MDL-32787 user: rule required for custom profile fields applies to all users editing...
[moodle.git] / user / editadvanced_form.php
CommitLineData
aa6c1ced 1<?php
ad6226fb 2
bfebaf64
MD
3if (!defined('MOODLE_INTERNAL')) {
4 die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
5}
6
ad6226fb 7require_once($CFG->dirroot.'/lib/formslib.php');
ad6226fb 8
9class user_editadvanced_form extends moodleform {
10
11 // Define the form
bb6d3d34 12 function definition() {
d8734783 13 global $USER, $CFG, $COURSE;
ad6226fb 14
15 $mform =& $this->_form;
28f23328
RT
16 $editoroptions = null;
17 $filemanageroptions = null;
18 $userid = $USER->id;
19
20 if (is_array($this->_customdata)) {
21 if (array_key_exists('editoroptions', $this->_customdata)) {
22 $editoroptions = $this->_customdata['editoroptions'];
23 }
24 if (array_key_exists('filemanageroptions', $this->_customdata)) {
25 $filemanageroptions = $this->_customdata['filemanageroptions'];
26 }
27 if (array_key_exists('userid', $this->_customdata)) {
28 $userid = $this->_customdata['userid'];
29 }
4e782b32 30 }
8bdc9cac 31
c8149f0f 32 //Accessibility: "Required" is bad legend text.
33 $strgeneral = get_string('general');
ad6226fb 34 $strrequired = get_string('required');
35
36 /// Add some extra hidden fields
37 $mform->addElement('hidden', 'id');
d18e0fe6 38 $mform->setType('id', PARAM_INT);
d8734783 39 $mform->addElement('hidden', 'course', $COURSE->id);
d18e0fe6 40 $mform->setType('course', PARAM_INT);
ad6226fb 41
42 /// Print the required moodle fields first
c8149f0f 43 $mform->addElement('header', 'moodle', $strgeneral);
ad6226fb 44
45 $mform->addElement('text', 'username', get_string('username'), 'size="20"');
46 $mform->addRule('username', $strrequired, 'required', null, 'client');
47 $mform->setType('username', PARAM_RAW);
48
17da2e6f 49 $auths = get_plugin_list('auth');
ad6226fb 50 $auth_options = array();
17da2e6f 51 foreach ($auths as $auth => $unused) {
370f10b7 52 $auth_options[$auth] = get_string('pluginname', "auth_{$auth}");
ad6226fb 53 }
54 $mform->addElement('select', 'auth', get_string('chooseauthmethod','auth'), $auth_options);
f728d49b 55 $mform->addHelpButton('auth', 'chooseauthmethod', 'auth');
ad6226fb 56
4ad72c28
PS
57 $mform->addElement('advcheckbox', 'suspended', get_string('suspended','auth'));
58 $mform->addHelpButton('suspended', 'suspended', 'auth');
59
3bf11ca4
DM
60 if (!empty($CFG->passwordpolicy)){
61 $mform->addElement('static', 'passwordpolicyinfo', '', print_password_policy());
851481dc 62 }
54bb33eb 63 $mform->addElement('passwordunmask', 'newpassword', get_string('newpassword'), 'size="20"');
27d1a27c 64 $mform->addHelpButton('newpassword', 'newpassword');
ad6226fb 65 $mform->setType('newpassword', PARAM_RAW);
ad6226fb 66
fa1d88eb 67 $mform->addElement('advcheckbox', 'preference_auth_forcepasswordchange', get_string('forcepasswordchange'));
27d1a27c 68 $mform->addHelpButton('preference_auth_forcepasswordchange', 'forcepasswordchange');
14a6b7e1 69 /// shared fields
4e782b32 70 useredit_shared_definition($mform, $editoroptions, $filemanageroptions);
ad6226fb 71
bb6d3d34 72 /// Next the customisable profile fields
28f23328 73 profile_definition($mform, $userid);
bb6d3d34 74
ad6226fb 75 $this->add_action_buttons(false, get_string('updatemyprofile'));
76 }
77
78 function definition_after_data() {
f2f085ee 79 global $USER, $CFG, $DB, $OUTPUT;
ad6226fb 80
81 $mform =& $this->_form;
9122137f 82 if ($userid = $mform->getElementValue('id')) {
5d910388 83 $user = $DB->get_record('user', array('id'=>$userid));
9122137f 84 } else {
85 $user = false;
86 }
ad6226fb 87
1545d7f0 88 // if language does not exist, use site default lang
89 if ($langsel = $mform->getElementValue('lang')) {
90 $lang = reset($langsel);
eb309bed 91 // check lang exists
96de38c3 92 if (!get_string_manager()->translation_exists($lang, false)) {
1545d7f0 93 $lang_el =& $mform->getElement('lang');
94 $lang_el->setValue($CFG->lang);
95 }
96 }
97
e8e0bb2d 98 // user can not change own auth method
99 if ($userid == $USER->id) {
100 $mform->hardFreeze('auth');
101 $mform->hardFreeze('preference_auth_forcepasswordchange');
ad6226fb 102 }
103
104 // admin must choose some password and supply correct email
105 if (!empty($USER->newadminuser)) {
106 $mform->addRule('newpassword', get_string('required'), 'required', null, 'client');
4ad72c28
PS
107 if ($mform->elementExists('suspended')) {
108 $mform->removeElement('suspended');
109 }
ad6226fb 110 }
111
e8e0bb2d 112 // require password for new users
113 if ($userid == -1) {
114 $mform->addRule('newpassword', get_string('required'), 'required', null, 'client');
115 }
116
4ad72c28
PS
117 if ($user and is_mnet_remote_user($user)) {
118 // only local accounts can be suspended
119 if ($mform->elementExists('suspended')) {
120 $mform->removeElement('suspended');
121 }
122 }
123 if ($user and ($user->id == $USER->id or is_siteadmin($user))) {
124 // prevent self and admin mess ups
125 if ($mform->elementExists('suspended')) {
126 $mform->hardFreeze('suspended');
127 }
128 }
129
e8e0bb2d 130 // print picture
de2d81fa 131 if (!empty($CFG->gdversion) and empty($USER->newadminuser)) {
4125bdc1
SH
132 if ($user) {
133 $context = get_context_instance(CONTEXT_USER, $user->id, MUST_EXIST);
134 $fs = get_file_storage();
ed9e0cb6 135 $hasuploadedpicture = ($fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.png') || $fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.jpg'));
4125bdc1
SH
136 if (!empty($user->picture) && $hasuploadedpicture) {
137 $imagevalue = $OUTPUT->user_picture($user, array('courseid' => SITEID, 'size'=>64));
138 } else {
139 $imagevalue = get_string('none');
140 }
e8e0bb2d 141 } else {
4125bdc1
SH
142 $imagevalue = get_string('none');
143 }
144 $imageelement = $mform->getElement('currentpicture');
145 $imageelement->setValue($imagevalue);
146
147 if ($user && $mform->elementExists('deletepicture') && !$hasuploadedpicture) {
148 $mform->removeElement('deletepicture');
e8e0bb2d 149 }
150 }
bb6d3d34 151
152 /// Next the customisable profile fields
63466095 153 profile_definition_after_data($mform, $userid);
e8e0bb2d 154 }
155
6b8ad965 156 function validation($usernew, $files) {
5d910388 157 global $CFG, $DB;
e8e0bb2d 158
159 $usernew = (object)$usernew;
f728d49b
PS
160 $usernew->username = trim($usernew->username);
161
162 $user = $DB->get_record('user', array('id'=>$usernew->id));
04f639a0 163 $err = array();
164
83022298 165 if (!empty($usernew->newpassword)) {
166 $errmsg = '';//prevent eclipse warning
167 if (!check_password_policy($usernew->newpassword, $errmsg)) {
168 $err['newpassword'] = $errmsg;
169 }
170 }
171
04f639a0 172 if (empty($usernew->username)) {
173 //might be only whitespace
174 $err['username'] = get_string('required');
175 } else if (!$user or $user->username !== $usernew->username) {
e8e0bb2d 176 //check new username does not exist
5d910388 177 if ($DB->record_exists('user', array('username'=>$usernew->username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
e8e0bb2d 178 $err['username'] = get_string('usernameexists');
179 }
f728d49b 180 //check allowed characters
6f3451e5 181 if ($usernew->username !== textlib::strtolower($usernew->username)) {
e8e0bb2d 182 $err['username'] = get_string('usernamelowercase');
6b8ad965
PS
183 } else {
184 if ($usernew->username !== clean_param($usernew->username, PARAM_USERNAME)) {
f4065447 185 $err['username'] = get_string('invalidusername');
e8e0bb2d 186 }
ad6226fb 187 }
188 }
e8e0bb2d 189
190 if (!$user or $user->email !== $usernew->email) {
191 if (!validate_email($usernew->email)) {
192 $err['email'] = get_string('invalidemail');
5d910388 193 } else if ($DB->record_exists('user', array('email'=>$usernew->email, 'mnethostid'=>$CFG->mnet_localhost_id))) {
e8e0bb2d 194 $err['email'] = get_string('emailexists');
195 }
196 }
197
bb6d3d34 198 /// Next the customisable profile fields
c8969c22 199 $err += profile_validation($usernew, $files);
bb6d3d34 200
e8e0bb2d 201 if (count($err) == 0){
202 return true;
203 } else {
204 return $err;
205 }
ad6226fb 206 }
ad6226fb 207}
208
aa6c1ced 209