incorrect");
13 }
14
15 if (! $course = get_record("course", "id", $course)) {
0087d8a6 16 error("Course ID was incorrect");
f9903ed0 17 }
18
2c104c01 19 if ($user->confirmed and user_not_fully_set_up($user)) {
faebaf0f 20 // Special case which can only occur when a new account
21 // has just been created by EXTERNAL authentication
22 // This is the only page in Moodle that has the exception
23 // so that users can set up their accounts
24 $newaccount = true;
25
deae201f 26 if (empty($USER)) {
ea229804 27 error("Sessions don't seem to be working on this server!");
28 }
29
faebaf0f 30 } else {
31 $newaccount = false;
dc2590e5 32 require_login($course->id);
faebaf0f 33 }
f9903ed0 34
a3447e10 35 if ($USER->id <> $user->id and !isadmin()) {
f9903ed0 36 error("You can only edit your own information");
37 }
38
603d4c72 39 if (isguest()) {
40 error("The guest user cannot edit their profile.");
41 }
42
a3447e10 43 if (isguest($user->id)) {
44 error("Sorry, the guest user cannot be edited.");
45 }
46
f9903ed0 47
48/// If data submitted, then process and store.
49
dc2590e5 50 if ($usernew = data_submitted()) {
999beee0 51
ab394456 52 if (isset($USER->username)) {
53 check_for_restricted_user($USER->username, "$CFG->wwwroot/course/view.php?id=$course->id");
54 }
55
999beee0 56 foreach ($usernew as $key => $data) {
6acfbb43 57 $usernew->$key = addslashes(clean_text(stripslashes($usernew->$key), FORMAT_MOODLE));
999beee0 58 }
59
9d05e261 60 $usernew->firstname = trim(strip_tags($usernew->firstname));
61 $usernew->lastname = trim(strip_tags($usernew->lastname));
999beee0 62
dc2590e5 63 if (isset($usernew->username)) {
64 $usernew->username = trim(moodle_strtolower($usernew->username));
65 }
66
de38e262 67
81d425b4 68 require_once($CFG->dirroot.'/lib/uploadlib.php');
96038147 69 $um = new upload_manager('imagefile',false,false,null,false,0,true,true);
81d425b4 70
71 if (find_form_errors($user, $usernew, $err,$um)) {
72 if (empty($err['imagefile']) && $usernew->picture = save_profile_image($user->id, $um,'users')) {
1aacb503 73 set_field('user', 'picture', $usernew->picture, 'id', $user->id); /// Note picture in DB
ec67cbf2 74 } else {
75 if (!empty($usernew->deletepicture)) {
76 set_field('user', 'picture', 0, 'id', $user->id); /// Delete picture
77 $usernew->picture = 0;
78 }
a406cdec 79 }
80
a3447e10 81 $user = $usernew;
82
83 } else {
dc2590e5 84 $timenow = time();
81d425b4 85
86 if (!$usernew->picture = save_profile_image($user->id,$um,'users')) {
ec67cbf2 87 if (!empty($usernew->deletepicture)) {
88 set_field('user', 'picture', 0, 'id', $user->id); /// Delete picture
89 $usernew->picture = 0;
90 } else {
91 $usernew->picture = $user->picture;
92 }
f9903ed0 93 }
81d425b4 94
f9903ed0 95 $usernew->timemodified = time();
81d425b4 96
a3447e10 97 if (isadmin()) {
f0eec3b6 98 if (!empty($usernew->newpassword)) {
a3447e10 99 $usernew->password = md5($usernew->newpassword);
100 }
101 } else {
102 if (isset($usernew->newpassword)) {
103 error("You can not change the password like that");
104 }
105 }
ef9955b0 106 if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
107 $usernew->url = "http://".$usernew->url;
108 }
873960de 109
f9903ed0 110 if (update_record("user", $usernew)) {
839f2456 111 add_to_log($course->id, "user", "update", "view.php?id=$user->id&amp;course=$course->id", "");
873960de 112
a3447e10 113 if ($user->id == $USER->id) {
114 // Copy data into $USER session variable
115 $usernew = (array)$usernew;
116 foreach ($usernew as $variable => $value) {
521d04cf 117 $USER->$variable = stripslashes($value);
a3447e10 118 }
1f33691c 119 if (isset($USER->newadminuser)) {
120 unset($USER->newadminuser);
dd85cc81 121 redirect("$CFG->wwwroot/", get_string("changessaved"));
1f33691c 122 }
839f2456 123 redirect("$CFG->wwwroot/user/view.php?id=$user->id&amp;course=$course->id", get_string("changessaved"));
a3447e10 124 } else {
003296c4 125 redirect("$CFG->wwwroot/$CFG->admin/user.php", get_string("changessaved"));
873960de 126 }
f9903ed0 127 } else {
128 error("Could not update the user record ($user->id)");
129 }
dc2590e5 130 }
f9903ed0 131 }
132
133/// Otherwise fill and print the form.
134
faebaf0f 135 $streditmyprofile = get_string("editmyprofile");
136 $strparticipants = get_string("participants");
137 $strnewuser = get_string("newuser");
8553b700 138
faebaf0f 139 if (($user->firstname and $user->lastname) or $newaccount) {
140 if ($newaccount) {
141 $userfullname = $strnewuser;
142 } else {
5fde0ca6 143 $userfullname = fullname($user, isteacher($course->id));
faebaf0f 144 }
7cbb4c96 145 if ($course->category) {
dc2590e5 146 print_header("$course->shortname: $streditmyprofile", "$course->fullname: $streditmyprofile",
031c49fa 147 "<a href=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</a>
148 -> <a href=\"index.php?id=$course->id\">$strparticipants</a>
357b5286 149 -> <a href=\"view.php?id=$user->id&amp;course=$course->id\">$userfullname</a>
faebaf0f 150 -> $streditmyprofile", "");
7cbb4c96 151 } else {
1f33691c 152 if (isset($USER->newadminuser)) {
153 print_header();
154 } else {
155 print_header("$course->shortname: $streditmyprofile", "$course->fullname",
357b5286 156 "<a href=\"view.php?id=$user->id&amp;course=$course->id\">$userfullname</a>
1f33691c 157 -> $streditmyprofile", "");
158 }
7cbb4c96 159 }
f9903ed0 160 } else {
faebaf0f 161 $userfullname = $strnewuser;
7cbb4c96 162 $straddnewuser = get_string("addnewuser");
163
164 $stradministration = get_string("administration");
dc2590e5 165 print_header("$course->shortname: $streditmyprofile", "$course->fullname",
55e4b5f9 166 "<a href=\"$CFG->wwwroot/$CFG->admin/\">$stradministration</a> -> ".
167 "<a href=\"$CFG->wwwroot/$CFG->admin/users.php\">$strusers</a> -> $straddnewuser", "");
f9903ed0 168 }
169
bda8d43a 170 $teacher = strtolower($course->teacher);
a3447e10 171 if (!isadmin()) {
172 $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
9c9f7d77 173 } else {
174 $teacheronly = "";
a3447e10 175 }
bda8d43a 176
7cbb4c96 177 print_heading( get_string("userprofilefor", "", "$userfullname") );
1f33691c 178
179 if (isset($USER->newadminuser)) {
d2b6ba70 180 print_simple_box(get_string("configintroadmin"), "center", "50%");
1f33691c 181 echo "<br />";
182 }
183
4d0dde91 184 print_simple_box_start("center", "", "$THEME->cellheading");
9c9f7d77 185 if (!empty($err)) {
031c49fa 186 echo "<center>";
a406cdec 187 notify(get_string("someerrorswerefound"));
031c49fa 188 echo "</center>";
a406cdec 189 }
dc2590e5 190 include("edit.html");
f9903ed0 191 print_simple_box_end();
f9903ed0 192
1f33691c 193 if (!isset($USER->newadminuser)) {
194 print_footer($course);
195 }
196
197 exit;
f9903ed0 198
199
200
201/// FUNCTIONS ////////////////////
202
81d425b4 203function find_form_errors(&$user, &$usernew, &$err, &$um) {
c9ca1fa5 204 global $CFG;
f9903ed0 205
a3447e10 206 if (isadmin()) {
2b25f2a0 207 if (empty($usernew->username)) {
a3447e10 208 $err["username"] = get_string("missingusername");
209
2b25f2a0 210 } else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
211 $err["username"] = get_string("usernameexists");
212
213 } else {
c9ca1fa5 214 if (empty($CFG->extendedusernamechars)) {
215 $string = eregi_replace("[^(-\.[:alnum:])]", "", $usernew->username);
216 if (strcmp($usernew->username, $string)) {
217 $err["username"] = get_string("alphanumerical");
218 }
219 }
2b25f2a0 220 }
221
ecac660c 222 if (empty($usernew->newpassword) and empty($user->password) and is_internal_auth() )
a3447e10 223 $err["newpassword"] = get_string("missingpassword");
e98e0915 224
09ba0c8a 225 if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) {
e98e0915 226 $err["newpassword"] = get_string("unsafepassword");
09ba0c8a 227 }
a3447e10 228 }
229
f9903ed0 230 if (empty($usernew->email))
8553b700 231 $err["email"] = get_string("missingemail");
f9903ed0 232
87f3a895 233 if (empty($usernew->description) and !isadmin())
a3447e10 234 $err["description"] = get_string("missingdescription");
235
bda8d43a 236 if (empty($usernew->city))
8553b700 237 $err["city"] = get_string("missingcity");
bda8d43a 238
9c055aa5 239 if (empty($usernew->firstname))
240 $err["firstname"] = get_string("missingfirstname");
241
242 if (empty($usernew->lastname))
243 $err["lastname"] = get_string("missinglastname");
244
bda8d43a 245 if (empty($usernew->country))
8553b700 246 $err["country"] = get_string("missingcountry");
bda8d43a 247
21f01485 248 if (! validate_email($usernew->email)) {
8553b700 249 $err["email"] = get_string("invalidemail");
f9903ed0 250
21f01485 251 } else if ($otheruser = get_record("user", "email", $usernew->email)) {
f9903ed0 252 if ($otheruser->id <> $user->id) {
8553b700 253 $err["email"] = get_string("emailexists");
f9903ed0 254 }
255 }
21f01485 256
257 if (empty($err["email"]) and !isadmin()) {
85a1d4c9 258 if ($error = email_is_not_allowed($usernew->email)) {
259 $err["email"] = $error;
21f01485 260 }
261 }
81d425b4 262 if (!$um->preprocess_files()) {
263 $err['imagefile'] = $um->notify;
264 }
f9903ed0 265
266 $user->email = $usernew->email;
267
268 return count($err);
269}
270
271
272?>