MDL-32787 user: rule required for custom profile fields applies to all users editing...
[moodle.git] / user / editadvanced.php
CommitLineData
ce221eb5 1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * Allows you to edit a users profile
20 *
21 * @copyright 1999 Martin Dougiamas http://dougiamas.com
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 * @package user
24 */
25
26require_once('../config.php');
27require_once($CFG->libdir.'/gdlib.php');
28require_once($CFG->libdir.'/adminlib.php');
29require_once($CFG->dirroot.'/user/editadvanced_form.php');
30require_once($CFG->dirroot.'/user/editlib.php');
31require_once($CFG->dirroot.'/user/profile/lib.php');
ce221eb5 32
17c70aa0
PS
33//HTTPS is required in this page when $CFG->loginhttps enabled
34$PAGE->https_required();
ce221eb5 35
36$id = optional_param('id', $USER->id, PARAM_INT); // user id; -1 if creating new user
37$course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
38
17c70aa0 39$PAGE->set_url('/user/editadvanced.php', array('course'=>$course, 'id'=>$id));
ce221eb5 40
3406acde
SH
41$course = $DB->get_record('course', array('id'=>$course), '*', MUST_EXIST);
42
ce221eb5 43if (!empty($USER->newadminuser)) {
44 $PAGE->set_course($SITE);
78946b9b 45 $PAGE->set_pagelayout('maintenance');
ce221eb5 46} else {
47 require_login($course);
3406acde 48 $PAGE->set_pagelayout('admin');
ce221eb5 49}
50
51if ($course->id == SITEID) {
52 $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
53} else {
54 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context
55}
56$systemcontext = get_context_instance(CONTEXT_SYSTEM);
57
58if ($id == -1) {
59 // creating new user
bf718f50 60 $user = new stdClass();
ce221eb5 61 $user->id = -1;
6b8ad965 62 $user->auth = 'manual';
ce221eb5 63 $user->confirmed = 1;
64 $user->deleted = 0;
3406acde
SH
65 require_capability('moodle/user:create', $systemcontext);
66 admin_externalpage_setup('addnewuser', '', array('id' => -1));
ce221eb5 67} else {
68 // editing existing user
69 require_capability('moodle/user:update', $systemcontext);
3406acde
SH
70 $user = $DB->get_record('user', array('id'=>$id), '*', MUST_EXIST);
71 $PAGE->set_context(get_context_instance(CONTEXT_USER, $user->id));
5ac851fb
SH
72 if ($user->id == $USER->id) {
73 if ($course->id != SITEID && $node = $PAGE->navigation->find($course->id, navigation_node::TYPE_COURSE)) {
74 $node->make_active();
75 $PAGE->navbar->includesettingsbase = true;
76 }
77 } else {
78 $PAGE->navigation->extend_for_user($user);
79 }
ce221eb5 80}
ad6226fb 81
ce221eb5 82// remote users cannot be edited
83if ($user->id != -1 and is_mnet_remote_user($user)) {
84 redirect($CFG->wwwroot . "/user/view.php?id=$id&course={$course->id}");
85}
ad6226fb 86
4f622c38
PS
87if ($user->id != $USER->id and is_siteadmin($user) and !is_siteadmin($USER)) { // Only admins may edit other admins
88 print_error('useradmineditadmin');
ce221eb5 89}
ad6226fb 90
ce221eb5 91if (isguestuser($user->id)) { // the real guest user can not be edited
92 print_error('guestnoeditprofileother');
93}
ad6226fb 94
ce221eb5 95if ($user->deleted) {
96 echo $OUTPUT->header();
97 echo $OUTPUT->heading(get_string('userdeleted'));
98 echo $OUTPUT->footer();
99 die;
100}
101
ce221eb5 102//load user preferences
103useredit_load_preferences($user);
104
105//Load custom profile fields data
106profile_load_data($user);
107
108//User interests
109if (!empty($CFG->usetags)) {
110 require_once($CFG->dirroot.'/tag/lib.php');
111 $user->interests = tag_get_tags_array('user', $id);
112}
113
8bdc9cac 114if ($user->id !== -1) {
4f0c2d00 115 $usercontext = get_context_instance(CONTEXT_USER, $user->id);
e9de1cf4
RT
116 $editoroptions = array(
117 'maxfiles' => EDITOR_UNLIMITED_FILES,
118 'maxbytes' => $CFG->maxbytes,
119 'trusttext' => false,
120 'forcehttps' => false,
121 'context' => $usercontext
122 );
123
64f93798 124 $user = file_prepare_standard_editor($user, 'description', $editoroptions, $usercontext, 'user', 'profile', 0);
8bdc9cac 125} else {
4f0c2d00 126 $usercontext = null;
8bdc9cac 127 // This is a new user, we don't want to add files here
dedb69a2
RT
128 $editoroptions = array(
129 'maxfiles'=>0,
130 'maxbytes'=>0,
131 'trusttext'=>false,
132 'forcehttps'=>false,
133 'context' => $coursecontext
134 );
8bdc9cac
SH
135}
136
4e782b32
RT
137// Prepare filemanager draft area.
138$draftitemid = 0;
139$filemanagercontext = $editoroptions['context'];
140$filemanageroptions = array('maxbytes' => $CFG->maxbytes,
141 'subdirs' => 0,
142 'maxfiles' => 1,
143 'accepted_types' => 'web_image');
144file_prepare_draft_area($draftitemid, $filemanagercontext->id, 'user', 'newicon', 0, $filemanageroptions);
145$user->imagefile = $draftitemid;
ce221eb5 146//create form
4e782b32
RT
147$userform = new user_editadvanced_form(null, array(
148 'editoroptions' => $editoroptions,
28f23328
RT
149 'filemanageroptions' => $filemanageroptions,
150 'userid' => $user->id));
ce221eb5 151$userform->set_data($user);
152
153if ($usernew = $userform->get_data()) {
ce221eb5 154
155 if (empty($usernew->auth)) {
156 //user editing self
157 $authplugin = get_auth_plugin($user->auth);
158 unset($usernew->auth); //can not change/remove
159 } else {
160 $authplugin = get_auth_plugin($usernew->auth);
1e1c51a3 161 }
6b8ad965
PS
162
163 $usernew->timemodified = time();
ad6226fb 164
ce221eb5 165 if ($usernew->id == -1) {
166 //TODO check out if it makes sense to create account with this auth plugin and what to do with the password
167 unset($usernew->id);
64f93798 168 $usernew = file_postupdate_standard_editor($usernew, 'description', $editoroptions, null, 'user', 'profile', null);
ce221eb5 169 $usernew->mnethostid = $CFG->mnet_localhost_id; // always local user
d3d393ab
RW
170 $usernew->confirmed = 1;
171 $usernew->timecreated = time();
6b8ad965 172 $usernew->password = hash_internal_user_password($usernew->newpassword);
ce221eb5 173 $usernew->id = $DB->insert_record('user', $usernew);
174 $usercreated = true;
44ef537d 175 add_to_log($course->id, 'user', 'add', "view.php?id=$usernew->id&course=$course->id", '');
ad6226fb 176
ce221eb5 177 } else {
64f93798 178 $usernew = file_postupdate_standard_editor($usernew, 'description', $editoroptions, $usercontext, 'user', 'profile', 0);
ce221eb5 179 $DB->update_record('user', $usernew);
180 // pass a true $userold here
181 if (! $authplugin->user_update($user, $userform->get_data())) {
182 // auth update failed, rollback for moodle
183 $DB->update_record('user', $user);
184 print_error('cannotupdateuseronexauth', '', '', $user->auth);
d8734783 185 }
44ef537d 186 add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", '');
ad6226fb 187
ce221eb5 188 //set new password if specified
189 if (!empty($usernew->newpassword)) {
190 if ($authplugin->can_change_password()) {
191 if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
192 print_error('cannotupdatepasswordonextauth', '', '', $usernew->auth);
ad6226fb 193 }
8bdb31ed 194 unset_user_preference('create_password', $usernew); // prevent cron from generating the password
ad6226fb 195 }
196 }
4ad72c28
PS
197
198 // force logout if user just suspended
199 if (isset($usernew->suspended) and $usernew->suspended and !$user->suspended) {
200 session_kill_user($user->id);
201 }
202
ce221eb5 203 $usercreated = false;
204 }
ad6226fb 205
ce221eb5 206 $usercontext = get_context_instance(CONTEXT_USER, $usernew->id);
98bc6446 207
ce221eb5 208 //update preferences
209 useredit_update_user_preference($usernew);
ad6226fb 210
ce221eb5 211 // update tags
de2d81fa 212 if (!empty($CFG->usetags) and empty($USER->newadminuser)) {
ce221eb5 213 useredit_update_interests($usernew, $usernew->interests);
214 }
1e1c51a3 215
ce221eb5 216 //update user picture
de2d81fa 217 if (!empty($CFG->gdversion) and empty($USER->newadminuser)) {
4e782b32 218 useredit_update_picture($usernew, $userform, $filemanageroptions);
ce221eb5 219 }
ad6226fb 220
ce221eb5 221 // update mail bounces
222 useredit_update_bounces($user, $usernew);
ad6226fb 223
ce221eb5 224 // update forum track preference
225 useredit_update_trackforums($user, $usernew);
ad6226fb 226
ce221eb5 227 // save custom profile fields data
228 profile_save_data($usernew);
ad6226fb 229
ce221eb5 230 // reload from db
231 $usernew = $DB->get_record('user', array('id'=>$usernew->id));
5e61d1a4 232
ce221eb5 233 // trigger events
234 if ($usercreated) {
ce221eb5 235 events_trigger('user_created', $usernew);
236 } else {
237 events_trigger('user_updated', $usernew);
238 }
2942a5cd 239
ce221eb5 240 if ($user->id == $USER->id) {
241 // Override old $USER session variable
242 foreach ((array)$usernew as $variable => $value) {
243 $USER->$variable = $value;
244 }
a1248ca4
PS
245 // preload custom fields
246 profile_load_custom_fields($USER);
247
ce221eb5 248 if (!empty($USER->newadminuser)) {
249 unset($USER->newadminuser);
250 // apply defaults again - some of them might depend on admin user info, backup, roles, etc.
251 admin_apply_default_settings(NULL , false);
252 // redirect to admin/ to continue with installation
253 redirect("$CFG->wwwroot/$CFG->admin/");
afb5b0ae 254 } else {
ce221eb5 255 redirect("$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id");
ad6226fb 256 }
ce221eb5 257 } else {
6b8ad965 258 session_gc(); // remove stale sessions
ce221eb5 259 redirect("$CFG->wwwroot/$CFG->admin/user.php");
ad6226fb 260 }
ce221eb5 261 //never reached
262}
ad6226fb 263
17c70aa0
PS
264// make sure we really are on the https page when https login required
265$PAGE->verify_https_required();
266
ad6226fb 267
268/// Display page header
ce221eb5 269if ($user->id == -1 or ($user->id != $USER->id)) {
270 if ($user->id == -1) {
61ef8f9f 271 echo $OUTPUT->header();
ad6226fb 272 } else {
8cb89f5b 273 $PAGE->set_heading($SITE->fullname);
61ef8f9f 274 echo $OUTPUT->header();
ce221eb5 275 $userfullname = fullname($user, true);
276 echo $OUTPUT->heading($userfullname);
277 }
278} else if (!empty($USER->newadminuser)) {
279 $strinstallation = get_string('installation', 'install');
280 $strprimaryadminsetup = get_string('primaryadminsetup');
281
282 $PAGE->navbar->add($strprimaryadminsetup);
283 $PAGE->set_title($strinstallation);
284 $PAGE->set_heading($strinstallation);
285 $PAGE->set_cacheable(false);
286
287 echo $OUTPUT->header();
288 echo $OUTPUT->box(get_string('configintroadmin', 'admin'), 'generalbox boxwidthnormal boxaligncenter');
289 echo '<br />';
290} else {
291 $streditmyprofile = get_string('editmyprofile');
292 $strparticipants = get_string('participants');
293 $strnewuser = get_string('newuser');
294 $userfullname = fullname($user, true);
295
ce221eb5 296 $PAGE->set_title("$course->shortname: $streditmyprofile");
297 $PAGE->set_heading($course->fullname);
298
299 echo $OUTPUT->header();
03d9401e 300 echo $OUTPUT->heading($userfullname);
ce221eb5 301}
ad6226fb 302
303/// Finally display THE form
ce221eb5 304$userform->display();
ad6226fb 305
306/// and proper footer
ce221eb5 307echo $OUTPUT->footer();
ad6226fb 308