[moodle.git] / user / view.php

<?php

// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * Display profile for a particular user
 *
 * @copyright 1999 Martin Dougiamas  http://dougiamas.com
 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 * @package user
 */

require_once("../config.php");
require_once($CFG->dirroot.'/user/profile/lib.php');
require_once($CFG->dirroot.'/tag/lib.php');

$id        = optional_param('id', 0, PARAM_INT);   // user id
$courseid  = optional_param('course', SITEID, PARAM_INT);   // course id (defaults to Site)
$enable    = optional_param('enable', 0, PARAM_BOOL);       // enable email
$disable   = optional_param('disable', 0, PARAM_BOOL);      // disable email

if (empty($id)) {            // See your own profile by default
    require_login();
    $id = $USER->id;
}

if ($courseid == SITEID) {   // Since Moodle 2.0 all site-level profiles are shown by profile.php
    redirect($CFG->wwwroot.'/user/profile.php?id='.$id);  // Immediate redirect
}

$url = new moodle_url('/user/view.php', array('id'=>$id,'course'=>$courseid));
$PAGE->set_url($url);

$user = $DB->get_record('user', array('id'=>$id), '*', MUST_EXIST);
$course = $DB->get_record('course', array('id'=>$courseid), '*', MUST_EXIST);
$currentuser = ($user->id == $USER->id);

$systemcontext = get_context_instance(CONTEXT_SYSTEM);
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
$usercontext   = get_context_instance(CONTEXT_USER, $user->id, MUST_EXIST);

// Require login first
if (isguestuser($user)) {
    // can not view profile of guest - thre is nothing to see there
    print_error('invaliduserid');
}

$PAGE->set_context($coursecontext);
$PAGE->set_pagetype('course-view-' . $course->format);
$PAGE->set_other_editing_capability('moodle/course:manageactivities');

$isparent = false;

if (!$currentuser
  and $DB->record_exists('role_assignments', array('userid'=>$USER->id, 'contextid'=>$usercontext->id))
  and has_capability('moodle/user:viewdetails', $usercontext)) {
    // TODO: very ugly hack - do not force "parents" to enrol into course their child is enrolled in,
    //       this way they may access the profile where they get overview of grades and child activity in course,
    //       please note this is just a guess!
    require_login();
    $isparent = true;

} else {
    // normal course
    require_login($course);
    // what to do with users temporary accessing this course? shoudl they see the details?
}


$strpersonalprofile = get_string('personalprofile');
$strparticipants = get_string("participants");
$struser = get_string("user");

$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));

/// Now test the actual capabilities and enrolment in course
if ($currentuser) {
    // me
    if (!is_enrolled($coursecontext) and !is_viewing($coursecontext)) { // Need to have full access to a course to see the rest of own info
        echo $OUTPUT->header();
        echo $OUTPUT->heading(get_string('notenrolled', '', $fullname));
        if (!empty($_SERVER['HTTP_REFERER'])) {
            echo $OUTPUT->continue_button($_SERVER['HTTP_REFERER']);
        }
        echo $OUTPUT->footer();
        die;
    }

} else {
    // somebody else
    $PAGE->set_title("$strpersonalprofile: ");
    $PAGE->set_heading("$strpersonalprofile: ");

    // check course level capabilities
    if (!has_capability('moodle/user:viewdetails', $coursecontext) && // normal enrolled user or mnager
        !has_capability('moodle/user:viewdetails', $usercontext)) {   // usually parent
        print_error('cannotviewprofile');
    }

    if (!is_enrolled($coursecontext, $user->id)) {
        // TODO: the only potential problem is that managers and inspectors might post in forum, but the link
        //       to profile would not work - maybe a new capability - moodle/user:freely_acessile_profile_for_anybody
        //       or test for course:inspect capability
        if (has_capability('moodle/role:assign', $coursecontext)) {
            $PAGE->navbar->add($fullname);
            echo $OUTPUT->header();
            echo $OUTPUT->heading(get_string('notenrolled', '', $fullname));
        } else {
            echo $OUTPUT->header();
            $PAGE->navbar->add($struser);
            echo $OUTPUT->heading(get_string('notenrolledprofile'));
        }
        if (!empty($_SERVER['HTTP_REFERER'])) {
            echo $OUTPUT->continue_button($_SERVER['HTTP_REFERER']);
        }
        echo $OUTPUT->footer();
        exit;
    }

    // If groups are in use and enforced throughout the course, then make sure we can meet in at least one course level group
    if (groups_get_course_groupmode($course) == SEPARATEGROUPS and $course->groupmodeforce
      and !has_capability('moodle/site:accessallgroups', $coursecontext) and !has_capability('moodle/site:accessallgroups', $coursecontext, $user->id)) {
        if (!isloggedin() or isguestuser()) {
            // do not use require_login() here because we might have already used require_login($course)
            redirect(get_login_url());
        }
        $mygroups = array_keys(groups_get_all_groups($course->id, $USER->id, $course->defaultgroupingid, 'g.id, g.name'));
        $usergroups = array_keys(groups_get_all_groups($course->id, $user->id, $course->defaultgroupingid, 'g.id, g.name'));
        if (!array_intersect($mygroups, $usergroups)) {
            print_error("groupnotamember", '', "../course/view.php?id=$course->id");
        }
    }
}


/// We've established they can see the user's name at least, so what about the rest?

$PAGE->navigation->extend_for_user($user);
$PAGE->set_title("$course->fullname: $strpersonalprofile: $fullname");
$PAGE->set_heading($course->fullname);
$PAGE->set_pagelayout('standard');
echo $OUTPUT->header();
echo $OUTPUT->heading(fullname($user));

if ($user->deleted) {
    echo $OUTPUT->heading(get_string('userdeleted'));
    if (!has_capability('moodle/user:update', $coursecontext)) {
        echo $OUTPUT->footer();
        die;
    }
}

/// OK, security out the way, now we are showing the user

add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id");

$user->lastaccess = false;
if ($lastaccess = $DB->get_record('user_lastaccess', array('userid'=>$user->id, 'courseid'=>$course->id))) {
    $user->lastaccess = $lastaccess->timeaccess;
}


/// Get the hidden field list
if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
    $hiddenfields = array();
} else {
    $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}

if (is_mnet_remote_user($user)) {
    $sql = "
         SELECT DISTINCT h.id, h.name, h.wwwroot,
                a.name as application, a.display_name
           FROM {mnet_host} h, {mnet_application} a
          WHERE h.id = ? AND h.applicationid = a.id
       ORDER BY a.display_name, h.name";

    $remotehost = $DB->get_record_sql($sql, array($user->mnethostid));

    echo '<p class="errorboxcontent">'.get_string('remoteappuser', $remotehost->application)." <br />\n";
    if ($currentuser) {
        if ($remotehost->application =='moodle') {
            echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/user/edit.php\">{$remotehost->name}</a> ".get_string('editremoteprofile')." </p>\n";
        } else {
            echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a> ".get_string('gotoyourserver')." </p>\n";
        }
    } else {
        echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a></p>\n";
    }
}

echo '<div class="fullprofilelink">';
echo html_writer::link($CFG->wwwroot.'/user/profile.php?id='.$id, get_string('fullprofile'));
echo '</div>';

echo '<div class="profilepicture">';
echo $OUTPUT->user_picture($user, array('size'=>100));
echo '</div>';

// Print the description
echo '<div class="description">';
if ($user->description && !isset($hiddenfields['description'])) {
    if (!empty($CFG->profilesforenrolledusersonly) && !$DB->record_exists('role_assignments', array('userid'=>$id))) {
        echo get_string('profilenotshown', 'moodle').'<hr />';
    } else {
        $user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $usercontext->id, 'user_profile', $id);
        echo format_text($user->description, $user->descriptionformat)."<hr />";
    }
}
echo '</div>';


// Print all the little details in a list

echo '<table class="list" summary="">';

if (! isset($hiddenfields['country']) && $user->country) {
    print_row(get_string('country') . ':', get_string($user->country, 'countries'));
}

if (! isset($hiddenfields['city']) && $user->city) {
    print_row(get_string('city') . ':', $user->city);
}

if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
    if ($user->address) {
        print_row(get_string("address").":", "$user->address");
    }
    if ($user->phone1) {
        print_row(get_string("phone").":", "$user->phone1");
    }
    if ($user->phone2) {
        print_row(get_string("phone2").":", "$user->phone2");
    }
}

if ($user->maildisplay == 1
   or ($user->maildisplay == 2 && !isguestuser())
   or has_capability('moodle/course:useremail', $coursecontext)) {

    $emailswitch = '';

    if ($currentuser or has_capability('moodle/course:useremail', $coursecontext)) {   /// Can use the enable/disable email stuff
        if (!empty($enable) and confirm_sesskey()) {     /// Recieved a parameter to enable the email address
            $DB->set_field('user', 'emailstop', 0, array('id'=>$user->id));
            $user->emailstop = 0;
        }
        if (!empty($disable) and confirm_sesskey()) {     /// Recieved a parameter to disable the email address
            $DB->set_field('user', 'emailstop', 1, array('id'=>$user->id));
            $user->emailstop = 1;
        }
    }

    if (has_capability('moodle/course:useremail', $coursecontext)) {   /// Can use the enable/disable email stuff
        if ($user->emailstop) {
            $switchparam = 'enable';
            $switchtitle = get_string('emaildisable');
            $switchclick = get_string('emailenableclick');
            $switchpix   = 't/emailno';
        } else {
            $switchparam = 'disable';
            $switchtitle = get_string('emailenable');
            $switchclick = get_string('emaildisableclick');
            $switchpix   = 't/email';
        }
        $emailswitch = "&nbsp;<a title=\"$switchclick\" ".
                       "href=\"view.php?id=$user->id&amp;course=$course->id&amp;$switchparam=1&amp;sesskey=".sesskey()."\">".
                       "<img src=\"" . $OUTPUT->pix_url("$switchpix") . "\" alt=\"$switchclick\" /></a>";

    } else if ($currentuser) {         /// Can only re-enable an email this way
        if ($user->emailstop) {   // Include link that tells how to re-enable their email
            $switchparam = 'enable';
            $switchtitle = get_string('emaildisable');
            $switchclick = get_string('emailenableclick');

            $emailswitch = "&nbsp;(<a title=\"$switchclick\" ".
                           "href=\"view.php?id=$user->id&amp;course=$course->id&amp;enable=1&amp;sesskey=".sesskey()."\">$switchtitle</a>)";
        }
    }

    print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch");
}

if ($user->url && !isset($hiddenfields['webpage'])) {
    $url = $user->url;
    if (strpos($user->url, '://') === false) {
        $url = 'http://'. $url;
    }
    print_row(get_string('webpage') .':', '<a href="'.s($url).'">'.s($user->url).'</a>');
}

if ($user->icq && !isset($hiddenfields['icqnumber'])) {
    print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=".urlencode($user->icq)."\">".s($user->icq)." <img src=\"http://web.icq.com/whitepages/online?icq=".urlencode($user->icq)."&amp;img=5\" alt=\"\" /></a>");
}

if ($user->skype && !isset($hiddenfields['skypeid'])) {
    print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
        ' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
        ' /></a>');
}
if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
    print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&amp;.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
}
if ($user->aim && !isset($hiddenfields['aimid'])) {
    print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.urlencode($user->aim).'">'.s($user->aim).'</a>');
}
if ($user->msn && !isset($hiddenfields['msnid'])) {
    print_row(get_string('msnid').':', s($user->msn));
}

/// Print the Custom User Fields
profile_display_fields($user->id);


if (!isset($hiddenfields['mycourses'])) {
    if ($mycourses = get_my_courses($user->id, 'visible DESC,sortorder ASC', null, false, 21)) {
        $shown=0;
        $courselisting = '';
        foreach ($mycourses as $mycourse) {
            if ($mycourse->category) {
                if ($mycourse->id != $course->id){
                    $class = '';
                    if ($mycourse->visible == 0) {
                        // get_my_courses will filter courses $USER cannot see
                        // if we get one with visible 0 it just means it's hidden
                        // ... but not from $USER
                        $class = 'class="dimmed"';
                    }
                    $courselisting .= "<a href=\"{$CFG->wwwroot}/user/view.php?id={$user->id}&amp;course={$mycourse->id}\" $class >"
                        . format_string($mycourse->fullname) . "</a>, ";
                }
                else {
                    $courselisting .= format_string($mycourse->fullname) . ", ";
                }
            }
            $shown++;
            if($shown==20) {
                $courselisting.= "...";
                break;
            }
        }
        print_row(get_string('courseprofiles').':', rtrim($courselisting,', '));
    }
}
if (!isset($hiddenfields['firstaccess'])) {
    if ($user->firstaccess) {
        $datestring = userdate($user->firstaccess)."&nbsp; (".format_time(time() - $user->firstaccess).")";
    } else {
        $datestring = get_string("never");
    }
    print_row(get_string("firstaccess").":", $datestring);
}
if (!isset($hiddenfields['lastaccess'])) {
    if ($user->lastaccess) {
        $datestring = userdate($user->lastaccess)."&nbsp; (".format_time(time() - $user->lastaccess).")";
    } else {
        $datestring = get_string("never");
    }
    print_row(get_string("lastaccess").":", $datestring);
}
/// printing roles

if ($rolestring = get_user_roles_in_course($id, $course->id)) {
    print_row(get_string('roles').':', $rolestring);
}

/// Printing groups
if (!isset($hiddenfields['groups'])) {
    if ($course->groupmode != SEPARATEGROUPS or has_capability('moodle/site:accessallgroups', $coursecontext)) {
        if ($usergroups = groups_get_all_groups($course->id, $user->id)) {
            $groupstr = '';
            foreach ($usergroups as $group){
                $groupstr .= ' <a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'&amp;group='.$group->id.'">'.format_string($group->name).'</a>,';
            }
            print_row(get_string("group").":", rtrim($groupstr, ', '));
        }
    }
}
/// End of printing groups

/// Printing Interests
    if( !empty($CFG->usetags)) {
        if ( $interests = tag_get_tags_csv('user', $user->id) ) {
        print_row(get_string('interests') .": ", $interests);
    }
}
/// End of Printing Interests

echo "</table>";

$userauth = get_auth_plugin($user->auth);

$passwordchangeurl = false;
if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) {
    if (!$passwordchangeurl = $userauth->change_password_url()) {
        if (empty($CFG->loginhttps)) {
            $passwordchangeurl = "$CFG->wwwroot/login/change_password.php";
        } else {
            $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php');
        }
    }
}

// Buttons gone!  TODO: Make sure there's a good way to message someone from the profile pages

if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $currentuser) {  // Show user object
    echo '<br /><br /><hr />';
    echo $OUTPUT->heading('DEBUG MODE:  User session variables');
    print_object($USER);
}

echo $OUTPUT->footer();

/// Functions ///////

function print_row($left, $right) {
    echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";
}
Commit	Line	Data
ce221eb5	1	<?php
	2
	3	// This file is part of Moodle - http://moodle.org/
	4	//
	5	// Moodle is free software: you can redistribute it and/or modify
	6	// it under the terms of the GNU General Public License as published by
	7	// the Free Software Foundation, either version 3 of the License, or
	8	// (at your option) any later version.
	9	//
	10	// Moodle is distributed in the hope that it will be useful,
	11	// but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	// GNU General Public License for more details.
	14	//
	15	// You should have received a copy of the GNU General Public License
	16	// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
	17
	18	/**
	19	* Display profile for a particular user
	20	*
	21	* @copyright 1999 Martin Dougiamas http://dougiamas.com
	22	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
	23	* @package user
	24	*/
	25
	26	require_once("../config.php");
	27	require_once($CFG->dirroot.'/user/profile/lib.php');
	28	require_once($CFG->dirroot.'/tag/lib.php');
	29
4f0c2d00 PS	30	$id = optional_param('id', 0, PARAM_INT); // user id
	31	$courseid = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
	32	$enable = optional_param('enable', 0, PARAM_BOOL); // enable email
	33	$disable = optional_param('disable', 0, PARAM_BOOL); // disable email
ce221eb5	34
03d9401e	35	if (empty($id)) { // See your own profile by default
ce221eb5	36	require_login();
	37	$id = $USER->id;
	38	}
f9903ed0	39
03d9401e MD	40	if ($courseid == SITEID) { // Since Moodle 2.0 all site-level profiles are shown by profile.php
03d9401e MD	41	redirect($CFG->wwwroot.'/user/profile.php?id='.$id); // Immediate redirect
ce221eb5	42	}
03d9401e MD	43
03d9401e MD	44	$url = new moodle_url('/user/view.php', array('id'=>$id,'course'=>$courseid));
ce221eb5	45	$PAGE->set_url($url);
e41ddc4b	46
4f0c2d00 PS	47	$user = $DB->get_record('user', array('id'=>$id), '*', MUST_EXIST);
4f0c2d00 PS	48	$course = $DB->get_record('course', array('id'=>$courseid), '*', MUST_EXIST);
03d9401e	49	$currentuser = ($user->id == $USER->id);
f9903ed0	50
ce221eb5	51	$systemcontext = get_context_instance(CONTEXT_SYSTEM);
03d9401e MD	52	$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
03d9401e MD	53	$usercontext = get_context_instance(CONTEXT_USER, $user->id, MUST_EXIST);
1deff123	54
4f0c2d00 PS	55	// Require login first
	56	if (isguestuser($user)) {
	57	// can not view profile of guest - thre is nothing to see there
	58	print_error('invaliduserid');
ce221eb5	59	}
bad59bc0	60
03d9401e MD	61	$PAGE->set_context($coursecontext);
	62	$PAGE->set_pagetype('course-view-' . $course->format);
	63	$PAGE->set_other_editing_capability('moodle/course:manageactivities');
cb4f6179	64
4f0c2d00	65	$isparent = false;
0be6f678	66
03d9401e	67	if (!$currentuser
4f0c2d00 PS	68	and $DB->record_exists('role_assignments', array('userid'=>$USER->id, 'contextid'=>$usercontext->id))
	69	and has_capability('moodle/user:viewdetails', $usercontext)) {
	70	// TODO: very ugly hack - do not force "parents" to enrol into course their child is enrolled in,
	71	// this way they may access the profile where they get overview of grades and child activity in course,
	72	// please note this is just a guess!
ce221eb5	73	require_login();
4f0c2d00 PS	74	$isparent = true;
	75
	76	} else {
	77	// normal course
	78	require_login($course);
	79	// what to do with users temporary accessing this course? shoudl they see the details?
ce221eb5	80	}
f9903ed0	81
4f0c2d00	82
ce221eb5	83	$strpersonalprofile = get_string('personalprofile');
	84	$strparticipants = get_string("participants");
	85	$struser = get_string("user");
f9903ed0	86
ce221eb5	87	$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
f1603208	88
4f0c2d00 PS	89	/// Now test the actual capabilities and enrolment in course
	90	if ($currentuser) {
	91	// me
03d9401e	92	if (!is_enrolled($coursecontext) and !is_viewing($coursecontext)) { // Need to have full access to a course to see the rest of own info
4f0c2d00 PS	93	echo $OUTPUT->header();
	94	echo $OUTPUT->heading(get_string('notenrolled', '', $fullname));
	95	if (!empty($_SERVER['HTTP_REFERER'])) {
	96	echo $OUTPUT->continue_button($_SERVER['HTTP_REFERER']);
	97	}
	98	echo $OUTPUT->footer();
	99	die;
	100	}
caa8363f	101
4f0c2d00 PS	102	} else {
4f0c2d00 PS	103	// somebody else
ce221eb5	104	$PAGE->set_title("$strpersonalprofile: ");
ce221eb5	105	$PAGE->set_heading("$strpersonalprofile: ");
caa8363f	106
03d9401e MD	107	// check course level capabilities
	108	if (!has_capability('moodle/user:viewdetails', $coursecontext) && // normal enrolled user or mnager
	109	!has_capability('moodle/user:viewdetails', $usercontext)) { // usually parent
	110	print_error('cannotviewprofile');
	111	}
4f0c2d00	112
03d9401e MD	113	if (!is_enrolled($coursecontext, $user->id)) {
	114	// TODO: the only potential problem is that managers and inspectors might post in forum, but the link
	115	// to profile would not work - maybe a new capability - moodle/user:freely_acessile_profile_for_anybody
	116	// or test for course:inspect capability
	117	if (has_capability('moodle/role:assign', $coursecontext)) {
	118	$PAGE->navbar->add($fullname);
	119	echo $OUTPUT->header();
	120	echo $OUTPUT->heading(get_string('notenrolled', '', $fullname));
	121	} else {
	122	echo $OUTPUT->header();
	123	$PAGE->navbar->add($struser);
	124	echo $OUTPUT->heading(get_string('notenrolledprofile'));
ce221eb5	125	}
03d9401e MD	126	if (!empty($_SERVER['HTTP_REFERER'])) {
03d9401e MD	127	echo $OUTPUT->continue_button($_SERVER['HTTP_REFERER']);
fa22fd5f	128	}
03d9401e MD	129	echo $OUTPUT->footer();
03d9401e MD	130	exit;
ce221eb5	131	}
499e78b4	132
4f0c2d00 PS	133	// If groups are in use and enforced throughout the course, then make sure we can meet in at least one course level group
	134	if (groups_get_course_groupmode($course) == SEPARATEGROUPS and $course->groupmodeforce
	135	and !has_capability('moodle/site:accessallgroups', $coursecontext) and !has_capability('moodle/site:accessallgroups', $coursecontext, $user->id)) {
	136	if (!isloggedin() or isguestuser()) {
	137	// do not use require_login() here because we might have already used require_login($course)
	138	redirect(get_login_url());
	139	}
	140	$mygroups = array_keys(groups_get_all_groups($course->id, $USER->id, $course->defaultgroupingid, 'g.id, g.name'));
	141	$usergroups = array_keys(groups_get_all_groups($course->id, $user->id, $course->defaultgroupingid, 'g.id, g.name'));
	142	if (!array_intersect($mygroups, $usergroups)) {
ce221eb5	143	print_error("groupnotamember", '', "../course/view.php?id=$course->id");
dd780a3b	144	}
dd780a3b	145	}
ce221eb5	146	}
0be6f678	147
f5ecf2e9	148
bad59bc0	149	/// We've established they can see the user's name at least, so what about the rest?
bad59bc0	150
7a7e209d	151	$PAGE->navigation->extend_for_user($user);
ce221eb5	152	$PAGE->set_title("$course->fullname: $strpersonalprofile: $fullname");
ce221eb5	153	$PAGE->set_heading($course->fullname);
ad1e8f13	154	$PAGE->set_pagelayout('standard');
ce221eb5	155	echo $OUTPUT->header();
03d9401e	156	echo $OUTPUT->heading(fullname($user));
b1d530d2	157
ce221eb5	158	if ($user->deleted) {
	159	echo $OUTPUT->heading(get_string('userdeleted'));
	160	if (!has_capability('moodle/user:update', $coursecontext)) {
	161	echo $OUTPUT->footer();
	162	die;
bb09fb11	163	}
ce221eb5	164	}
bb09fb11	165
bad59bc0	166	/// OK, security out the way, now we are showing the user
bad59bc0	167
ce221eb5	168	add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id");
bad59bc0	169
03d9401e MD	170	$user->lastaccess = false;
	171	if ($lastaccess = $DB->get_record('user_lastaccess', array('userid'=>$user->id, 'courseid'=>$course->id))) {
	172	$user->lastaccess = $lastaccess->timeaccess;
ce221eb5	173	}
499e78b4	174
bad59bc0	175
4801fe93	176	/// Get the hidden field list
ce221eb5	177	if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
	178	$hiddenfields = array();
	179	} else {
	180	$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
	181	}
f9903ed0	182
ce221eb5	183	if (is_mnet_remote_user($user)) {
	184	$sql = "
	185	SELECT DISTINCT h.id, h.name, h.wwwroot,
4f0c2d00	186	a.name as application, a.display_name
ce221eb5	187	FROM {mnet_host} h, {mnet_application} a
	188	WHERE h.id = ? AND h.applicationid = a.id
	189	ORDER BY a.display_name, h.name";
ce8c75ee	190
ce221eb5	191	$remotehost = $DB->get_record_sql($sql, array($user->mnethostid));
0be6f678	192
ce221eb5	193	echo '<p class="errorboxcontent">'.get_string('remoteappuser', $remotehost->application)." <br />\n";
4f0c2d00	194	if ($currentuser) {
ce221eb5	195	if ($remotehost->application =='moodle') {
ce221eb5	196	echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/user/edit.php\">{$remotehost->name}</a> ".get_string('editremoteprofile')." </p>\n";
25202581	197	} else {
ce221eb5	198	echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a> ".get_string('gotoyourserver')." </p>\n";
25202581	199	}
ce221eb5	200	} else {
ce221eb5	201	echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a></p>\n";
56f52742	202	}
ce221eb5	203	}
56f52742	204
03d9401e MD	205	echo '<div class="fullprofilelink">';
	206	echo html_writer::link($CFG->wwwroot.'/user/profile.php?id='.$id, get_string('fullprofile'));
	207	echo '</div>';
f9903ed0	208
03d9401e MD	209	echo '<div class="profilepicture">';
	210	echo $OUTPUT->user_picture($user, array('size'=>100));
	211	echo '</div>';
f9903ed0	212
03d9401e MD	213	// Print the description
03d9401e MD	214	echo '<div class="description">';
ce221eb5	215	if ($user->description && !isset($hiddenfields['description'])) {
03d9401e	216	if (!empty($CFG->profilesforenrolledusersonly) && !$DB->record_exists('role_assignments', array('userid'=>$id))) {
ce221eb5	217	echo get_string('profilenotshown', 'moodle').'<hr />';
ce221eb5	218	} else {
8bdc9cac SH	219	$user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $usercontext->id, 'user_profile', $id);
8bdc9cac SH	220	echo format_text($user->description, $user->descriptionformat)."<hr />";
f9903ed0	221	}
ce221eb5	222	}
03d9401e MD	223	echo '</div>';
03d9401e MD	224
f9903ed0	225
ce221eb5	226	// Print all the little details in a list
f9903ed0	227
03d9401e	228	echo '<table class="list" summary="">';
f9903ed0	229
ce221eb5	230	if (! isset($hiddenfields['country']) && $user->country) {
03d9401e	231	print_row(get_string('country') . ':', get_string($user->country, 'countries'));
ce221eb5	232	}
910bd9e1	233
ce221eb5	234	if (! isset($hiddenfields['city']) && $user->city) {
	235	print_row(get_string('city') . ':', $user->city);
	236	}
f9903ed0	237
ce221eb5	238	if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
	239	if ($user->address) {
	240	print_row(get_string("address").":", "$user->address");
	241	}
	242	if ($user->phone1) {
	243	print_row(get_string("phone").":", "$user->phone1");
	244	}
	245	if ($user->phone2) {
	246	print_row(get_string("phone2").":", "$user->phone2");
f9903ed0	247	}
ce221eb5	248	}
f9903ed0	249
4f0c2d00	250	if ($user->maildisplay == 1
03d9401e	251	or ($user->maildisplay == 2 && !isguestuser())
4f0c2d00	252	or has_capability('moodle/course:useremail', $coursecontext)) {
cadb96f2	253
ce221eb5	254	$emailswitch = '';
c6c558d7	255
4f0c2d00	256	if ($currentuser or has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff
deaa8a19	257	if (!empty($enable) and confirm_sesskey()) { /// Recieved a parameter to enable the email address
ce221eb5	258	$DB->set_field('user', 'emailstop', 0, array('id'=>$user->id));
ce221eb5	259	$user->emailstop = 0;
c6c558d7	260	}
deaa8a19	261	if (!empty($disable) and confirm_sesskey()) { /// Recieved a parameter to disable the email address
ce221eb5	262	$DB->set_field('user', 'emailstop', 1, array('id'=>$user->id));
ce221eb5	263	$user->emailstop = 1;
cadb96f2	264	}
55e078c0	265	}
f9903ed0	266
ce221eb5	267	if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff
	268	if ($user->emailstop) {
	269	$switchparam = 'enable';
	270	$switchtitle = get_string('emaildisable');
	271	$switchclick = get_string('emailenableclick');
	272	$switchpix = 't/emailno';
	273	} else {
	274	$switchparam = 'disable';
	275	$switchtitle = get_string('emailenable');
	276	$switchclick = get_string('emaildisableclick');
	277	$switchpix = 't/email';
	278	}
	279	$emailswitch = " <a title=\"$switchclick\" ".
deaa8a19	280	"href=\"view.php?id=$user->id&course=$course->id&$switchparam=1&sesskey=".sesskey()."\">".
b5d0cafc	281	"<img src=\"" . $OUTPUT->pix_url("$switchpix") . "\" alt=\"$switchclick\" /></a>";
ce221eb5	282
	283	} else if ($currentuser) { /// Can only re-enable an email this way
	284	if ($user->emailstop) { // Include link that tells how to re-enable their email
	285	$switchparam = 'enable';
	286	$switchtitle = get_string('emaildisable');
	287	$switchclick = get_string('emailenableclick');
	288
	289	$emailswitch = " (<a title=\"$switchclick\" ".
deaa8a19	290	"href=\"view.php?id=$user->id&course=$course->id&enable=1&sesskey=".sesskey()."\">$switchtitle</a>)";
c18a3c1f	291	}
f9903ed0	292	}
f9903ed0	293
ce221eb5	294	print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch");
ce221eb5	295	}
766d2bf3	296
ce221eb5	297	if ($user->url && !isset($hiddenfields['webpage'])) {
	298	$url = $user->url;
	299	if (strpos($user->url, '://') === false) {
	300	$url = 'http://'. $url;
f9903ed0	301	}
03d9401e	302	print_row(get_string('webpage') .':', '<a href="'.s($url).'">'.s($user->url).'</a>');
ce221eb5	303	}
f9903ed0	304
ce221eb5	305	if ($user->icq && !isset($hiddenfields['icqnumber'])) {
4f0c2d00	306	print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=".urlencode($user->icq)."\">".s($user->icq)." <img src=\"http://web.icq.com/whitepages/online?icq=".urlencode($user->icq)."&img=5\" alt=\"\" /></a>");
ce221eb5	307	}
	308
	309	if ($user->skype && !isset($hiddenfields['skypeid'])) {
	310	print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
	311	' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
	312	' /></a>');
	313	}
	314	if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
	315	print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
	316	}
	317	if ($user->aim && !isset($hiddenfields['aimid'])) {
4f0c2d00	318	print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.urlencode($user->aim).'">'.s($user->aim).'</a>');
ce221eb5	319	}
	320	if ($user->msn && !isset($hiddenfields['msnid'])) {
	321	print_row(get_string('msnid').':', s($user->msn));
	322	}
	323
	324	/// Print the Custom User Fields
	325	profile_display_fields($user->id);
	326
	327
	328	if (!isset($hiddenfields['mycourses'])) {
183ea489	329	if ($mycourses = get_my_courses($user->id, 'visible DESC,sortorder ASC', null, false, 21)) {
ce221eb5	330	$shown=0;
	331	$courselisting = '';
	332	foreach ($mycourses as $mycourse) {
	333	if ($mycourse->category) {
	334	if ($mycourse->id != $course->id){
	335	$class = '';
	336	if ($mycourse->visible == 0) {
	337	// get_my_courses will filter courses $USER cannot see
	338	// if we get one with visible 0 it just means it's hidden
	339	// ... but not from $USER
	340	$class = 'class="dimmed"';
472b647a	341	}
ce221eb5	342	$courselisting .= "<a href=\"{$CFG->wwwroot}/user/view.php?id={$user->id}&course={$mycourse->id}\" $class >"
ce221eb5	343	. format_string($mycourse->fullname) . "</a>, ";
dd5e0901	344	}
ce221eb5	345	else {
ce221eb5	346	$courselisting .= format_string($mycourse->fullname) . ", ";
9c72928d	347	}
9c72928d	348	}
ce221eb5	349	$shown++;
	350	if($shown==20) {
	351	$courselisting.= "...";
	352	break;
	353	}
9c72928d	354	}
03d9401e	355	print_row(get_string('courseprofiles').':', rtrim($courselisting,', '));
9c72928d	356	}
ce221eb5	357	}
	358	if (!isset($hiddenfields['firstaccess'])) {
	359	if ($user->firstaccess) {
	360	$datestring = userdate($user->firstaccess)."  (".format_time(time() - $user->firstaccess).")";
	361	} else {
	362	$datestring = get_string("never");
1263a0ff	363	}
ce221eb5	364	print_row(get_string("firstaccess").":", $datestring);
	365	}
	366	if (!isset($hiddenfields['lastaccess'])) {
	367	if ($user->lastaccess) {
	368	$datestring = userdate($user->lastaccess)."  (".format_time(time() - $user->lastaccess).")";
	369	} else {
	370	$datestring = get_string("never");
d21fef3a	371	}
ce221eb5	372	print_row(get_string("lastaccess").":", $datestring);
ce221eb5	373	}
0a8a95c9	374	/// printing roles
f2f085ee	375
4f0c2d00 PS	376	if ($rolestring = get_user_roles_in_course($id, $course->id)) {
4f0c2d00 PS	377	print_row(get_string('roles').':', $rolestring);
ce221eb5	378	}
fa22fd5f	379
f90e9ff6	380	/// Printing groups
ce221eb5	381	if (!isset($hiddenfields['groups'])) {
4f0c2d00 PS	382	if ($course->groupmode != SEPARATEGROUPS or has_capability('moodle/site:accessallgroups', $coursecontext)) {
4f0c2d00 PS	383	if ($usergroups = groups_get_all_groups($course->id, $user->id)) {
ce221eb5	384	$groupstr = '';
	385	foreach ($usergroups as $group){
	386	$groupstr .= ' <a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'&group='.$group->id.'">'.format_string($group->name).'</a>,';
fa22fd5f	387	}
ce221eb5	388	print_row(get_string("group").":", rtrim($groupstr, ', '));
fa22fd5f	389	}
fa22fd5f	390	}
ce221eb5	391	}
f90e9ff6	392	/// End of printing groups
fa22fd5f	393
1e1c51a3	394	/// Printing Interests
ce221eb5	395	if( !empty($CFG->usetags)) {
	396	if ( $interests = tag_get_tags_csv('user', $user->id) ) {
	397	print_row(get_string('interests') .": ", $interests);
1e1c51a3	398	}
ce221eb5	399	}
0be6f678	400	/// End of Printing Interests
1e1c51a3	401
ce221eb5	402	echo "</table>";
f9903ed0	403
ce221eb5	404	$userauth = get_auth_plugin($user->auth);
210560e3	405
ce221eb5	406	$passwordchangeurl = false;
	407	if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) {
	408	if (!$passwordchangeurl = $userauth->change_password_url()) {
	409	if (empty($CFG->loginhttps)) {
	410	$passwordchangeurl = "$CFG->wwwroot/login/change_password.php";
	411	} else {
	412	$passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php');
ab1324e4	413	}
3086f3f6	414	}
ce221eb5	415	}
3086f3f6	416
03d9401e	417	// Buttons gone! TODO: Make sure there's a good way to message someone from the profile pages
3de34ccf	418
4f0c2d00	419	if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $currentuser) { // Show user object
03d9401e	420	echo '<br /><br /><hr />';
ce221eb5	421	echo $OUTPUT->heading('DEBUG MODE: User session variables');
	422	print_object($USER);
	423	}
3de34ccf	424
ce221eb5	425	echo $OUTPUT->footer();
f9903ed0	426
	427	/// Functions ///////
	428
	429	function print_row($left, $right) {
c1138797	430	echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";
f9903ed0	431	}
f9903ed0	432
aa6c1ced	433