2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * Bulk user registration script from a comma separated file
21 * @subpackage uploaduser
22 * @copyright 2004 onwards Martin Dougiamas (http://dougiamas.com)
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 require('../../../config.php');
27 require_once($CFG->libdir.'/adminlib.php');
28 require_once($CFG->libdir.'/csvlib.class.php');
29 require_once($CFG->dirroot.'/user/profile/lib.php');
30 require_once($CFG->dirroot.'/user/lib.php');
31 require_once($CFG->dirroot.'/group/lib.php');
32 require_once($CFG->dirroot.'/cohort/lib.php');
33 require_once('locallib.php');
34 require_once('user_form.php');
35 require_once('classes/local/field_value_validators.php');
36 use tool_uploaduser\local\field_value_validators;
38 $iid = optional_param('iid', '', PARAM_INT);
39 $previewrows = optional_param('previewrows', 10, PARAM_INT);
41 core_php_time_limit::raise(60*60); // 1 hour should be enough
42 raise_memory_limit(MEMORY_HUGE);
44 admin_externalpage_setup('tooluploaduser');
45 require_capability('moodle/site:uploadusers', context_system::instance());
47 $struserrenamed = get_string('userrenamed', 'tool_uploaduser');
48 $strusernotrenamedexists = get_string('usernotrenamedexists', 'error');
49 $strusernotrenamedmissing = get_string('usernotrenamedmissing', 'error');
50 $strusernotrenamedoff = get_string('usernotrenamedoff', 'error');
51 $strusernotrenamedadmin = get_string('usernotrenamedadmin', 'error');
53 $struserupdated = get_string('useraccountupdated', 'tool_uploaduser');
54 $strusernotupdated = get_string('usernotupdatederror', 'error');
55 $strusernotupdatednotexists = get_string('usernotupdatednotexists', 'error');
56 $strusernotupdatedadmin = get_string('usernotupdatedadmin', 'error');
58 $struseruptodate = get_string('useraccountuptodate', 'tool_uploaduser');
60 $struseradded = get_string('newuser');
61 $strusernotadded = get_string('usernotaddedregistered', 'error');
62 $strusernotaddederror = get_string('usernotaddederror', 'error');
64 $struserdeleted = get_string('userdeleted', 'tool_uploaduser');
65 $strusernotdeletederror = get_string('usernotdeletederror', 'error');
66 $strusernotdeletedmissing = get_string('usernotdeletedmissing', 'error');
67 $strusernotdeletedoff = get_string('usernotdeletedoff', 'error');
68 $strusernotdeletedadmin = get_string('usernotdeletedadmin', 'error');
70 $strcannotassignrole = get_string('cannotassignrole', 'error');
72 $struserauthunsupported = get_string('userauthunsupported', 'error');
73 $stremailduplicate = get_string('useremailduplicate', 'error');
75 $strinvalidpasswordpolicy = get_string('invalidpasswordpolicy', 'error');
76 $errorstr = get_string('error');
78 $stryes = get_string('yes');
79 $strno = get_string('no');
80 $stryesnooptions = array(0=>$strno, 1=>$stryes);
82 $returnurl = new moodle_url('/admin/tool/uploaduser/index.php');
83 $bulknurl = new moodle_url('/admin/user/user_bulk.php');
86 $today = make_timestamp(date('Y', $today), date('m', $today), date('d', $today), 0, 0, 0);
88 // array of all valid fields for validation
89 $STD_FIELDS = array('id', 'username', 'email',
90 'city', 'country', 'lang', 'timezone', 'mailformat',
91 'maildisplay', 'maildigest', 'htmleditor', 'autosubscribe',
92 'institution', 'department', 'idnumber', 'skype',
93 'msn', 'aim', 'yahoo', 'icq', 'phone1', 'phone2', 'address',
94 'url', 'description', 'descriptionformat', 'password',
95 'auth', // watch out when changing auth type or using external auth plugins!
96 'oldusername', // use when renaming users - this is the original username
97 'suspended', // 1 means suspend user account, 0 means activate user account, nothing means keep as is for existing users
98 'theme', // Define a theme for user when 'allowuserthemes' is enabled.
99 'deleted', // 1 means delete user
100 'mnethostid', // Can not be used for adding, updating or deleting of users - only for enrolments, groups, cohorts and suspending.
103 // Include all name fields.
104 $STD_FIELDS = array_merge($STD_FIELDS, get_all_user_name_fields());
106 $PRF_FIELDS = array();
107 if ($proffields = $DB->get_records('user_info_field')) {
108 foreach ($proffields as $key => $proffield) {
109 $profilefieldname = 'profile_field_'.$proffield->shortname;
110 $PRF_FIELDS[] = $profilefieldname;
111 // Re-index $proffields with key as shortname. This will be
112 // used while checking if profile data is key and needs to be converted (eg. menu profile field)
113 $proffields[$profilefieldname] = $proffield;
114 unset($proffields[$key]);
119 $mform1 = new admin_uploaduser_form1();
121 if ($formdata = $mform1->get_data()) {
122 $iid = csv_import_reader::get_new_iid('uploaduser');
123 $cir = new csv_import_reader($iid, 'uploaduser');
125 $content = $mform1->get_file_content('userfile');
127 $readcount = $cir->load_csv_content($content, $formdata->encoding, $formdata->delimiter_name);
128 $csvloaderror = $cir->get_error();
131 if (!is_null($csvloaderror)) {
132 print_error('csvloaderror', '', $returnurl, $csvloaderror);
134 // test if columns ok
135 $filecolumns = uu_validate_user_upload_columns($cir, $STD_FIELDS, $PRF_FIELDS, $returnurl);
139 echo $OUTPUT->header();
141 echo $OUTPUT->heading_with_help(get_string('uploadusers', 'tool_uploaduser'), 'uploadusers', 'tool_uploaduser');
144 echo $OUTPUT->footer();
148 $cir = new csv_import_reader($iid, 'uploaduser');
149 $filecolumns = uu_validate_user_upload_columns($cir, $STD_FIELDS, $PRF_FIELDS, $returnurl);
152 $mform2 = new admin_uploaduser_form2(null, array('columns'=>$filecolumns, 'data'=>array('iid'=>$iid, 'previewrows'=>$previewrows)));
154 // If a file has been uploaded, then process it
155 if ($formdata = $mform2->is_cancelled()) {
157 redirect($returnurl);
159 } else if ($formdata = $mform2->get_data()) {
161 echo $OUTPUT->header();
162 echo $OUTPUT->heading(get_string('uploadusersresult', 'tool_uploaduser'));
164 $optype = $formdata->uutype;
166 $updatetype = isset($formdata->uuupdatetype) ? $formdata->uuupdatetype : 0;
167 $createpasswords = (!empty($formdata->uupasswordnew) and $optype != UU_USER_UPDATE);
168 $updatepasswords = (!empty($formdata->uupasswordold) and $optype != UU_USER_ADDNEW and $optype != UU_USER_ADDINC and ($updatetype == UU_UPDATE_FILEOVERRIDE or $updatetype == UU_UPDATE_ALLOVERRIDE));
169 $allowrenames = (!empty($formdata->uuallowrenames) and $optype != UU_USER_ADDNEW and $optype != UU_USER_ADDINC);
170 $allowdeletes = (!empty($formdata->uuallowdeletes) and $optype != UU_USER_ADDNEW and $optype != UU_USER_ADDINC);
171 $allowsuspends = (!empty($formdata->uuallowsuspends));
172 $bulk = $formdata->uubulk;
173 $noemailduplicates = empty($CFG->allowaccountssameemail) ? 1 : $formdata->uunoemailduplicates;
174 $standardusernames = $formdata->uustandardusernames;
175 $resetpasswords = isset($formdata->uuforcepasswordchange) ? $formdata->uuforcepasswordchange : UU_PWRESET_NONE;
177 // verification moved to two places: after upload and into form2
180 $usersuptodate = 0; //not printed yet anywhere
190 $ccache = array(); // course cache - do not fetch all courses here, we will not probably use them all anyway!
192 $rolecache = uu_allowed_roles_cache(); // Course roles lookup cache.
193 $sysrolecache = uu_allowed_sysroles_cache(); // System roles lookup cache.
194 $manualcache = array(); // cache of used manual enrol plugins in each course
195 $supportedauths = uu_supported_auths(); // officially supported plugins that are enabled
197 // we use only manual enrol plugin here, if it is disabled no enrol is done
198 if (enrol_is_enabled('manual')) {
199 $manual = enrol_get_plugin('manual');
204 // clear bulk selection
206 $SESSION->bulk_users = array();
209 // init csv import helper
211 $linenum = 1; //column header is first line
213 // init upload progress tracker
214 $upt = new uu_progress_tracker();
215 $upt->start(); // start table
216 $validation = array();
217 while ($line = $cir->next()) {
221 $upt->track('line', $linenum);
223 $user = new stdClass();
225 // add fields to user object
226 foreach ($line as $keynum => $value) {
227 if (!isset($filecolumns[$keynum])) {
228 // this should not happen
231 $key = $filecolumns[$keynum];
232 if (strpos($key, 'profile_field_') === 0) {
233 //NOTE: bloody mega hack alert!!
234 if (isset($USER->$key) and is_array($USER->$key)) {
235 // this must be some hacky field that is abusing arrays to store content and format
236 $user->$key = array();
237 $user->{$key['text']} = $value;
238 $user->{$key['format']} = FORMAT_MOODLE;
240 $user->$key = trim($value);
243 $user->$key = trim($value);
246 if (in_array($key, $upt->columns)) {
247 // default value in progress tracking table, can be changed later
248 $upt->track($key, s($value), 'normal');
251 if (!isset($user->username)) {
252 // prevent warnings below
253 $user->username = '';
256 if ($optype == UU_USER_ADDNEW or $optype == UU_USER_ADDINC) {
257 // user creation is a special case - the username may be constructed from templates using firstname and lastname
258 // better never try this in mixed update types
260 if (!isset($user->firstname) or $user->firstname === '') {
261 $upt->track('status', get_string('missingfield', 'error', 'firstname'), 'error');
262 $upt->track('firstname', $errorstr, 'error');
265 if (!isset($user->lastname) or $user->lastname === '') {
266 $upt->track('status', get_string('missingfield', 'error', 'lastname'), 'error');
267 $upt->track('lastname', $errorstr, 'error');
274 // we require username too - we might use template for it though
275 if (empty($user->username) and !empty($formdata->username)) {
276 $user->username = uu_process_template($formdata->username, $user);
277 $upt->track('username', s($user->username));
281 // normalize username
282 $originalusername = $user->username;
283 if ($standardusernames) {
284 $user->username = core_user::clean_field($user->username, 'username');
287 // make sure we really have username
288 if (empty($user->username)) {
289 $upt->track('status', get_string('missingfield', 'error', 'username'), 'error');
290 $upt->track('username', $errorstr, 'error');
293 } else if ($user->username === 'guest') {
294 $upt->track('status', get_string('guestnoeditprofileother', 'error'), 'error');
299 if ($user->username !== core_user::clean_field($user->username, 'username')) {
300 $upt->track('status', get_string('invalidusername', 'error', 'username'), 'error');
301 $upt->track('username', $errorstr, 'error');
305 if (empty($user->mnethostid)) {
306 $user->mnethostid = $CFG->mnet_localhost_id;
309 if ($existinguser = $DB->get_record('user', array('username'=>$user->username, 'mnethostid'=>$user->mnethostid))) {
310 $upt->track('id', $existinguser->id, 'normal', false);
313 if ($user->mnethostid == $CFG->mnet_localhost_id) {
316 // Find out if username incrementing required.
317 if ($existinguser and $optype == UU_USER_ADDINC) {
318 $user->username = uu_increment_username($user->username);
319 $existinguser = false;
323 if (!$existinguser or $optype == UU_USER_ADDINC) {
324 $upt->track('status', get_string('errormnetadd', 'tool_uploaduser'), 'error');
331 // Make sure there are no changes of existing fields except the suspended status.
332 foreach ((array)$existinguser as $k => $v) {
333 if ($k === 'suspended') {
336 if (property_exists($user, $k)) {
339 if (in_array($k, $upt->columns)) {
340 if ($k === 'password' or $k === 'oldusername' or $k === 'deleted') {
341 $upt->track($k, '', 'normal', false);
343 $upt->track($k, s($v), 'normal', false);
347 unset($user->oldusername);
348 unset($user->password);
349 $user->auth = $existinguser->auth;
352 // notify about nay username changes
353 if ($originalusername !== $user->username) {
354 $upt->track('username', '', 'normal', false); // clear previous
355 $upt->track('username', s($originalusername).'-->'.s($user->username), 'info');
357 $upt->track('username', s($user->username), 'normal', false);
360 // Verify if the theme is valid and allowed to be set.
361 if (isset($user->theme)) {
362 list($status, $message) = field_value_validators::validate_theme($user->theme);
363 if ($status !== 'normal' && !empty($message)) {
364 $upt->track('status', $message, $status);
365 // Unset the theme when validation fails.
370 // add default values for remaining fields
371 $formdefaults = array();
372 if (!$existinguser || ($updatetype != UU_UPDATE_FILEOVERRIDE && $updatetype != UU_UPDATE_NOCHANGES)) {
373 foreach ($STD_FIELDS as $field) {
374 if (isset($user->$field)) {
377 // all validation moved to form2
378 if (isset($formdata->$field)) {
380 $user->$field = uu_process_template($formdata->$field, $user);
381 $formdefaults[$field] = true;
382 if (in_array($field, $upt->columns)) {
383 $upt->track($field, s($user->$field), 'normal');
387 foreach ($PRF_FIELDS as $field) {
388 if (isset($user->$field)) {
391 if (isset($formdata->$field)) {
393 $user->$field = uu_process_template($formdata->$field, $user);
395 // Form contains key and later code expects value.
396 // Convert key to value for required profile fields.
397 require_once($CFG->dirroot.'/user/profile/field/'.$proffields[$field]->datatype.'/field.class.php');
398 $profilefieldclass = 'profile_field_'.$proffields[$field]->datatype;
399 $profilefield = new $profilefieldclass($proffields[$field]->id);
400 if (method_exists($profilefield, 'convert_external_data')) {
401 $user->$field = $profilefield->edit_save_data_preprocess($user->$field, null);
404 $formdefaults[$field] = true;
410 if (!empty($user->deleted)) {
411 if (!$allowdeletes or $remoteuser) {
413 $upt->track('status', $strusernotdeletedoff, 'warning');
417 if (is_siteadmin($existinguser->id)) {
418 $upt->track('status', $strusernotdeletedadmin, 'error');
422 if (delete_user($existinguser)) {
423 $upt->track('status', $struserdeleted);
426 $upt->track('status', $strusernotdeletederror, 'error');
430 $upt->track('status', $strusernotdeletedmissing, 'error');
435 // we do not need the deleted flag anymore
436 unset($user->deleted);
438 // renaming requested?
439 if (!empty($user->oldusername) ) {
440 if (!$allowrenames) {
442 $upt->track('status', $strusernotrenamedoff, 'warning');
447 $upt->track('status', $strusernotrenamedexists, 'error');
452 if ($user->username === 'guest') {
453 $upt->track('status', get_string('guestnoeditprofileother', 'error'), 'error');
458 if ($standardusernames) {
459 $oldusername = core_user::clean_field($user->oldusername, 'username');
461 $oldusername = $user->oldusername;
464 // no guessing when looking for old username, it must be exact match
465 if ($olduser = $DB->get_record('user', array('username'=>$oldusername, 'mnethostid'=>$CFG->mnet_localhost_id))) {
466 $upt->track('id', $olduser->id, 'normal', false);
467 if (is_siteadmin($olduser->id)) {
468 $upt->track('status', $strusernotrenamedadmin, 'error');
472 $DB->set_field('user', 'username', $user->username, array('id'=>$olduser->id));
473 $upt->track('username', '', 'normal', false); // clear previous
474 $upt->track('username', s($oldusername).'-->'.s($user->username), 'info');
475 $upt->track('status', $struserrenamed);
478 $upt->track('status', $strusernotrenamedmissing, 'error');
482 $existinguser = $olduser;
483 $existinguser->username = $user->username;
486 // can we process with update or insert?
492 $upt->track('status', $strusernotadded, 'warning');
499 //this should not happen!
500 $upt->track('status', $strusernotaddederror, 'error');
506 case UU_USER_ADD_UPDATE:
510 if (!$existinguser) {
512 $upt->track('status', $strusernotupdatednotexists, 'warning');
527 $user->id = $existinguser->id;
529 $upt->track('username', html_writer::link(new moodle_url('/user/profile.php', array('id'=>$existinguser->id)), s($existinguser->username)), 'normal', false);
530 $upt->track('suspended', $stryesnooptions[$existinguser->suspended] , 'normal', false);
531 $upt->track('auth', $existinguser->auth, 'normal', false);
533 if (is_siteadmin($user->id)) {
534 $upt->track('status', $strusernotupdatedadmin, 'error');
539 $existinguser->timemodified = time();
540 // do NOT mess with timecreated or firstaccess here!
542 //load existing profile data
543 profile_load_data($existinguser);
548 if ($updatetype != UU_UPDATE_NOCHANGES and !$remoteuser) {
549 if (!empty($user->auth) and $user->auth !== $existinguser->auth) {
550 $upt->track('auth', s($existinguser->auth).'-->'.s($user->auth), 'info', false);
551 $existinguser->auth = $user->auth;
552 if (!isset($supportedauths[$user->auth])) {
553 $upt->track('auth', $struserauthunsupported, 'warning');
556 if ($existinguser->auth === 'nologin') {
560 $allcolumns = array_merge($STD_FIELDS, $PRF_FIELDS);
561 foreach ($allcolumns as $column) {
562 if ($column === 'username' or $column === 'password' or $column === 'auth' or $column === 'suspended') {
563 // these can not be changed here
566 if (!property_exists($user, $column) or !property_exists($existinguser, $column)) {
569 if ($updatetype == UU_UPDATE_MISSING) {
570 if (!is_null($existinguser->$column) and $existinguser->$column !== '') {
573 } else if ($updatetype == UU_UPDATE_ALLOVERRIDE) {
574 // we override everything
576 } else if ($updatetype == UU_UPDATE_FILEOVERRIDE) {
577 if (!empty($formdefaults[$column])) {
578 // do not override with form defaults
582 if ($existinguser->$column !== $user->$column) {
583 if ($column === 'email') {
584 $select = $DB->sql_like('email', ':email', false, true, false, '|');
585 $params = array('email' => $DB->sql_like_escape($user->email, '|'));
586 if ($DB->record_exists_select('user', $select , $params)) {
588 $changeincase = core_text::strtolower($existinguser->$column) === core_text::strtolower(
592 // If only case is different then switch to lower case and carry on.
593 $user->$column = core_text::strtolower($user->$column);
595 } else if ($noemailduplicates) {
596 $upt->track('email', $stremailduplicate, 'error');
597 $upt->track('status', $strusernotupdated, 'error');
601 $upt->track('email', $stremailduplicate, 'warning');
604 if (!validate_email($user->email)) {
605 $upt->track('email', get_string('invalidemail'), 'warning');
609 if ($column === 'lang') {
610 if (empty($user->lang)) {
611 // Do not change to not-set value.
613 } else if (core_user::clean_field($user->lang, 'lang') === '') {
614 $upt->track('status', get_string('cannotfindlang', 'error', $user->lang), 'warning');
619 if (in_array($column, $upt->columns)) {
620 $upt->track($column, s($existinguser->$column).'-->'.s($user->$column), 'info', false);
622 $existinguser->$column = $user->$column;
629 $auth = get_auth_plugin($existinguser->auth);
630 } catch (Exception $e) {
631 $upt->track('auth', get_string('userautherror', 'error', s($existinguser->auth)), 'error');
632 $upt->track('status', $strusernotupdated, 'error');
636 $isinternalauth = $auth->is_internal();
638 // deal with suspending and activating of accounts
639 if ($allowsuspends and isset($user->suspended) and $user->suspended !== '') {
640 $user->suspended = $user->suspended ? 1 : 0;
641 if ($existinguser->suspended != $user->suspended) {
642 $upt->track('suspended', '', 'normal', false);
643 $upt->track('suspended', $stryesnooptions[$existinguser->suspended].'-->'.$stryesnooptions[$user->suspended], 'info', false);
644 $existinguser->suspended = $user->suspended;
646 if ($existinguser->suspended) {
651 // Verify if the theme is valid and allowed to be set.
652 if (isset($existinguser->theme)) {
653 list($status, $message) = field_value_validators::validate_theme($existinguser->theme);
654 if ($status !== 'normal' && !empty($message)) {
655 $upt->track('status', $message, $status);
656 // Unset the theme when validation fails.
657 unset($existinguser->theme);
661 // changing of passwords is a special case
662 // do not force password changes for external auth plugins!
663 $oldpw = $existinguser->password;
666 // Do not mess with passwords of remote users.
668 } else if (!$isinternalauth) {
669 $existinguser->password = AUTH_PASSWORD_NOT_CACHED;
670 $upt->track('password', '-', 'normal', false);
672 unset_user_preference('create_password', $existinguser);
673 unset_user_preference('auth_forcepasswordchange', $existinguser);
675 } else if (!empty($user->password)) {
676 if ($updatepasswords) {
677 // Check for passwords that we want to force users to reset next
680 $weak = !check_password_policy($user->password, $errmsg);
681 if ($resetpasswords == UU_PWRESET_ALL or ($resetpasswords == UU_PWRESET_WEAK and $weak)) {
684 $upt->track('password', $strinvalidpasswordpolicy, 'warning');
686 set_user_preference('auth_forcepasswordchange', 1, $existinguser);
688 unset_user_preference('auth_forcepasswordchange', $existinguser);
690 unset_user_preference('create_password', $existinguser); // no need to create password any more
692 // Use a low cost factor when generating bcrypt hash otherwise
693 // hashing would be slow when uploading lots of users. Hashes
694 // will be automatically updated to a higher cost factor the first
695 // time the user logs in.
696 $existinguser->password = hash_internal_user_password($user->password, true);
697 $upt->track('password', $user->password, 'normal', false);
699 // do not print password when not changed
700 $upt->track('password', '', 'normal', false);
704 if ($doupdate or $existinguser->password !== $oldpw) {
705 // We want only users that were really updated.
706 user_update_user($existinguser, false, false);
708 $upt->track('status', $struserupdated);
712 // pre-process custom profile menu fields data from csv file
713 $existinguser = uu_pre_process_custom_profile_data($existinguser);
714 // save custom profile fields data from csv file
715 profile_save_data($existinguser);
718 if ($bulk == UU_BULK_UPDATED or $bulk == UU_BULK_ALL) {
719 if (!in_array($user->id, $SESSION->bulk_users)) {
720 $SESSION->bulk_users[] = $user->id;
725 \core\event\user_updated::create_from_userid($existinguser->id)->trigger();
728 // no user information changed
729 $upt->track('status', $struseruptodate);
732 if ($bulk == UU_BULK_ALL) {
733 if (!in_array($user->id, $SESSION->bulk_users)) {
734 $SESSION->bulk_users[] = $user->id;
740 \core\session\manager::kill_user_sessions($existinguser->id);
744 // save the new user to the database
745 $user->confirmed = 1;
746 $user->timemodified = time();
747 $user->timecreated = time();
748 $user->mnethostid = $CFG->mnet_localhost_id; // we support ONLY local accounts here, sorry
750 if (!isset($user->suspended) or $user->suspended === '') {
751 $user->suspended = 0;
753 $user->suspended = $user->suspended ? 1 : 0;
755 $upt->track('suspended', $stryesnooptions[$user->suspended], 'normal', false);
757 if (empty($user->auth)) {
758 $user->auth = 'manual';
760 $upt->track('auth', $user->auth, 'normal', false);
762 // do not insert record if new auth plugin does not exist!
764 $auth = get_auth_plugin($user->auth);
765 } catch (Exception $e) {
766 $upt->track('auth', get_string('userautherror', 'error', s($user->auth)), 'error');
767 $upt->track('status', $strusernotaddederror, 'error');
771 if (!isset($supportedauths[$user->auth])) {
772 $upt->track('auth', $struserauthunsupported, 'warning');
775 $isinternalauth = $auth->is_internal();
777 if (empty($user->email)) {
778 $upt->track('email', get_string('invalidemail'), 'error');
779 $upt->track('status', $strusernotaddederror, 'error');
783 } else if ($DB->record_exists('user', array('email'=>$user->email))) {
784 if ($noemailduplicates) {
785 $upt->track('email', $stremailduplicate, 'error');
786 $upt->track('status', $strusernotaddederror, 'error');
790 $upt->track('email', $stremailduplicate, 'warning');
793 if (!validate_email($user->email)) {
794 $upt->track('email', get_string('invalidemail'), 'warning');
797 if (empty($user->lang)) {
799 } else if (core_user::clean_field($user->lang, 'lang') === '') {
800 $upt->track('status', get_string('cannotfindlang', 'error', $user->lang), 'warning');
804 $forcechangepassword = false;
806 if ($isinternalauth) {
807 if (empty($user->password)) {
808 if ($createpasswords) {
809 $user->password = 'to be generated';
810 $upt->track('password', '', 'normal', false);
811 $upt->track('password', get_string('uupasswordcron', 'tool_uploaduser'), 'warning', false);
813 $upt->track('password', '', 'normal', false);
814 $upt->track('password', get_string('missingfield', 'error', 'password'), 'error');
815 $upt->track('status', $strusernotaddederror, 'error');
821 $weak = !check_password_policy($user->password, $errmsg);
822 if ($resetpasswords == UU_PWRESET_ALL or ($resetpasswords == UU_PWRESET_WEAK and $weak)) {
825 $upt->track('password', $strinvalidpasswordpolicy, 'warning');
827 $forcechangepassword = true;
829 // Use a low cost factor when generating bcrypt hash otherwise
830 // hashing would be slow when uploading lots of users. Hashes
831 // will be automatically updated to a higher cost factor the first
832 // time the user logs in.
833 $user->password = hash_internal_user_password($user->password, true);
836 $user->password = AUTH_PASSWORD_NOT_CACHED;
837 $upt->track('password', '-', 'normal', false);
840 $user->id = user_create_user($user, false, false);
841 $upt->track('username', html_writer::link(new moodle_url('/user/profile.php', array('id'=>$user->id)), s($user->username)), 'normal', false);
843 // pre-process custom profile menu fields data from csv file
844 $user = uu_pre_process_custom_profile_data($user);
845 // save custom profile fields data
846 profile_save_data($user);
848 if ($forcechangepassword) {
849 set_user_preference('auth_forcepasswordchange', 1, $user);
851 if ($user->password === 'to be generated') {
852 set_user_preference('create_password', 1, $user);
856 \core\event\user_created::create_from_userid($user->id)->trigger();
858 $upt->track('status', $struseradded);
859 $upt->track('id', $user->id, 'normal', false);
862 // make sure user context exists
863 context_user::instance($user->id);
865 if ($bulk == UU_BULK_NEW or $bulk == UU_BULK_ALL) {
866 if (!in_array($user->id, $SESSION->bulk_users)) {
867 $SESSION->bulk_users[] = $user->id;
872 // Update user interests.
873 if (isset($user->interests) && strval($user->interests) !== '') {
874 useredit_update_interests($user, preg_split('/\s*,\s*/', $user->interests, -1, PREG_SPLIT_NO_EMPTY));
877 // add to cohort first, it might trigger enrolments indirectly - do NOT create cohorts here!
878 foreach ($filecolumns as $column) {
879 if (!preg_match('/^cohort\d+$/', $column)) {
883 if (!empty($user->$column)) {
884 $addcohort = $user->$column;
885 if (!isset($cohorts[$addcohort])) {
886 if (is_number($addcohort)) {
887 // only non-numeric idnumbers!
888 $cohort = $DB->get_record('cohort', array('id'=>$addcohort));
890 $cohort = $DB->get_record('cohort', array('idnumber'=>$addcohort));
891 if (empty($cohort) && has_capability('moodle/cohort:manage', context_system::instance())) {
892 // Cohort was not found. Create a new one.
893 $cohortid = cohort_add_cohort((object)array(
894 'idnumber' => $addcohort,
895 'name' => $addcohort,
896 'contextid' => context_system::instance()->id
898 $cohort = $DB->get_record('cohort', array('id'=>$cohortid));
902 if (empty($cohort)) {
903 $cohorts[$addcohort] = get_string('unknowncohort', 'core_cohort', s($addcohort));
904 } else if (!empty($cohort->component)) {
905 // cohorts synchronised with external sources must not be modified!
906 $cohorts[$addcohort] = get_string('external', 'core_cohort');
908 $cohorts[$addcohort] = $cohort;
912 if (is_object($cohorts[$addcohort])) {
913 $cohort = $cohorts[$addcohort];
914 if (!$DB->record_exists('cohort_members', array('cohortid'=>$cohort->id, 'userid'=>$user->id))) {
915 cohort_add_member($cohort->id, $user->id);
916 // we might add special column later, for now let's abuse enrolments
917 $upt->track('enrolments', get_string('useradded', 'core_cohort', s($cohort->name)));
921 $upt->track('enrolments', $cohorts[$addcohort], 'error');
927 // find course enrolments, groups, roles/types and enrol periods
928 // this is again a special case, we always do this for any updated or created users
929 foreach ($filecolumns as $column) {
930 if (preg_match('/^sysrole\d+$/', $column)) {
932 if (!empty($user->$column)) {
933 $sysrolename = $user->$column;
934 if ($sysrolename[0] == '-') {
936 $sysrolename = substr($sysrolename, 1);
941 if (array_key_exists($sysrolename, $sysrolecache)) {
942 $sysroleid = $sysrolecache[$sysrolename]->id;
944 $upt->track('enrolments', get_string('unknownrole', 'error', s($sysrolename)), 'error');
949 if (user_has_role_assignment($user->id, $sysroleid, SYSCONTEXTID)) {
950 role_unassign($sysroleid, $user->id, SYSCONTEXTID);
951 $upt->track('enrolments', get_string('unassignedsysrole',
952 'tool_uploaduser', $sysrolecache[$sysroleid]->name));
955 if (!user_has_role_assignment($user->id, $sysroleid, SYSCONTEXTID)) {
956 role_assign($sysroleid, $user->id, SYSCONTEXTID);
957 $upt->track('enrolments', get_string('assignedsysrole',
958 'tool_uploaduser', $sysrolecache[$sysroleid]->name));
965 if (!preg_match('/^course\d+$/', $column)) {
968 $i = substr($column, 6);
970 if (empty($user->{'course'.$i})) {
973 $shortname = $user->{'course'.$i};
974 if (!array_key_exists($shortname, $ccache)) {
975 if (!$course = $DB->get_record('course', array('shortname'=>$shortname), 'id, shortname')) {
976 $upt->track('enrolments', get_string('unknowncourse', 'error', s($shortname)), 'error');
979 $ccache[$shortname] = $course;
980 $ccache[$shortname]->groups = null;
982 $courseid = $ccache[$shortname]->id;
983 $coursecontext = context_course::instance($courseid);
984 if (!isset($manualcache[$courseid])) {
985 $manualcache[$courseid] = false;
987 if ($instances = enrol_get_instances($courseid, false)) {
988 foreach ($instances as $instance) {
989 if ($instance->enrol === 'manual') {
990 $manualcache[$courseid] = $instance;
998 if ($courseid == SITEID) {
999 // Technically frontpage does not have enrolments, but only role assignments,
1000 // let's not invent new lang strings here for this rarely used feature.
1002 if (!empty($user->{'role'.$i})) {
1003 $rolename = $user->{'role'.$i};
1004 if (array_key_exists($rolename, $rolecache)) {
1005 $roleid = $rolecache[$rolename]->id;
1007 $upt->track('enrolments', get_string('unknownrole', 'error', s($rolename)), 'error');
1011 role_assign($roleid, $user->id, context_course::instance($courseid));
1013 $a = new stdClass();
1014 $a->course = $shortname;
1015 $a->role = $rolecache[$roleid]->name;
1016 $upt->track('enrolments', get_string('enrolledincourserole', 'enrol_manual', $a));
1019 } else if ($manual and $manualcache[$courseid]) {
1023 if (!empty($user->{'role'.$i})) {
1024 $rolename = $user->{'role'.$i};
1025 if (array_key_exists($rolename, $rolecache)) {
1026 $roleid = $rolecache[$rolename]->id;
1028 $upt->track('enrolments', get_string('unknownrole', 'error', s($rolename)), 'error');
1032 } else if (!empty($user->{'type'.$i})) {
1033 // if no role, then find "old" enrolment type
1034 $addtype = $user->{'type'.$i};
1035 if ($addtype < 1 or $addtype > 3) {
1036 $upt->track('enrolments', $strerror.': typeN = 1|2|3', 'error');
1038 } else if (empty($formdata->{'uulegacy'.$addtype})) {
1041 $roleid = $formdata->{'uulegacy'.$addtype};
1044 // no role specified, use the default from manual enrol plugin
1045 $roleid = $manualcache[$courseid]->roleid;
1049 // Find duration and/or enrol status.
1053 if (isset($user->{'enrolstatus'.$i})) {
1054 $enrolstatus = $user->{'enrolstatus'.$i};
1055 if ($enrolstatus == '') {
1057 } else if ($enrolstatus === (string)ENROL_USER_ACTIVE) {
1058 $status = ENROL_USER_ACTIVE;
1059 } else if ($enrolstatus === (string)ENROL_USER_SUSPENDED) {
1060 $status = ENROL_USER_SUSPENDED;
1062 debugging('Unknown enrolment status.');
1066 if (!empty($user->{'enrolperiod'.$i})) {
1067 $duration = (int)$user->{'enrolperiod'.$i} * 60*60*24; // convert days to seconds
1068 if ($duration > 0) { // sanity check
1069 $timeend = $today + $duration;
1071 } else if ($manualcache[$courseid]->enrolperiod > 0) {
1072 $timeend = $today + $manualcache[$courseid]->enrolperiod;
1075 $manual->enrol_user($manualcache[$courseid], $user->id, $roleid, $today, $timeend, $status);
1077 $a = new stdClass();
1078 $a->course = $shortname;
1079 $a->role = $rolecache[$roleid]->name;
1080 $upt->track('enrolments', get_string('enrolledincourserole', 'enrol_manual', $a));
1084 // find group to add to
1085 if (!empty($user->{'group'.$i})) {
1086 // make sure user is enrolled into course before adding into groups
1087 if (!is_enrolled($coursecontext, $user->id)) {
1088 $upt->track('enrolments', get_string('addedtogroupnotenrolled', '', $user->{'group'.$i}), 'error');
1092 if (is_null($ccache[$shortname]->groups)) {
1093 $ccache[$shortname]->groups = array();
1094 if ($groups = groups_get_all_groups($courseid)) {
1095 foreach ($groups as $gid=>$group) {
1096 $ccache[$shortname]->groups[$gid] = new stdClass();
1097 $ccache[$shortname]->groups[$gid]->id = $gid;
1098 $ccache[$shortname]->groups[$gid]->name = $group->name;
1099 if (!is_numeric($group->name)) { // only non-numeric names are supported!!!
1100 $ccache[$shortname]->groups[$group->name] = new stdClass();
1101 $ccache[$shortname]->groups[$group->name]->id = $gid;
1102 $ccache[$shortname]->groups[$group->name]->name = $group->name;
1108 $addgroup = $user->{'group'.$i};
1109 if (!array_key_exists($addgroup, $ccache[$shortname]->groups)) {
1110 // if group doesn't exist, create it
1111 $newgroupdata = new stdClass();
1112 $newgroupdata->name = $addgroup;
1113 $newgroupdata->courseid = $ccache[$shortname]->id;
1114 $newgroupdata->description = '';
1115 $gid = groups_create_group($newgroupdata);
1117 $ccache[$shortname]->groups[$addgroup] = new stdClass();
1118 $ccache[$shortname]->groups[$addgroup]->id = $gid;
1119 $ccache[$shortname]->groups[$addgroup]->name = $newgroupdata->name;
1121 $upt->track('enrolments', get_string('unknowngroup', 'error', s($addgroup)), 'error');
1125 $gid = $ccache[$shortname]->groups[$addgroup]->id;
1126 $gname = $ccache[$shortname]->groups[$addgroup]->name;
1129 if (groups_add_member($gid, $user->id)) {
1130 $upt->track('enrolments', get_string('addedtogroup', '', s($gname)));
1132 $upt->track('enrolments', get_string('addedtogroupnot', '', s($gname)), 'error');
1134 } catch (moodle_exception $e) {
1135 $upt->track('enrolments', get_string('addedtogroupnot', '', s($gname)), 'error');
1140 $validation[$user->username] = core_user::validate($user);
1142 $upt->close(); // close table
1143 if (!empty($validation)) {
1144 foreach ($validation as $username => $result) {
1145 if ($result !== true) {
1146 \core\notification::warning(get_string('invaliduserdata', 'tool_uploaduser', s($username)));
1151 $cir->cleanup(true);
1153 echo $OUTPUT->box_start('boxwidthnarrow boxaligncenter generalbox', 'uploadresults');
1155 if ($optype != UU_USER_UPDATE) {
1156 echo get_string('userscreated', 'tool_uploaduser').': '.$usersnew.'<br />';
1158 if ($optype == UU_USER_UPDATE or $optype == UU_USER_ADD_UPDATE) {
1159 echo get_string('usersupdated', 'tool_uploaduser').': '.$usersupdated.'<br />';
1161 if ($allowdeletes) {
1162 echo get_string('usersdeleted', 'tool_uploaduser').': '.$deletes.'<br />';
1163 echo get_string('deleteerrors', 'tool_uploaduser').': '.$deleteerrors.'<br />';
1165 if ($allowrenames) {
1166 echo get_string('usersrenamed', 'tool_uploaduser').': '.$renames.'<br />';
1167 echo get_string('renameerrors', 'tool_uploaduser').': '.$renameerrors.'<br />';
1169 if ($usersskipped) {
1170 echo get_string('usersskipped', 'tool_uploaduser').': '.$usersskipped.'<br />';
1172 echo get_string('usersweakpassword', 'tool_uploaduser').': '.$weakpasswords.'<br />';
1173 echo get_string('errors', 'tool_uploaduser').': '.$userserrors.'</p>';
1174 echo $OUTPUT->box_end();
1177 echo $OUTPUT->continue_button($bulknurl);
1179 echo $OUTPUT->continue_button($returnurl);
1181 echo $OUTPUT->footer();
1186 echo $OUTPUT->header();
1188 echo $OUTPUT->heading(get_string('uploaduserspreview', 'tool_uploaduser'));
1190 // NOTE: this is JUST csv processing preview, we must not prevent import from here if there is something in the file!!
1191 // this was intended for validation of csv formatting and encoding, not filtering the data!!!!
1192 // we definitely must not process the whole file!
1194 // preview table data
1197 $linenum = 1; //column header is first line
1198 $noerror = true; // Keep status of any error.
1199 while ($linenum <= $previewrows and $fields = $cir->next()) {
1202 $rowcols['line'] = $linenum;
1203 foreach($fields as $key => $field) {
1204 $rowcols[$filecolumns[$key]] = s(trim($field));
1206 $rowcols['status'] = array();
1208 if (isset($rowcols['username'])) {
1209 $stdusername = core_user::clean_field($rowcols['username'], 'username');
1210 if ($rowcols['username'] !== $stdusername) {
1211 $rowcols['status'][] = get_string('invalidusernameupload');
1213 if ($userid = $DB->get_field('user', 'id', array('username'=>$stdusername, 'mnethostid'=>$CFG->mnet_localhost_id))) {
1214 $rowcols['username'] = html_writer::link(new moodle_url('/user/profile.php', array('id'=>$userid)), $rowcols['username']);
1217 $rowcols['status'][] = get_string('missingusername');
1220 if (isset($rowcols['email'])) {
1221 if (!validate_email($rowcols['email'])) {
1222 $rowcols['status'][] = get_string('invalidemail');
1225 $select = $DB->sql_like('email', ':email', false, true, false, '|');
1226 $params = array('email' => $DB->sql_like_escape($rowcols['email'], '|'));
1227 if ($DB->record_exists_select('user', $select , $params)) {
1228 $rowcols['status'][] = $stremailduplicate;
1232 if (isset($rowcols['city'])) {
1233 $rowcols['city'] = $rowcols['city'];
1236 if (isset($rowcols['theme'])) {
1237 list($status, $message) = field_value_validators::validate_theme($rowcols['theme']);
1238 if ($status !== 'normal' && !empty($message)) {
1239 $rowcols['status'][] = $message;
1243 // Check if rowcols have custom profile field with correct data and update error state.
1244 $noerror = uu_check_custom_profile_data($rowcols) && $noerror;
1245 $rowcols['status'] = implode('<br />', $rowcols['status']);
1248 if ($fields = $cir->next()) {
1249 $data[] = array_fill(0, count($fields) + 2, '...');
1253 $table = new html_table();
1254 $table->id = "uupreview";
1255 $table->attributes['class'] = 'generaltable';
1256 $table->tablealign = 'center';
1257 $table->summary = get_string('uploaduserspreview', 'tool_uploaduser');
1258 $table->head = array();
1259 $table->data = $data;
1261 $table->head[] = get_string('uucsvline', 'tool_uploaduser');
1262 foreach ($filecolumns as $column) {
1263 $table->head[] = $column;
1265 $table->head[] = get_string('status');
1267 echo html_writer::tag('div', html_writer::table($table), array('class'=>'flexible-wrap'));
1269 // Print the form if valid values are available
1273 echo $OUTPUT->footer();
