admin/user.php

   1 <?PHP // $Id$
   2
   3         require("../config.php");
   4         require("../user/lib.php");
   5     require("../lib/countries.php");
   6
   7     $recordsperpage = 100;
   8
   9     optional_variable($newuser, "");
  10     optional_variable($delete, "");
  11     optional_variable($confirm, "");
  12     optional_variable($sort, "name");
  13     optional_variable($dir, "ASC");
  14     optional_variable($page, 0);
  15
  16     if (! record_exists_sql("SELECT * FROM user_admins")) {   // No admin user yet
  17         $user->firstname = "Admin";
  18         $user->lastname  = "User";
  19         $user->username  = "admin";
  20         $user->password  = md5("admin");
  21         $user->email     = "root@localhost";
  22         $user->confirmed = 1;
  23         $user->lang = $CFG->lang;
  24         $user->maildisplay = 1;
  25         $user->timemodified = time();
  26
  27         if (! $user->id = insert_record("user", $user)) {
  28             error("SERIOUS ERROR: Could not create admin user record !!!");
  29         }
  30
  31         $admin->user = $user->id;
  32
  33         if (! insert_record("user_admins", $admin)) {
  34             error("Could not make user $user->id an admin !!!");
  35         }
  36
  37         if (! $user = get_record("user", "id", $user->id)) {     // Double check
  38             error("User ID was incorrect (can't find it)");
  39         }
  40
  41         if (! $site = get_site()) {
  42             error("Could not find site-level course");
  43         }
  44
  45         $teacher->user = $user->id;
  46         $teacher->course = $site->id;
  47         $teacher->authority = 1;
  48         if (! insert_record("user_teachers", $teacher)) {
  49             error("Could not make user $id a teacher of site-level course !!!");
  50         }
  51
  52         $USER = $user;
  53         $USER->loggedin = true;
  54         $USER->site = $CFG->wwwroot;
  55         $USER->admin = true;
  56         $USER->teacher["$site->id"] = true;
  57         save_session("USER");
  58
  59         redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
  60
  61     } else {
  62         if (! $site = get_site()) {
  63             error("Could not find site-level course");
  64         }
  65     }
  66
  67     require_login();
  68
  69     if (!isadmin()) {
  70         error("You must be an administrator to edit users this way.");
  71     }
  72
  73     if ($newuser) {                 // Create a new user
  74         $user->firstname = "";
  75         $user->lastname  = "";
  76         $user->username  = "changeme";
  77         $user->password  = "";
  78         $user->email     = "";
  79         $user->lang      = $CFG->lang;
  80         $user->confirmed = 1;
  81         $user->timemodified = time();
  82
  83         if (! $user->id = insert_record("user", $user)) {
  84             if (!$user = get_record("user", "username", "changeme")) {   // half finished user from another time
  85                 error("Could not start a new user!");
  86             }
  87         }
  88
  89         redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
  90
  91     } else {                        // List all users for editing
  92
  93         $stredituser = get_string("edituser");
  94         $stradministration = get_string("administration");
  95         $stredit   = get_string("edit");
  96         $strdelete = get_string("delete");
  97         $strdeletecheck = get_string("deletecheck");
  98
  99         print_header("$site->shortname: $stredituser", $site->fullname,
 100                      "<A HREF=\"index.php\">$stradministration</A> -> $stredituser");
 101
 102         if ($delete) {              // Delete a selected user, after confirmation
 103             if (!$user = get_record("user", "id", "$delete")) {
 104                 error("No such user!");
 105             }
 106             if ($confirm != md5($delete)) {
 107                 notice_yesno(get_string("deletecheckfull", "", "'$user->firstname $user->lastname'"),
 108                      "user.php?delete=$delete&confirm=".md5($delete), "user.php");
 109
 110                 exit;
 111             } else if (!$user->deleted) {
 112                 $user->deleted = "1";
 113                 $user->username = $user->email;  // Remember it just in case
 114                 $user->email = "";               // Clear this field to free it up
 115                 $user->timemodified = time();
 116                 if (update_record("user", $user)) {
 117                     unenrol_student($user->id);  // From all courses
 118                     remove_teacher($user->id);   // From all courses
 119                     remove_admin($user->id);
 120                     notify(get_string("deletedactivity", "", "$user->firstname $user->lastname"));
 121                 } else {
 122                     notify(get_string("deletednot", "", "$user->firstname $user->lastname"));
 123                 }
 124             }
 125         }
 126
 127         // Carry on with the user listing
 128
 129         if (!$user = get_record_sql("SELECT count(*) as count FROM user WHERE username <> 'guest' AND deleted <> '1'")) {
 130             error("Could not search for users?");
 131         }
 132
 133         $usercount = $user->count;
 134
 135         $columns = array("name", "email", "city", "country", "lastaccess");
 136
 137         foreach ($columns as $column) {
 138             $string[$column] = get_string("$column");
 139             $columnsort = "$column";
 140             if ($column == "lastaccess") {
 141                 $columndir = "DESC";
 142             } else {
 143                 $columndir = "ASC";
 144             }
 145             if ($columnsort == $sort) {
 146                $$column = $string[$column];
 147             } else {
 148                $$column = "<A HREF=\"user.php?sort=$columnsort&dir=$columndir\">".$string[$column]."</A>";
 149             }
 150         }
 151
 152         if ($sort == "name") {
 153             $sort = "firstname";
 154         }
 155
 156         if ($users = get_records_sql("SELECT id, username, email, firstname, lastname, city, country, lastaccess  from user WHERE username <> 'guest'
 157                                       AND deleted <> '1' ORDER BY $sort $dir LIMIT $page,$recordsperpage")) {
 158
 159             print_heading("$usercount ".get_string("users"));
 160
 161             $a->start = $page;
 162             $a->end = $page + $recordsperpage;
 163             if ($a->end > $usercount) {
 164                 $a->end = $usercount;
 165             }
 166             echo "<TABLE align=center cellpadding=10><TR>";
 167             echo "<TD>";
 168             if ($page) {
 169                 $prevpage = $page - $recordsperpage;
 170                 if ($prevpage < 0) {
 171                     $prevpage = 0;
 172                 }
 173                 $options["dir"] = $dir;
 174                 $options["page"] = 0;
 175                 $options["sort"] = $sort;
 176                 print_single_button("user.php", $options, "  <<  ");
 177                 echo "</TD><TD>";
 178                 $options["page"] = $prevpage;
 179                 print_single_button("user.php", $options, "  <  ");
 180             }
 181             echo "</TD><TD>";
 182             print_heading(get_string("displayingusers", "", $a));
 183             echo "</TD><TD>";
 184             $nextpage = $page + $recordsperpage;
 185             if ($nextpage < $usercount) {
 186                 $options["dir"] = $dir;
 187                 $options["page"] = $nextpage;
 188                 $options["sort"] = $sort;
 189                 print_single_button("user.php", $options, "  >  ");
 190                 echo "</TD><TD>";
 191                 $options["page"] = $usercount-$recordsperpage;
 192                 print_single_button("user.php", $options, "  >>  ");
 193             }
 194             echo "</TD></TR></TABLE>";
 195
 196             flush();
 197
 198             foreach ($users as $key => $user) {
 199                 $users[$key]->country = $COUNTRIES[$user->country];
 200             }
 201             if ($sort == "country") {  // Need to resort by full country name, not code
 202                 foreach ($users as $user) {
 203                     $susers[$user->id] = $user->country;
 204                 }
 205                 asort($susers);
 206                 foreach ($susers as $key => $value) {
 207                     $nusers[] = $users[$key];
 208                 }
 209                 $users = $nusers;
 210             }
 211
 212             $table->head = array ($name, $email, $city, $country, $lastaccess, "", "");
 213             $table->align = array ("LEFT", "LEFT", "LEFT", "LEFT", "LEFT", "CENTER", "CENTER");
 214             $table->width = "95%";
 215             foreach ($users as $user) {
 216                 if ($user->id == $USER->id or $user->username == "changeme") {
 217                     $deletebutton = "";
 218                 } else {
 219                     $deletebutton = "<A HREF=\"user.php?delete=$user->id\" TARGET=\"$strdeletecheck\">$strdelete</A>";
 220                 }
 221                 if ($user->lastaccess) {
 222                     $strlastaccess = format_time(time() - $user->lastaccess);
 223                 } else {
 224                     $strlastaccess = get_string("never");
 225                 }
 226                 $table->data[] = array ("<A HREF=\"../user/view.php?id=$user->id&course=$site->id\">$user->firstname $user->lastname</A>",
 227                                  "$user->email",
 228                                  "$user->city",
 229                                  "$user->country",
 230                                  $strlastaccess,
 231                                  "<A HREF=\"../user/edit.php?id=$user->id&course=$site->id\">$stredit</A>",
 232                                  $deletebutton);
 233             }
 234             print_table($table);
 235
 236             print_heading("<A HREF=\"user.php?newuser=true\">".get_string("addnewuser")."</A>");
 237         } else {
 238             error("No users found!");
 239
 240         }
 241         print_footer();
 242     }
 243
 244 ?>