f9903ed0 |
1 | <?PHP // $Id$ |
2 | |
3 | require("../config.php"); |
bda8d43a |
4 | require("../lib/countries.php"); |
f9903ed0 |
5 | require("lib.php"); |
6 | |
7 | require_variable($id); // user id |
8 | require_variable($course); // course id |
9 | |
10 | if (! $user = get_record("user", "id", $id)) { |
11 | error("User ID was incorrect"); |
12 | } |
13 | |
14 | if (! $course = get_record("course", "id", $course)) { |
0087d8a6 |
15 | error("Course ID was incorrect"); |
f9903ed0 |
16 | } |
17 | |
18 | require_login($course->id); |
19 | |
a3447e10 |
20 | if ($USER->id <> $user->id and !isadmin()) { |
f9903ed0 |
21 | error("You can only edit your own information"); |
22 | } |
23 | |
603d4c72 |
24 | if (isguest()) { |
25 | error("The guest user cannot edit their profile."); |
26 | } |
27 | |
a3447e10 |
28 | if (isguest($user->id)) { |
29 | error("Sorry, the guest user cannot be edited."); |
30 | } |
31 | |
f9903ed0 |
32 | |
33 | /// If data submitted, then process and store. |
34 | |
35 | if (match_referer() && isset($HTTP_POST_VARS)) { |
36 | |
37 | $usernew = (object)$HTTP_POST_VARS; |
38 | |
a3447e10 |
39 | $usernew->firstname = strip_tags($usernew->firstname); |
40 | $usernew->lastname = strip_tags($usernew->lastname); |
41 | |
42 | if (find_form_errors($user, $usernew, $err) ) { |
43 | $user = $usernew; |
44 | |
45 | } else { |
f9903ed0 |
46 | $timenow = time(); |
47 | |
8223d271 |
48 | if ($filename = valid_uploaded_file($imagefile)) { |
49 | $imageinfo = GetImageSize($filename); |
f9903ed0 |
50 | $image->width = $imageinfo[0]; |
51 | $image->height = $imageinfo[1]; |
52 | $image->type = $imageinfo[2]; |
53 | |
54 | switch ($image->type) { |
8223d271 |
55 | case 2: $im = ImageCreateFromJPEG($filename); break; |
56 | case 3: $im = ImageCreateFromPNG($filename); break; |
f9903ed0 |
57 | default: error("Image must be in JPG or PNG format"); |
58 | } |
22f4320b |
59 | if (function_exists("ImageCreateTrueColor") and $CFG->gdversion >= 2) { |
f9903ed0 |
60 | $im1 = ImageCreateTrueColor(100,100); |
61 | $im2 = ImageCreateTrueColor(35,35); |
62 | } else { |
63 | $im1 = ImageCreate(100,100); |
64 | $im2 = ImageCreate(35,35); |
65 | } |
66 | |
67 | $cx = $image->width / 2; |
68 | $cy = $image->height / 2; |
69 | |
70 | if ($image->width < $image->height) { |
71 | $half = floor($image->width / 2.0); |
72 | } else { |
73 | $half = floor($image->height / 2.0); |
74 | } |
75 | |
76 | if (!file_exists("$CFG->dataroot/users")) { |
54bdcdbe |
77 | if (! mkdir("$CFG->dataroot/users", 0777)) { |
78 | $badpermissions = true; |
79 | } |
f9903ed0 |
80 | } |
a3447e10 |
81 | if (!file_exists("$CFG->dataroot/users/$user->id")) { |
82 | if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) { |
54bdcdbe |
83 | $badpermissions = true; |
84 | } |
f9903ed0 |
85 | } |
86 | |
54bdcdbe |
87 | if ($badpermissions) { |
88 | $usernew->picture = "0"; |
89 | |
90 | } else { |
91 | ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half*2, $half*2); |
92 | ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half*2, $half*2); |
f9903ed0 |
93 | |
54bdcdbe |
94 | // Draw borders over the top. |
95 | $black1 = ImageColorAllocate ($im1, 0, 0, 0); |
96 | $black2 = ImageColorAllocate ($im2, 0, 0, 0); |
97 | ImageLine ($im1, 0, 0, 0, 99, $black1); |
98 | ImageLine ($im1, 0, 99, 99, 99, $black1); |
99 | ImageLine ($im1, 99, 99, 99, 0, $black1); |
100 | ImageLine ($im1, 99, 0, 0, 0, $black1); |
101 | ImageLine ($im2, 0, 0, 0, 34, $black2); |
102 | ImageLine ($im2, 0, 34, 34, 34, $black2); |
103 | ImageLine ($im2, 34, 34, 34, 0, $black2); |
104 | ImageLine ($im2, 34, 0, 0, 0, $black2); |
105 | |
a3447e10 |
106 | ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90); |
107 | ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95); |
54bdcdbe |
108 | $usernew->picture = "1"; |
109 | } |
f9903ed0 |
110 | } else { |
111 | $usernew->picture = $user->picture; |
112 | } |
113 | |
114 | $usernew->timemodified = time(); |
115 | |
a3447e10 |
116 | if (isadmin()) { |
117 | if ($usernew->newpassword) { |
118 | $usernew->password = md5($usernew->newpassword); |
119 | } |
120 | } else { |
121 | if (isset($usernew->newpassword)) { |
122 | error("You can not change the password like that"); |
123 | } |
124 | } |
ef9955b0 |
125 | if ($usernew->url and !(substr($usernew->url, 0, 4) == "http")) { |
126 | $usernew->url = "http://".$usernew->url; |
127 | } |
873960de |
128 | |
f9903ed0 |
129 | if (update_record("user", $usernew)) { |
253ae7db |
130 | add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", ""); |
873960de |
131 | |
a3447e10 |
132 | if ($user->id == $USER->id) { |
133 | // Copy data into $USER session variable |
134 | $usernew = (array)$usernew; |
135 | foreach ($usernew as $variable => $value) { |
136 | $USER->$variable = $value; |
137 | } |
138 | save_session("USER"); |
139 | redirect("view.php?id=$user->id&course=$course->id", "Changes saved"); |
140 | } else { |
141 | redirect("../admin/user.php", "Changes saved"); |
873960de |
142 | } |
f9903ed0 |
143 | } else { |
144 | error("Could not update the user record ($user->id)"); |
145 | } |
146 | } |
147 | } |
148 | |
149 | /// Otherwise fill and print the form. |
150 | |
8553b700 |
151 | $editmyprofile = get_string("editmyprofile"); |
152 | $participants = get_string("participants"); |
153 | |
7cbb4c96 |
154 | if ($user->firstname and $user->lastname) { |
155 | $userfullname = "$user->firstname $user->lastname"; |
156 | if ($course->category) { |
157 | print_header("$course->fullname: $editmyprofile", "$course->fullname: $editmyprofile", |
158 | "<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A> |
159 | -> <A HREF=\"index.php?id=$course->id\">$participants</A> |
160 | -> <A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A> |
161 | -> $editmyprofile", ""); |
162 | } else { |
163 | print_header("$course->fullname: $editmyprofile", "$course->fullname", |
164 | "<A HREF=\"view.php?id=$user->id&course=$course->id\">$userfullname</A> |
165 | -> $editmyprofile", ""); |
166 | } |
f9903ed0 |
167 | } else { |
7cbb4c96 |
168 | $userfullname = get_string("newuser"); |
169 | $straddnewuser = get_string("addnewuser"); |
170 | |
171 | $stradministration = get_string("administration"); |
0087d8a6 |
172 | print_header("$course->fullname: $editmyprofile", "$course->fullname", |
7cbb4c96 |
173 | "<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> -> |
174 | $straddnewuser", ""); |
f9903ed0 |
175 | } |
176 | |
bda8d43a |
177 | $teacher = strtolower($course->teacher); |
a3447e10 |
178 | if (!isadmin()) { |
179 | $teacheronly = "(".get_string("teacheronly", "", $teacher).")"; |
180 | } |
bda8d43a |
181 | |
7cbb4c96 |
182 | print_heading( get_string("userprofilefor", "", "$userfullname") ); |
4d0dde91 |
183 | print_simple_box_start("center", "", "$THEME->cellheading"); |
f9903ed0 |
184 | include("edit.html"); |
185 | print_simple_box_end(); |
f9903ed0 |
186 | print_footer($course); |
187 | |
188 | |
189 | |
190 | |
191 | /// FUNCTIONS //////////////////// |
192 | |
193 | function find_form_errors(&$user, &$usernew, &$err) { |
194 | |
a3447e10 |
195 | if (isadmin()) { |
2b25f2a0 |
196 | if (empty($usernew->username)) { |
a3447e10 |
197 | $err["username"] = get_string("missingusername"); |
198 | |
2b25f2a0 |
199 | } else if (record_exists("user", "username", $usernew->username) and $user->username == "changeme") { |
200 | $err["username"] = get_string("usernameexists"); |
201 | |
202 | } else { |
203 | $string = eregi_replace("[^([:alnum:])]", "", $user->username); |
204 | if (strcmp($user->username, $string)) |
205 | $err["username"] = get_string("alphanumerical"); |
206 | } |
207 | |
a3447e10 |
208 | if (empty($usernew->newpassword) and empty($user->password)) |
209 | $err["newpassword"] = get_string("missingpassword"); |
e98e0915 |
210 | |
09ba0c8a |
211 | if (($usernew->newpassword == "admin") or ($user->password == md5("admin") and empty($usernew->newpassword)) ) { |
e98e0915 |
212 | $err["newpassword"] = get_string("unsafepassword"); |
09ba0c8a |
213 | } |
a3447e10 |
214 | } |
215 | |
f9903ed0 |
216 | if (empty($usernew->email)) |
8553b700 |
217 | $err["email"] = get_string("missingemail"); |
f9903ed0 |
218 | |
a3447e10 |
219 | if (empty($usernew->description)) |
220 | $err["description"] = get_string("missingdescription"); |
221 | |
bda8d43a |
222 | if (empty($usernew->city)) |
8553b700 |
223 | $err["city"] = get_string("missingcity"); |
bda8d43a |
224 | |
9c055aa5 |
225 | if (empty($usernew->firstname)) |
226 | $err["firstname"] = get_string("missingfirstname"); |
227 | |
228 | if (empty($usernew->lastname)) |
229 | $err["lastname"] = get_string("missinglastname"); |
230 | |
bda8d43a |
231 | if (empty($usernew->country)) |
8553b700 |
232 | $err["country"] = get_string("missingcountry"); |
bda8d43a |
233 | |
a3447e10 |
234 | if (! validate_email($usernew->email)) |
8553b700 |
235 | $err["email"] = get_string("invalidemail"); |
f9903ed0 |
236 | |
237 | else if ($otheruser = get_record("user", "email", $usernew->email)) { |
238 | if ($otheruser->id <> $user->id) { |
8553b700 |
239 | $err["email"] = get_string("emailexists"); |
f9903ed0 |
240 | } |
241 | } |
242 | |
243 | $user->email = $usernew->email; |
244 | |
245 | return count($err); |
246 | } |
247 | |
248 | |
249 | ?> |