MDL-16723 if $CFG->loginhttps redirect to https login page is somebody goes to http...
[moodle.git] / user / editadvanced.php
CommitLineData
ce221eb5 1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * Allows you to edit a users profile
20 *
21 * @copyright 1999 Martin Dougiamas http://dougiamas.com
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 * @package user
24 */
25
26require_once('../config.php');
27require_once($CFG->libdir.'/gdlib.php');
28require_once($CFG->libdir.'/adminlib.php');
29require_once($CFG->dirroot.'/user/editadvanced_form.php');
30require_once($CFG->dirroot.'/user/editlib.php');
31require_once($CFG->dirroot.'/user/profile/lib.php');
ce221eb5 32
33httpsrequired();
34
35$id = optional_param('id', $USER->id, PARAM_INT); // user id; -1 if creating new user
36$course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
37
a6855934 38$url = new moodle_url('/user/editadvanced.php', array('course'=>$course));
ce221eb5 39if ($id !== $USER->id) {
40 $url->param('id', $id);
41}
42$PAGE->set_url($url);
43
3406acde
SH
44$course = $DB->get_record('course', array('id'=>$course), '*', MUST_EXIST);
45
ce221eb5 46if (!empty($USER->newadminuser)) {
47 $PAGE->set_course($SITE);
78946b9b 48 $PAGE->set_pagelayout('maintenance');
ce221eb5 49} else {
50 require_login($course);
3406acde 51 $PAGE->set_pagelayout('admin');
ce221eb5 52}
53
54if ($course->id == SITEID) {
55 $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
56} else {
57 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context
58}
59$systemcontext = get_context_instance(CONTEXT_SYSTEM);
60
61if ($id == -1) {
62 // creating new user
bf718f50 63 $user = new stdClass();
ce221eb5 64 $user->id = -1;
6b8ad965 65 $user->auth = 'manual';
ce221eb5 66 $user->confirmed = 1;
67 $user->deleted = 0;
3406acde
SH
68 require_capability('moodle/user:create', $systemcontext);
69 admin_externalpage_setup('addnewuser', '', array('id' => -1));
ce221eb5 70} else {
71 // editing existing user
72 require_capability('moodle/user:update', $systemcontext);
3406acde
SH
73 $user = $DB->get_record('user', array('id'=>$id), '*', MUST_EXIST);
74 $PAGE->set_context(get_context_instance(CONTEXT_USER, $user->id));
5ac851fb
SH
75 if ($user->id == $USER->id) {
76 if ($course->id != SITEID && $node = $PAGE->navigation->find($course->id, navigation_node::TYPE_COURSE)) {
77 $node->make_active();
78 $PAGE->navbar->includesettingsbase = true;
79 }
80 } else {
81 $PAGE->navigation->extend_for_user($user);
82 }
ce221eb5 83}
ad6226fb 84
ce221eb5 85// remote users cannot be edited
86if ($user->id != -1 and is_mnet_remote_user($user)) {
87 redirect($CFG->wwwroot . "/user/view.php?id=$id&course={$course->id}");
88}
ad6226fb 89
4f622c38
PS
90if ($user->id != $USER->id and is_siteadmin($user) and !is_siteadmin($USER)) { // Only admins may edit other admins
91 print_error('useradmineditadmin');
ce221eb5 92}
ad6226fb 93
ce221eb5 94if (isguestuser($user->id)) { // the real guest user can not be edited
95 print_error('guestnoeditprofileother');
96}
ad6226fb 97
ce221eb5 98if ($user->deleted) {
99 echo $OUTPUT->header();
100 echo $OUTPUT->heading(get_string('userdeleted'));
101 echo $OUTPUT->footer();
102 die;
103}
104
ce221eb5 105//load user preferences
106useredit_load_preferences($user);
107
108//Load custom profile fields data
109profile_load_data($user);
110
111//User interests
112if (!empty($CFG->usetags)) {
113 require_once($CFG->dirroot.'/tag/lib.php');
114 $user->interests = tag_get_tags_array('user', $id);
115}
116
8bdc9cac 117if ($user->id !== -1) {
4f0c2d00 118 $usercontext = get_context_instance(CONTEXT_USER, $user->id);
8bdc9cac 119 $editoroptions = array('maxfiles'=>EDITOR_UNLIMITED_FILES, 'maxbytes'=>$CFG->maxbytes, 'trusttext'=>false, 'forcehttps'=>false);
64f93798 120 $user = file_prepare_standard_editor($user, 'description', $editoroptions, $usercontext, 'user', 'profile', 0);
8bdc9cac 121} else {
4f0c2d00 122 $usercontext = null;
8bdc9cac
SH
123 // This is a new user, we don't want to add files here
124 $editoroptions = array('maxfiles'=>0, 'maxbytes'=>0, 'trusttext'=>false, 'forcehttps'=>false);
125}
126
ce221eb5 127//create form
8bdc9cac 128$userform = new user_editadvanced_form(null, array('editoroptions'=>$editoroptions));
ce221eb5 129$userform->set_data($user);
130
131if ($usernew = $userform->get_data()) {
132 add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", '');
133
134 if (empty($usernew->auth)) {
135 //user editing self
136 $authplugin = get_auth_plugin($user->auth);
137 unset($usernew->auth); //can not change/remove
138 } else {
139 $authplugin = get_auth_plugin($usernew->auth);
1e1c51a3 140 }
6b8ad965
PS
141
142 $usernew->timemodified = time();
ad6226fb 143
ce221eb5 144 if ($usernew->id == -1) {
145 //TODO check out if it makes sense to create account with this auth plugin and what to do with the password
146 unset($usernew->id);
64f93798 147 $usernew = file_postupdate_standard_editor($usernew, 'description', $editoroptions, null, 'user', 'profile', null);
ce221eb5 148 $usernew->mnethostid = $CFG->mnet_localhost_id; // always local user
d3d393ab
RW
149 $usernew->confirmed = 1;
150 $usernew->timecreated = time();
6b8ad965 151 $usernew->password = hash_internal_user_password($usernew->newpassword);
ce221eb5 152 $usernew->id = $DB->insert_record('user', $usernew);
153 $usercreated = true;
ad6226fb 154
ce221eb5 155 } else {
64f93798 156 $usernew = file_postupdate_standard_editor($usernew, 'description', $editoroptions, $usercontext, 'user', 'profile', 0);
ce221eb5 157 $DB->update_record('user', $usernew);
158 // pass a true $userold here
159 if (! $authplugin->user_update($user, $userform->get_data())) {
160 // auth update failed, rollback for moodle
161 $DB->update_record('user', $user);
162 print_error('cannotupdateuseronexauth', '', '', $user->auth);
d8734783 163 }
ad6226fb 164
ce221eb5 165 //set new password if specified
166 if (!empty($usernew->newpassword)) {
167 if ($authplugin->can_change_password()) {
168 if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
169 print_error('cannotupdatepasswordonextauth', '', '', $usernew->auth);
ad6226fb 170 }
171 }
172 }
ce221eb5 173 $usercreated = false;
174 }
ad6226fb 175
ce221eb5 176 $usercontext = get_context_instance(CONTEXT_USER, $usernew->id);
98bc6446 177
ce221eb5 178 //update preferences
179 useredit_update_user_preference($usernew);
ad6226fb 180
ce221eb5 181 // update tags
182 if (!empty($CFG->usetags)) {
183 useredit_update_interests($usernew, $usernew->interests);
184 }
1e1c51a3 185
ce221eb5 186 //update user picture
187 if (!empty($CFG->gdversion)) {
188 useredit_update_picture($usernew, $userform);
189 }
ad6226fb 190
ce221eb5 191 // update mail bounces
192 useredit_update_bounces($user, $usernew);
ad6226fb 193
ce221eb5 194 // update forum track preference
195 useredit_update_trackforums($user, $usernew);
ad6226fb 196
ce221eb5 197 // save custom profile fields data
198 profile_save_data($usernew);
ad6226fb 199
ce221eb5 200 // reload from db
201 $usernew = $DB->get_record('user', array('id'=>$usernew->id));
5e61d1a4 202
ce221eb5 203 // trigger events
204 if ($usercreated) {
205 //set default message preferences
206 if (!message_set_default_message_preferences( $usernew )){
207 print_error('cannotsavemessageprefs', 'message');
2942a5cd 208 }
ce221eb5 209 events_trigger('user_created', $usernew);
210 } else {
211 events_trigger('user_updated', $usernew);
212 }
2942a5cd 213
ce221eb5 214 if ($user->id == $USER->id) {
215 // Override old $USER session variable
216 foreach ((array)$usernew as $variable => $value) {
217 $USER->$variable = $value;
218 }
a1248ca4
PS
219 // preload custom fields
220 profile_load_custom_fields($USER);
221
ce221eb5 222 if (!empty($USER->newadminuser)) {
223 unset($USER->newadminuser);
224 // apply defaults again - some of them might depend on admin user info, backup, roles, etc.
225 admin_apply_default_settings(NULL , false);
226 // redirect to admin/ to continue with installation
227 redirect("$CFG->wwwroot/$CFG->admin/");
afb5b0ae 228 } else {
ce221eb5 229 redirect("$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id");
ad6226fb 230 }
ce221eb5 231 } else {
6b8ad965 232 session_gc(); // remove stale sessions
ce221eb5 233 redirect("$CFG->wwwroot/$CFG->admin/user.php");
ad6226fb 234 }
ce221eb5 235 //never reached
236}
ad6226fb 237
238
239/// Display page header
ce221eb5 240if ($user->id == -1 or ($user->id != $USER->id)) {
241 if ($user->id == -1) {
61ef8f9f 242 echo $OUTPUT->header();
ad6226fb 243 } else {
8cb89f5b 244 $PAGE->set_heading($SITE->fullname);
61ef8f9f 245 echo $OUTPUT->header();
ce221eb5 246 $userfullname = fullname($user, true);
247 echo $OUTPUT->heading($userfullname);
248 }
249} else if (!empty($USER->newadminuser)) {
250 $strinstallation = get_string('installation', 'install');
251 $strprimaryadminsetup = get_string('primaryadminsetup');
252
253 $PAGE->navbar->add($strprimaryadminsetup);
254 $PAGE->set_title($strinstallation);
255 $PAGE->set_heading($strinstallation);
256 $PAGE->set_cacheable(false);
257
258 echo $OUTPUT->header();
259 echo $OUTPUT->box(get_string('configintroadmin', 'admin'), 'generalbox boxwidthnormal boxaligncenter');
260 echo '<br />';
261} else {
262 $streditmyprofile = get_string('editmyprofile');
263 $strparticipants = get_string('participants');
264 $strnewuser = get_string('newuser');
265 $userfullname = fullname($user, true);
266
ce221eb5 267 $PAGE->set_title("$course->shortname: $streditmyprofile");
268 $PAGE->set_heading($course->fullname);
269
270 echo $OUTPUT->header();
03d9401e 271 echo $OUTPUT->heading($userfullname);
ce221eb5 272}
ad6226fb 273
274/// Finally display THE form
ce221eb5 275$userform->display();
ad6226fb 276
277/// and proper footer
ce221eb5 278echo $OUTPUT->footer();
ad6226fb 279