Check for USER->email in require_login. With external authentication
[moodle.git] / user / edit.php
CommitLineData
f9903ed0 1<?PHP // $Id$
2
3 require("../config.php");
bda8d43a 4 require("../lib/countries.php");
f9903ed0 5 require("lib.php");
6
7 require_variable($id); // user id
8 require_variable($course); // course id
9
10 if (! $user = get_record("user", "id", $id)) {
11 error("User ID was incorrect");
12 }
13
14 if (! $course = get_record("course", "id", $course)) {
0087d8a6 15 error("Course ID was incorrect");
f9903ed0 16 }
17
18 require_login($course->id);
19
a3447e10 20 if ($USER->id <> $user->id and !isadmin()) {
f9903ed0 21 error("You can only edit your own information");
22 }
23
603d4c72 24 if (isguest()) {
25 error("The guest user cannot edit their profile.");
26 }
27
a3447e10 28 if (isguest($user->id)) {
29 error("Sorry, the guest user cannot be edited.");
30 }
31
f9903ed0 32
33/// If data submitted, then process and store.
34
35 if (match_referer() && isset($HTTP_POST_VARS)) {
36
37 $usernew = (object)$HTTP_POST_VARS;
38
a3447e10 39 $usernew->firstname = strip_tags($usernew->firstname);
40 $usernew->lastname = strip_tags($usernew->lastname);
41
42 if (find_form_errors($user, $usernew, $err) ) {
43 $user = $usernew;
44
45 } else {
f9903ed0 46 $timenow = time();
47
8223d271 48 if ($filename = valid_uploaded_file($imagefile)) {
49 $imageinfo = GetImageSize($filename);
f9903ed0 50 $image->width = $imageinfo[0];
51 $image->height = $imageinfo[1];
52 $image->type = $imageinfo[2];
53
54 switch ($image->type) {
8223d271 55 case 2: $im = ImageCreateFromJPEG($filename); break;
56 case 3: $im = ImageCreateFromPNG($filename); break;
f9903ed0 57 default: error("Image must be in JPG or PNG format");
58 }
22f4320b 59 if (function_exists("ImageCreateTrueColor") and $CFG->gdversion >= 2) {
f9903ed0 60 $im1 = ImageCreateTrueColor(100,100);
61 $im2 = ImageCreateTrueColor(35,35);
62 } else {
63 $im1 = ImageCreate(100,100);
64 $im2 = ImageCreate(35,35);
65 }
66
67 $cx = $image->width / 2;
68 $cy = $image->height / 2;
69
70 if ($image->width < $image->height) {
71 $half = floor($image->width / 2.0);
72 } else {
73 $half = floor($image->height / 2.0);
74 }
75
76 if (!file_exists("$CFG->dataroot/users")) {
54bdcdbe 77 if (! mkdir("$CFG->dataroot/users", 0777)) {
78 $badpermissions = true;
79 }
f9903ed0 80 }
a3447e10 81 if (!file_exists("$CFG->dataroot/users/$user->id")) {
82 if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) {
54bdcdbe 83 $badpermissions = true;
84 }
f9903ed0 85 }
86
54bdcdbe 87 if ($badpermissions) {
88 $usernew->picture = "0";
89
90 } else {
91 ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half*2, $half*2);
92 ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half*2, $half*2);
f9903ed0 93
54bdcdbe 94 // Draw borders over the top.
95 $black1 = ImageColorAllocate ($im1, 0, 0, 0);
96 $black2 = ImageColorAllocate ($im2, 0, 0, 0);
97 ImageLine ($im1, 0, 0, 0, 99, $black1);
98 ImageLine ($im1, 0, 99, 99, 99, $black1);
99 ImageLine ($im1, 99, 99, 99, 0, $black1);
100 ImageLine ($im1, 99, 0, 0, 0, $black1);
101 ImageLine ($im2, 0, 0, 0, 34, $black2);
102 ImageLine ($im2, 0, 34, 34, 34, $black2);
103 ImageLine ($im2, 34, 34, 34, 0, $black2);
104 ImageLine ($im2, 34, 0, 0, 0, $black2);
105
a3447e10 106 ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90);
107 ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95);
54bdcdbe 108 $usernew->picture = "1";
109 }
f9903ed0 110 } else {
111 $usernew->picture = $user->picture;
112 }
113
114 $usernew->timemodified = time();
115
a3447e10 116 if (isadmin()) {
117 if ($usernew->newpassword) {
118 $usernew->password = md5($usernew->newpassword);
119 }
120 } else {
121 if (isset($usernew->newpassword)) {
122 error("You can not change the password like that");
123 }
124 }
ef9955b0 125 if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) {
126 $usernew->url = "http://".$usernew->url;
127 }
873960de 128
f9903ed0 129 if (update_record("user", $usernew)) {
253ae7db 130 add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
873960de 131
a3447e10 132 if ($user->id == $USER->id) {
133 // Copy data into $USER session variable
134 $usernew = (array)$usernew;
135 foreach ($usernew as $variable => $value) {
136 $USER->$variable = $value;
137 }
138 save_session("USER");
139 redirect("view.php?id=$user->id&course=$course->id", "Changes saved");
140 } else {
141 redirect("../admin/user.php", "Changes saved");
873960de 142 }
f9903ed0 143 } else {
144 error("Could not update the user record ($user->id)");
145 }
146 }
147 }
148
149/// Otherwise fill and print the form.
150
8553b700 151 $editmyprofile = get_string("editmyprofile");
152 $participants = get_string("participants");
153
7cbb4c96 154 if ($user->firstname and $user->lastname) {
155 $userfullname = "$user->firstname $user->lastname";
156 if ($course->category) {
157 print_header("$course->fullname: $editmyprofile", "$course->fullname: $editmyprofile",
158 "<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A>
159 -> <A HREF=\"index.php?id=$course->id\">$participants</A>
160 -> <A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>
161 -> $editmyprofile", "");
162 } else {
163 print_header("$course->fullname: $editmyprofile", "$course->fullname",
164 "<A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A>
165 -> $editmyprofile", "");
166 }
f9903ed0 167 } else {
7cbb4c96 168 $userfullname = get_string("newuser");
169 $straddnewuser = get_string("addnewuser");
170
171 $stradministration = get_string("administration");
0087d8a6 172 print_header("$course->fullname: $editmyprofile", "$course->fullname",
7cbb4c96 173 "<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> ->
174 $straddnewuser", "");
f9903ed0 175 }
176
bda8d43a 177 $teacher = strtolower($course->teacher);
a3447e10 178 if (!isadmin()) {
179 $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
180 }
bda8d43a 181
7cbb4c96 182 print_heading( get_string("userprofilefor", "", "$userfullname") );
4d0dde91 183 print_simple_box_start("center", "", "$THEME->cellheading");
f9903ed0 184 include("edit.html");
185 print_simple_box_end();
f9903ed0 186 print_footer($course);
187
188
189
190
191/// FUNCTIONS ////////////////////
192
193function find_form_errors(&$user, &$usernew, &$err) {
194
a3447e10 195 if (isadmin()) {
2b25f2a0 196 if (empty($usernew->username)) {
a3447e10 197 $err["username"] = get_string("missingusername");
198
2b25f2a0 199 } else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") {
200 $err["username"] = get_string("usernameexists");
201
202 } else {
203 $string = eregi_replace("[^([:alnum:])]", "", $user->username);
204 if (strcmp($user->username, $string))
205 $err["username"] = get_string("alphanumerical");
206 }
207
a3447e10 208 if (empty($usernew->newpassword) and empty($user->password))
209 $err["newpassword"] = get_string("missingpassword");
e98e0915 210
09ba0c8a 211 if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) {
e98e0915 212 $err["newpassword"] = get_string("unsafepassword");
09ba0c8a 213 }
a3447e10 214 }
215
f9903ed0 216 if (empty($usernew->email))
8553b700 217 $err["email"] = get_string("missingemail");
f9903ed0 218
a3447e10 219 if (empty($usernew->description))
220 $err["description"] = get_string("missingdescription");
221
bda8d43a 222 if (empty($usernew->city))
8553b700 223 $err["city"] = get_string("missingcity");
bda8d43a 224
9c055aa5 225 if (empty($usernew->firstname))
226 $err["firstname"] = get_string("missingfirstname");
227
228 if (empty($usernew->lastname))
229 $err["lastname"] = get_string("missinglastname");
230
bda8d43a 231 if (empty($usernew->country))
8553b700 232 $err["country"] = get_string("missingcountry");
bda8d43a 233
a3447e10 234 if (! validate_email($usernew->email))
8553b700 235 $err["email"] = get_string("invalidemail");
f9903ed0 236
237 else if ($otheruser = get_record("user", "email", $usernew->email)) {
238 if ($otheruser->id <> $user->id) {
8553b700 239 $err["email"] = get_string("emailexists");
f9903ed0 240 }
241 }
242
243 $user->email = $usernew->email;
244
245 return count($err);
246}
247
248
249?>