MDL-32787 user: rule required for custom profile fields applies to all users editing...
[moodle.git] / user / edit_form.php
1 <?php
3 if (!defined('MOODLE_INTERNAL')) {
4     die('Direct access to this script is forbidden.');    ///  It must be included from a Moodle page
5 }
7 require_once($CFG->dirroot.'/lib/formslib.php');
9 class user_edit_form extends moodleform {
11     // Define the form
12     function definition () {
13         global $CFG, $COURSE, $USER;
15         $mform =& $this->_form;
16         $editoroptions = null;
17         $filemanageroptions = null;
18         $userid = $USER->id;
20         if (is_array($this->_customdata)) {
21             if (array_key_exists('editoroptions', $this->_customdata)) {
22                 $editoroptions = $this->_customdata['editoroptions'];
23             }
24             if (array_key_exists('filemanageroptions', $this->_customdata)) {
25                 $filemanageroptions = $this->_customdata['filemanageroptions'];
26             }
27             if (array_key_exists('userid', $this->_customdata)) {
28                 $userid = $this->_customdata['userid'];
29             }
30         }
31         //Accessibility: "Required" is bad legend text.
32         $strgeneral  = get_string('general');
33         $strrequired = get_string('required');
35         /// Add some extra hidden fields
36         $mform->addElement('hidden', 'id');
37         $mform->setType('id', PARAM_INT);
38         $mform->addElement('hidden', 'course', $COURSE->id);
39         $mform->setType('course', PARAM_INT);
41         /// Print the required moodle fields first
42         $mform->addElement('header', 'moodle', $strgeneral);
44         /// shared fields
45         useredit_shared_definition($mform, $editoroptions, $filemanageroptions);
47         /// extra settigs
48         if (!empty($CFG->gdversion) and !empty($CFG->disableuserimages)) {
49             $mform->removeElement('deletepicture');
50             $mform->removeElement('imagefile');
51             $mform->removeElement('imagealt');
52         }
54         /// Next the customisable profile fields
55         profile_definition($mform, $userid);
57         $this->add_action_buttons(false, get_string('updatemyprofile'));
58     }
60     function definition_after_data() {
61         global $CFG, $DB, $OUTPUT;
63         $mform =& $this->_form;
64         $userid = $mform->getElementValue('id');
66         // if language does not exist, use site default lang
67         if ($langsel = $mform->getElementValue('lang')) {
68             $lang = reset($langsel);
69             // check lang exists
70             if (!get_string_manager()->translation_exists($lang, false)) {
71                 $lang_el =& $mform->getElement('lang');
72                 $lang_el->setValue($CFG->lang);
73             }
74         }
77         if ($user = $DB->get_record('user', array('id'=>$userid))) {
79             // remove description
80             if (empty($user->description) && !empty($CFG->profilesforenrolledusersonly) && !$DB->record_exists('role_assignments', array('userid'=>$userid))) {
81                 $mform->removeElement('description_editor');
82             }
84             // print picture
85             if (!empty($CFG->gdversion)) {
86                 $context = get_context_instance(CONTEXT_USER, $user->id, MUST_EXIST);
87                 $fs = get_file_storage();
88                 $hasuploadedpicture = ($fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.png') || $fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.jpg'));
89                 if (!empty($user->picture) && $hasuploadedpicture) {
90                     $imagevalue = $OUTPUT->user_picture($user, array('courseid' => SITEID, 'size'=>64));
91                 } else {
92                     $imagevalue = get_string('none');
93                 }
94                 $imageelement = $mform->getElement('currentpicture');
95                 $imageelement->setValue($imagevalue);
97                 if ($mform->elementExists('deletepicture') && !$hasuploadedpicture) {
98                     $mform->removeElement('deletepicture');
99                 }
100             }
102             /// disable fields that are locked by auth plugins
103             $fields = get_user_fieldnames();
104             $authplugin = get_auth_plugin($user->auth);
105             foreach ($fields as $field) {
106                 if (!$mform->elementExists($field)) {
107                     continue;
108                 }
109                 $configvariable = 'field_lock_' . $field;
110                 if (isset($authplugin->config->{$configvariable})) {
111                     if ($authplugin->config->{$configvariable} === 'locked') {
112                         $mform->hardFreeze($field);
113                         $mform->setConstant($field, $user->$field);
114                     } else if ($authplugin->config->{$configvariable} === 'unlockedifempty' and $user->$field != '') {
115                         $mform->hardFreeze($field);
116                         $mform->setConstant($field, $user->$field);
117                     }
118                 }
119             }
121             /// Next the customisable profile fields
122             profile_definition_after_data($mform, $user->id);
124         } else {
125             profile_definition_after_data($mform, 0);
126         }
127     }
129     function validation($usernew, $files) {
130         global $CFG, $DB;
132         $errors = parent::validation($usernew, $files);
134         $usernew = (object)$usernew;
135         $user    = $DB->get_record('user', array('id'=>$usernew->id));
137         // validate email
138         if (!isset($usernew->email)) {
139             // mail not confirmed yet
140         } else if (!validate_email($usernew->email)) {
141             $errors['email'] = get_string('invalidemail');
142         } else if (($usernew->email !== $user->email) and $DB->record_exists('user', array('email'=>$usernew->email, 'mnethostid'=>$CFG->mnet_localhost_id))) {
143             $errors['email'] = get_string('emailexists');
144         }
146         if (isset($usernew->email) and $usernew->email === $user->email and over_bounce_threshold($user)) {
147             $errors['email'] = get_string('toomanybounces');
148         }
150         if (isset($usernew->email) and !empty($CFG->verifychangedemail) and !isset($errors['email']) and !has_capability('moodle/user:update', get_context_instance(CONTEXT_SYSTEM))) {
151             $errorstr = email_is_not_allowed($usernew->email);
152             if ($errorstr !== false) {
153                 $errors['email'] = $errorstr;
154             }
155         }
157         /// Next the customisable profile fields
158         $errors += profile_validation($usernew, $files);
160         return $errors;
161     }