2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
21 * @copyright 2009 Moodle Pty Ltd (http://moodle.com)
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 define('USER_FILTER_ENROLMENT', 1);
26 define('USER_FILTER_GROUP', 2);
27 define('USER_FILTER_LAST_ACCESS', 3);
28 define('USER_FILTER_ROLE', 4);
29 define('USER_FILTER_STATUS', 5);
30 define('USER_FILTER_STRING', 6);
35 * @throws moodle_exception
36 * @param stdClass $user user to create
37 * @param bool $updatepassword if true, authentication plugin will update password.
38 * @param bool $triggerevent set false if user_created event should not be triggred.
39 * This will not affect user_password_updated event triggering.
40 * @return int id of the newly created user
42 function user_create_user($user, $updatepassword = true, $triggerevent = true) {
45 // Set the timecreate field to the current time.
46 if (!is_object($user)) {
47 $user = (object) $user;
51 if ($user->username
!== core_text
::strtolower($user->username
)) {
52 throw new moodle_exception('usernamelowercase');
54 if ($user->username
!== core_user
::clean_field($user->username
, 'username')) {
55 throw new moodle_exception('invalidusername');
59 // Save the password in a temp value for later.
60 if ($updatepassword && isset($user->password
)) {
62 // Check password toward the password policy.
63 if (!check_password_policy($user->password
, $errmsg)) {
64 throw new moodle_exception($errmsg);
67 $userpassword = $user->password
;
68 unset($user->password
);
71 // Apply default values for user preferences that are stored in users table.
72 if (!isset($user->calendartype
)) {
73 $user->calendartype
= core_user
::get_property_default('calendartype');
75 if (!isset($user->maildisplay
)) {
76 $user->maildisplay
= core_user
::get_property_default('maildisplay');
78 if (!isset($user->mailformat
)) {
79 $user->mailformat
= core_user
::get_property_default('mailformat');
81 if (!isset($user->maildigest
)) {
82 $user->maildigest
= core_user
::get_property_default('maildigest');
84 if (!isset($user->autosubscribe
)) {
85 $user->autosubscribe
= core_user
::get_property_default('autosubscribe');
87 if (!isset($user->trackforums
)) {
88 $user->trackforums
= core_user
::get_property_default('trackforums');
90 if (!isset($user->lang
)) {
91 $user->lang
= core_user
::get_property_default('lang');
94 $user->timecreated
= time();
95 $user->timemodified
= $user->timecreated
;
97 // Validate user data object.
98 $uservalidation = core_user
::validate($user);
99 if ($uservalidation !== true) {
100 foreach ($uservalidation as $field => $message) {
101 debugging("The property '$field' has invalid data and has been cleaned.", DEBUG_DEVELOPER
);
102 $user->$field = core_user
::clean_field($user->$field, $field);
106 // Insert the user into the database.
107 $newuserid = $DB->insert_record('user', $user);
109 // Create USER context for this user.
110 $usercontext = context_user
::instance($newuserid);
112 // Update user password if necessary.
113 if (isset($userpassword)) {
114 // Get full database user row, in case auth is default.
115 $newuser = $DB->get_record('user', array('id' => $newuserid));
116 $authplugin = get_auth_plugin($newuser->auth
);
117 $authplugin->user_update_password($newuser, $userpassword);
120 // Trigger event If required.
122 \core\event\user_created
::create_from_userid($newuserid)->trigger();
129 * Update a user with a user object (will compare against the ID)
131 * @throws moodle_exception
132 * @param stdClass $user the user to update
133 * @param bool $updatepassword if true, authentication plugin will update password.
134 * @param bool $triggerevent set false if user_updated event should not be triggred.
135 * This will not affect user_password_updated event triggering.
137 function user_update_user($user, $updatepassword = true, $triggerevent = true) {
140 // Set the timecreate field to the current time.
141 if (!is_object($user)) {
142 $user = (object) $user;
146 if (isset($user->username
)) {
147 if ($user->username
!== core_text
::strtolower($user->username
)) {
148 throw new moodle_exception('usernamelowercase');
150 if ($user->username
!== core_user
::clean_field($user->username
, 'username')) {
151 throw new moodle_exception('invalidusername');
156 // Unset password here, for updating later, if password update is required.
157 if ($updatepassword && isset($user->password
)) {
159 // Check password toward the password policy.
160 if (!check_password_policy($user->password
, $errmsg)) {
161 throw new moodle_exception($errmsg);
164 $passwd = $user->password
;
165 unset($user->password
);
168 // Make sure calendartype, if set, is valid.
169 if (empty($user->calendartype
)) {
170 // Unset this variable, must be an empty string, which we do not want to update the calendartype to.
171 unset($user->calendartype
);
174 $user->timemodified
= time();
176 // Validate user data object.
177 $uservalidation = core_user
::validate($user);
178 if ($uservalidation !== true) {
179 foreach ($uservalidation as $field => $message) {
180 debugging("The property '$field' has invalid data and has been cleaned.", DEBUG_DEVELOPER
);
181 $user->$field = core_user
::clean_field($user->$field, $field);
185 $DB->update_record('user', $user);
187 if ($updatepassword) {
188 // Get full user record.
189 $updateduser = $DB->get_record('user', array('id' => $user->id
));
191 // If password was set, then update its hash.
192 if (isset($passwd)) {
193 $authplugin = get_auth_plugin($updateduser->auth
);
194 if ($authplugin->can_change_password()) {
195 $authplugin->user_update_password($updateduser, $passwd);
199 // Trigger event if required.
201 \core\event\user_updated
::create_from_userid($user->id
)->trigger();
206 * Marks user deleted in internal user database and notifies the auth plugin.
207 * Also unenrols user from all roles and does other cleanup.
209 * @todo Decide if this transaction is really needed (look for internal TODO:)
210 * @param object $user Userobject before delete (without system magic quotes)
211 * @return boolean success
213 function user_delete_user($user) {
214 return delete_user($user);
220 * @param array $userids id of users to retrieve
223 function user_get_users_by_id($userids) {
225 return $DB->get_records_list('user', 'id', $userids);
229 * Returns the list of default 'displayable' fields
231 * Contains database field names but also names used to generate information, such as enrolledcourses
233 * @return array of user fields
235 function user_get_default_fields() {
236 return array( 'id', 'username', 'fullname', 'firstname', 'lastname', 'email',
237 'address', 'phone1', 'phone2', 'icq', 'skype', 'yahoo', 'aim', 'msn', 'department',
238 'institution', 'interests', 'firstaccess', 'lastaccess', 'auth', 'confirmed',
239 'idnumber', 'lang', 'theme', 'timezone', 'mailformat', 'description', 'descriptionformat',
240 'city', 'url', 'country', 'profileimageurlsmall', 'profileimageurl', 'customfields',
241 'groups', 'roles', 'preferences', 'enrolledcourses', 'suspended'
247 * Give user record from mdl_user, build an array contains all user details.
249 * Warning: description file urls are 'webservice/pluginfile.php' is use.
250 * it can be changed with $CFG->moodlewstextformatlinkstoimagesfile
252 * @throws moodle_exception
253 * @param stdClass $user user record from mdl_user
254 * @param stdClass $course moodle course
255 * @param array $userfields required fields
258 function user_get_user_details($user, $course = null, array $userfields = array()) {
259 global $USER, $DB, $CFG, $PAGE;
260 require_once($CFG->dirroot
. "/user/profile/lib.php"); // Custom field library.
261 require_once($CFG->dirroot
. "/lib/filelib.php"); // File handling on description and friends.
263 $defaultfields = user_get_default_fields();
265 if (empty($userfields)) {
266 $userfields = $defaultfields;
269 foreach ($userfields as $thefield) {
270 if (!in_array($thefield, $defaultfields)) {
271 throw new moodle_exception('invaliduserfield', 'error', '', $thefield);
275 // Make sure id and fullname are included.
276 if (!in_array('id', $userfields)) {
277 $userfields[] = 'id';
280 if (!in_array('fullname', $userfields)) {
281 $userfields[] = 'fullname';
284 if (!empty($course)) {
285 $context = context_course
::instance($course->id
);
286 $usercontext = context_user
::instance($user->id
);
287 $canviewdetailscap = (has_capability('moodle/user:viewdetails', $context) ||
has_capability('moodle/user:viewdetails', $usercontext));
289 $context = context_user
::instance($user->id
);
290 $usercontext = $context;
291 $canviewdetailscap = has_capability('moodle/user:viewdetails', $usercontext);
294 $currentuser = ($user->id
== $USER->id
);
295 $isadmin = is_siteadmin($USER);
297 $showuseridentityfields = get_extra_user_fields($context);
299 if (!empty($course)) {
300 $canviewhiddenuserfields = has_capability('moodle/course:viewhiddenuserfields', $context);
302 $canviewhiddenuserfields = has_capability('moodle/user:viewhiddendetails', $context);
304 $canviewfullnames = has_capability('moodle/site:viewfullnames', $context);
305 if (!empty($course)) {
306 $canviewuseremail = has_capability('moodle/course:useremail', $context);
308 $canviewuseremail = false;
310 $cannotviewdescription = !empty($CFG->profilesforenrolledusersonly
) && !$currentuser && !$DB->record_exists('role_assignments', array('userid' => $user->id
));
311 if (!empty($course)) {
312 $canaccessallgroups = has_capability('moodle/site:accessallgroups', $context);
314 $canaccessallgroups = false;
317 if (!$currentuser && !$canviewdetailscap && !has_coursecontact_role($user->id
)) {
318 // Skip this user details.
322 $userdetails = array();
323 $userdetails['id'] = $user->id
;
325 if (in_array('username', $userfields)) {
326 if ($currentuser or has_capability('moodle/user:viewalldetails', $context)) {
327 $userdetails['username'] = $user->username
;
330 if ($isadmin or $canviewfullnames) {
331 if (in_array('firstname', $userfields)) {
332 $userdetails['firstname'] = $user->firstname
;
334 if (in_array('lastname', $userfields)) {
335 $userdetails['lastname'] = $user->lastname
;
338 $userdetails['fullname'] = fullname($user);
340 if (in_array('customfields', $userfields)) {
341 $categories = profile_get_user_fields_with_data_by_category($user->id
);
342 $userdetails['customfields'] = array();
343 foreach ($categories as $categoryid => $fields) {
344 foreach ($fields as $formfield) {
345 if ($formfield->is_visible() and !$formfield->is_empty()) {
347 // TODO: Part of MDL-50728, this conditional coding must be moved to
348 // proper profile fields API so they are self-contained.
349 // We only use display_data in fields that require text formatting.
350 if ($formfield->field
->datatype
== 'text' or $formfield->field
->datatype
== 'textarea') {
351 $fieldvalue = $formfield->display_data();
353 // Cases: datetime, checkbox and menu.
354 $fieldvalue = $formfield->data
;
357 $userdetails['customfields'][] =
358 array('name' => $formfield->field
->name
, 'value' => $fieldvalue,
359 'type' => $formfield->field
->datatype
, 'shortname' => $formfield->field
->shortname
);
363 // Unset customfields if it's empty.
364 if (empty($userdetails['customfields'])) {
365 unset($userdetails['customfields']);
370 if (in_array('profileimageurl', $userfields)) {
371 $userpicture = new user_picture($user);
372 $userpicture->size
= 1; // Size f1.
373 $userdetails['profileimageurl'] = $userpicture->get_url($PAGE)->out(false);
375 if (in_array('profileimageurlsmall', $userfields)) {
376 if (!isset($userpicture)) {
377 $userpicture = new user_picture($user);
379 $userpicture->size
= 0; // Size f2.
380 $userdetails['profileimageurlsmall'] = $userpicture->get_url($PAGE)->out(false);
383 // Hidden user field.
384 if ($canviewhiddenuserfields) {
385 $hiddenfields = array();
386 // Address, phone1 and phone2 not appears in hidden fields list but require viewhiddenfields capability
387 // according to user/profile.php.
388 if (!empty($user->address
) && in_array('address', $userfields)) {
389 $userdetails['address'] = $user->address
;
392 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields
));
395 if (!empty($user->phone1
) && in_array('phone1', $userfields) &&
396 (in_array('phone1', $showuseridentityfields) or $canviewhiddenuserfields)) {
397 $userdetails['phone1'] = $user->phone1
;
399 if (!empty($user->phone2
) && in_array('phone2', $userfields) &&
400 (in_array('phone2', $showuseridentityfields) or $canviewhiddenuserfields)) {
401 $userdetails['phone2'] = $user->phone2
;
404 if (isset($user->description
) &&
405 ((!isset($hiddenfields['description']) && !$cannotviewdescription) or $isadmin)) {
406 if (in_array('description', $userfields)) {
407 // Always return the descriptionformat if description is requested.
408 list($userdetails['description'], $userdetails['descriptionformat']) =
409 external_format_text($user->description
, $user->descriptionformat
,
410 $usercontext->id
, 'user', 'profile', null);
414 if (in_array('country', $userfields) && (!isset($hiddenfields['country']) or $isadmin) && $user->country
) {
415 $userdetails['country'] = $user->country
;
418 if (in_array('city', $userfields) && (!isset($hiddenfields['city']) or $isadmin) && $user->city
) {
419 $userdetails['city'] = $user->city
;
422 if (in_array('url', $userfields) && $user->url
&& (!isset($hiddenfields['webpage']) or $isadmin)) {
424 if (strpos($user->url
, '://') === false) {
425 $url = 'http://'. $url;
427 $user->url
= clean_param($user->url
, PARAM_URL
);
428 $userdetails['url'] = $user->url
;
431 if (in_array('icq', $userfields) && $user->icq
&& (!isset($hiddenfields['icqnumber']) or $isadmin)) {
432 $userdetails['icq'] = $user->icq
;
435 if (in_array('skype', $userfields) && $user->skype
&& (!isset($hiddenfields['skypeid']) or $isadmin)) {
436 $userdetails['skype'] = $user->skype
;
438 if (in_array('yahoo', $userfields) && $user->yahoo
&& (!isset($hiddenfields['yahooid']) or $isadmin)) {
439 $userdetails['yahoo'] = $user->yahoo
;
441 if (in_array('aim', $userfields) && $user->aim
&& (!isset($hiddenfields['aimid']) or $isadmin)) {
442 $userdetails['aim'] = $user->aim
;
444 if (in_array('msn', $userfields) && $user->msn
&& (!isset($hiddenfields['msnid']) or $isadmin)) {
445 $userdetails['msn'] = $user->msn
;
447 if (in_array('suspended', $userfields) && (!isset($hiddenfields['suspended']) or $isadmin)) {
448 $userdetails['suspended'] = (bool)$user->suspended
;
451 if (in_array('firstaccess', $userfields) && (!isset($hiddenfields['firstaccess']) or $isadmin)) {
452 if ($user->firstaccess
) {
453 $userdetails['firstaccess'] = $user->firstaccess
;
455 $userdetails['firstaccess'] = 0;
458 if (in_array('lastaccess', $userfields) && (!isset($hiddenfields['lastaccess']) or $isadmin)) {
459 if ($user->lastaccess
) {
460 $userdetails['lastaccess'] = $user->lastaccess
;
462 $userdetails['lastaccess'] = 0;
466 if (in_array('email', $userfields) && (
468 or (!isset($hiddenfields['email']) and (
469 $user->maildisplay
== core_user
::MAILDISPLAY_EVERYONE
470 or ($user->maildisplay
== core_user
::MAILDISPLAY_COURSE_MEMBERS_ONLY
and enrol_sharing_course($user, $USER))
471 or $canviewuseremail // TODO: Deprecate/remove for MDL-37479.
473 or in_array('email', $showuseridentityfields)
475 $userdetails['email'] = $user->email
;
478 if (in_array('interests', $userfields)) {
479 $interests = core_tag_tag
::get_item_tags_array('core', 'user', $user->id
, core_tag_tag
::BOTH_STANDARD_AND_NOT
, 0, false);
481 $userdetails['interests'] = join(', ', $interests);
485 // Departement/Institution/Idnumber are not displayed on any profile, however you can get them from editing profile.
486 if (in_array('idnumber', $userfields) && $user->idnumber
) {
487 if (in_array('idnumber', $showuseridentityfields) or $currentuser or
488 has_capability('moodle/user:viewalldetails', $context)) {
489 $userdetails['idnumber'] = $user->idnumber
;
492 if (in_array('institution', $userfields) && $user->institution
) {
493 if (in_array('institution', $showuseridentityfields) or $currentuser or
494 has_capability('moodle/user:viewalldetails', $context)) {
495 $userdetails['institution'] = $user->institution
;
498 // Isset because it's ok to have department 0.
499 if (in_array('department', $userfields) && isset($user->department
)) {
500 if (in_array('department', $showuseridentityfields) or $currentuser or
501 has_capability('moodle/user:viewalldetails', $context)) {
502 $userdetails['department'] = $user->department
;
506 if (in_array('roles', $userfields) && !empty($course)) {
508 $roles = get_user_roles($context, $user->id
, false);
509 $userdetails['roles'] = array();
510 foreach ($roles as $role) {
511 $userdetails['roles'][] = array(
512 'roleid' => $role->roleid
,
513 'name' => $role->name
,
514 'shortname' => $role->shortname
,
515 'sortorder' => $role->sortorder
520 // If groups are in use and enforced throughout the course, then make sure we can meet in at least one course level group.
521 if (in_array('groups', $userfields) && !empty($course) && $canaccessallgroups) {
522 $usergroups = groups_get_all_groups($course->id
, $user->id
, $course->defaultgroupingid
,
523 'g.id, g.name,g.description,g.descriptionformat');
524 $userdetails['groups'] = array();
525 foreach ($usergroups as $group) {
526 list($group->description
, $group->descriptionformat
) =
527 external_format_text($group->description
, $group->descriptionformat
,
528 $context->id
, 'group', 'description', $group->id
);
529 $userdetails['groups'][] = array('id' => $group->id
, 'name' => $group->name
,
530 'description' => $group->description
, 'descriptionformat' => $group->descriptionformat
);
533 // List of courses where the user is enrolled.
534 if (in_array('enrolledcourses', $userfields) && !isset($hiddenfields['mycourses'])) {
535 $enrolledcourses = array();
536 if ($mycourses = enrol_get_users_courses($user->id
, true)) {
537 foreach ($mycourses as $mycourse) {
538 if ($mycourse->category
) {
539 $coursecontext = context_course
::instance($mycourse->id
);
540 $enrolledcourse = array();
541 $enrolledcourse['id'] = $mycourse->id
;
542 $enrolledcourse['fullname'] = format_string($mycourse->fullname
, true, array('context' => $coursecontext));
543 $enrolledcourse['shortname'] = format_string($mycourse->shortname
, true, array('context' => $coursecontext));
544 $enrolledcourses[] = $enrolledcourse;
547 $userdetails['enrolledcourses'] = $enrolledcourses;
552 if (in_array('preferences', $userfields) && $currentuser) {
553 $preferences = array();
554 $userpreferences = get_user_preferences();
555 foreach ($userpreferences as $prefname => $prefvalue) {
556 $preferences[] = array('name' => $prefname, 'value' => $prefvalue);
558 $userdetails['preferences'] = $preferences;
561 if ($currentuser or has_capability('moodle/user:viewalldetails', $context)) {
562 $extrafields = ['auth', 'confirmed', 'lang', 'theme', 'timezone', 'mailformat'];
563 foreach ($extrafields as $extrafield) {
564 if (in_array($extrafield, $userfields) && isset($user->$extrafield)) {
565 $userdetails[$extrafield] = $user->$extrafield;
570 // Clean lang and auth fields for external functions (it may content uninstalled themes or language packs).
571 if (isset($userdetails['lang'])) {
572 $userdetails['lang'] = clean_param($userdetails['lang'], PARAM_LANG
);
574 if (isset($userdetails['theme'])) {
575 $userdetails['theme'] = clean_param($userdetails['theme'], PARAM_THEME
);
582 * Tries to obtain user details, either recurring directly to the user's system profile
583 * or through one of the user's course enrollments (course profile).
585 * @param stdClass $user The user.
586 * @return array if unsuccessful or the allowed user details.
588 function user_get_user_details_courses($user) {
592 // Get the courses that the user is enrolled in (only active).
593 $courses = enrol_get_users_courses($user->id
, true);
595 $systemprofile = false;
596 if (can_view_user_details_cap($user) ||
($user->id
== $USER->id
) ||
has_coursecontact_role($user->id
)) {
597 $systemprofile = true;
600 // Try using system profile.
601 if ($systemprofile) {
602 $userdetails = user_get_user_details($user, null);
604 // Try through course profile.
605 foreach ($courses as $course) {
606 if (can_view_user_details_cap($user, $course) ||
($user->id
== $USER->id
) ||
has_coursecontact_role($user->id
)) {
607 $userdetails = user_get_user_details($user, $course);
616 * Check if $USER have the necessary capabilities to obtain user details.
618 * @param stdClass $user
619 * @param stdClass $course if null then only consider system profile otherwise also consider the course's profile.
620 * @return bool true if $USER can view user details.
622 function can_view_user_details_cap($user, $course = null) {
623 // Check $USER has the capability to view the user details at user context.
624 $usercontext = context_user
::instance($user->id
);
625 $result = has_capability('moodle/user:viewdetails', $usercontext);
626 // Otherwise can $USER see them at course context.
627 if (!$result && !empty($course)) {
628 $context = context_course
::instance($course->id
);
629 $result = has_capability('moodle/user:viewdetails', $context);
635 * Return a list of page types
636 * @param string $pagetype current page type
637 * @param stdClass $parentcontext Block's parent context
638 * @param stdClass $currentcontext Current context of block
641 function user_page_type_list($pagetype, $parentcontext, $currentcontext) {
642 return array('user-profile' => get_string('page-user-profile', 'pagetype'));
646 * Count the number of failed login attempts for the given user, since last successful login.
648 * @param int|stdclass $user user id or object.
649 * @param bool $reset Resets failed login count, if set to true.
651 * @return int number of failed login attempts since the last successful login.
653 function user_count_login_failures($user, $reset = true) {
656 if (!is_object($user)) {
657 $user = $DB->get_record('user', array('id' => $user), '*', MUST_EXIST
);
659 if ($user->deleted
) {
660 // Deleted user, nothing to do.
663 $count = get_user_preferences('login_failed_count_since_success', 0, $user);
665 set_user_preference('login_failed_count_since_success', 0, $user);
671 * Converts a string into a flat array of menu items, where each menu items is a
672 * stdClass with fields type, url, title, pix, and imgsrc.
674 * @param string $text the menu items definition
675 * @param moodle_page $page the current page
678 function user_convert_text_to_menu_items($text, $page) {
679 global $OUTPUT, $CFG;
681 $lines = explode("\n", $text);
687 foreach ($lines as $line) {
689 $bits = explode('|', $line, 3);
691 if (preg_match("/^#+$/", $line)) {
692 $itemtype = 'divider';
693 } else if (!array_key_exists(0, $bits) or empty($bits[0])) {
694 // Every item must have a name to be valid.
697 $bits[0] = ltrim($bits[0], '-');
701 $child = new stdClass();
702 $child->itemtype
= $itemtype;
703 if ($itemtype === 'divider') {
704 // Add the divider to the list of children and skip link
706 $children[] = $child;
711 $namebits = explode(',', $bits[0], 2);
712 if (count($namebits) == 2) {
713 // Check the validity of the identifier part of the string.
714 if (clean_param($namebits[0], PARAM_STRINGID
) !== '') {
715 // Treat this as a language string.
716 $child->title
= get_string($namebits[0], $namebits[1]);
717 $child->titleidentifier
= implode(',', $namebits);
720 if (empty($child->title
)) {
721 // Use it as is, don't even clean it.
722 $child->title
= $bits[0];
723 $child->titleidentifier
= str_replace(" ", "-", $bits[0]);
727 if (!array_key_exists(1, $bits) or empty($bits[1])) {
728 // Set the url to null, and set the itemtype to invalid.
730 $child->itemtype
= "invalid";
732 // Nasty hack to replace the grades with the direct url.
733 if (strpos($bits[1], '/grade/report/mygrades.php') !== false) {
734 $bits[1] = user_mygrades_url();
737 // Make sure the url is a moodle url.
738 $bits[1] = new moodle_url(trim($bits[1]));
740 $child->url
= $bits[1];
744 if (!array_key_exists(2, $bits) or empty($bits[2])) {
746 $child->pix
= $pixpath;
748 // Check for the specified image existing.
749 $pixpath = "t/" . $bits[2];
750 if ($page->theme
->resolve_image_location($pixpath, 'moodle', true)) {
752 $child->pix
= $pixpath;
754 // Treat it like a URL.
756 $child->imgsrc
= $bits[2];
760 // Add this child to the list of children.
761 $children[] = $child;
767 * Get a list of essential user navigation items.
769 * @param stdclass $user user object.
770 * @param moodle_page $page page object.
771 * @param array $options associative array.
773 * - avatarsize=35 (size of avatar image)
774 * @return stdClass $returnobj navigation information object, where:
776 * $returnobj->navitems array array of links where each link is a
777 * stdClass with fields url, title, and
779 * $returnobj->metadata array array of useful user metadata to be
780 * used when constructing navigation;
784 * asotherrole bool whether viewing as another role
785 * rolename string name of the role
788 * These fields are for the currently-logged in user, or for
789 * the user that the real user is currently logged in as.
791 * userid int the id of the user in question
792 * userfullname string the user's full name
793 * userprofileurl moodle_url the url of the user's profile
794 * useravatar string a HTML fragment - the rendered
795 * user_picture for this user
796 * userloginfail string an error string denoting the number
797 * of login failures since last login
800 * These fields are for when asotheruser is true, and
801 * correspond to the underlying "real user".
803 * asotheruser bool whether viewing as another user
804 * realuserid int the id of the user in question
805 * realuserfullname string the user's full name
806 * realuserprofileurl moodle_url the url of the user's profile
807 * realuseravatar string a HTML fragment - the rendered
808 * user_picture for this user
810 * MNET PROVIDER FIELDS
811 * asmnetuser bool whether viewing as a user from an
813 * mnetidprovidername string name of the MNet provider
814 * mnetidproviderwwwroot string URL of the MNet provider
816 function user_get_user_navigation_info($user, $page, $options = array()) {
817 global $OUTPUT, $DB, $SESSION, $CFG;
819 $returnobject = new stdClass();
820 $returnobject->navitems
= array();
821 $returnobject->metadata
= array();
823 $course = $page->course
;
825 // Query the environment.
826 $context = context_course
::instance($course->id
);
828 // Get basic user metadata.
829 $returnobject->metadata
['userid'] = $user->id
;
830 $returnobject->metadata
['userfullname'] = fullname($user, true);
831 $returnobject->metadata
['userprofileurl'] = new moodle_url('/user/profile.php', array(
835 $avataroptions = array('link' => false, 'visibletoscreenreaders' => false);
836 if (!empty($options['avatarsize'])) {
837 $avataroptions['size'] = $options['avatarsize'];
839 $returnobject->metadata
['useravatar'] = $OUTPUT->user_picture (
840 $user, $avataroptions
842 // Build a list of items for a regular user.
844 // Query MNet status.
845 if ($returnobject->metadata
['asmnetuser'] = is_mnet_remote_user($user)) {
846 $mnetidprovider = $DB->get_record('mnet_host', array('id' => $user->mnethostid
));
847 $returnobject->metadata
['mnetidprovidername'] = $mnetidprovider->name
;
848 $returnobject->metadata
['mnetidproviderwwwroot'] = $mnetidprovider->wwwroot
;
851 // Did the user just log in?
852 if (isset($SESSION->justloggedin
)) {
853 // Don't unset this flag as login_info still needs it.
854 if (!empty($CFG->displayloginfailures
)) {
855 // Don't reset the count either, as login_info() still needs it too.
856 if ($count = user_count_login_failures($user, false)) {
858 // Get login failures string.
860 $a->attempts
= html_writer
::tag('span', $count, array('class' => 'value'));
861 $returnobject->metadata
['userloginfail'] =
862 get_string('failedloginattempts', '', $a);
869 $myhome = new stdClass();
870 $myhome->itemtype
= 'link';
871 $myhome->url
= new moodle_url('/my/');
872 $myhome->title
= get_string('mymoodle', 'admin');
873 $myhome->titleidentifier
= 'mymoodle,admin';
874 $myhome->pix
= "i/dashboard";
875 $returnobject->navitems
[] = $myhome;
877 // Links: My Profile.
878 $myprofile = new stdClass();
879 $myprofile->itemtype
= 'link';
880 $myprofile->url
= new moodle_url('/user/profile.php', array('id' => $user->id
));
881 $myprofile->title
= get_string('profile');
882 $myprofile->titleidentifier
= 'profile,moodle';
883 $myprofile->pix
= "i/user";
884 $returnobject->navitems
[] = $myprofile;
886 $returnobject->metadata
['asotherrole'] = false;
888 // Before we add the last items (usually a logout + switch role link), add any
889 // custom-defined items.
890 $customitems = user_convert_text_to_menu_items($CFG->customusermenuitems
, $page);
891 foreach ($customitems as $item) {
892 $returnobject->navitems
[] = $item;
896 if ($returnobject->metadata
['asotheruser'] = \core\session\manager
::is_loggedinas()) {
897 $realuser = \core\session\manager
::get_realuser();
899 // Save values for the real user, as $user will be full of data for the
900 // user the user is disguised as.
901 $returnobject->metadata
['realuserid'] = $realuser->id
;
902 $returnobject->metadata
['realuserfullname'] = fullname($realuser, true);
903 $returnobject->metadata
['realuserprofileurl'] = new moodle_url('/user/profile.php', array(
904 'id' => $realuser->id
906 $returnobject->metadata
['realuseravatar'] = $OUTPUT->user_picture($realuser, $avataroptions);
908 // Build a user-revert link.
909 $userrevert = new stdClass();
910 $userrevert->itemtype
= 'link';
911 $userrevert->url
= new moodle_url('/course/loginas.php', array(
913 'sesskey' => sesskey()
915 $userrevert->pix
= "a/logout";
916 $userrevert->title
= get_string('logout');
917 $userrevert->titleidentifier
= 'logout,moodle';
918 $returnobject->navitems
[] = $userrevert;
922 // Build a logout link.
923 $logout = new stdClass();
924 $logout->itemtype
= 'link';
925 $logout->url
= new moodle_url('/login/logout.php', array('sesskey' => sesskey()));
926 $logout->pix
= "a/logout";
927 $logout->title
= get_string('logout');
928 $logout->titleidentifier
= 'logout,moodle';
929 $returnobject->navitems
[] = $logout;
932 if (is_role_switched($course->id
)) {
933 if ($role = $DB->get_record('role', array('id' => $user->access
['rsw'][$context->path
]))) {
934 // Build role-return link instead of logout link.
935 $rolereturn = new stdClass();
936 $rolereturn->itemtype
= 'link';
937 $rolereturn->url
= new moodle_url('/course/switchrole.php', array(
939 'sesskey' => sesskey(),
941 'returnurl' => $page->url
->out_as_local_url(false)
943 $rolereturn->pix
= "a/logout";
944 $rolereturn->title
= get_string('switchrolereturn');
945 $rolereturn->titleidentifier
= 'switchrolereturn,moodle';
946 $returnobject->navitems
[] = $rolereturn;
948 $returnobject->metadata
['asotherrole'] = true;
949 $returnobject->metadata
['rolename'] = role_get_name($role, $context);
953 // Build switch role link.
954 $roles = get_switchable_roles($context);
955 if (is_array($roles) && (count($roles) > 0)) {
956 $switchrole = new stdClass();
957 $switchrole->itemtype
= 'link';
958 $switchrole->url
= new moodle_url('/course/switchrole.php', array(
961 'returnurl' => $page->url
->out_as_local_url(false)
963 $switchrole->pix
= "i/switchrole";
964 $switchrole->title
= get_string('switchroleto');
965 $switchrole->titleidentifier
= 'switchroleto,moodle';
966 $returnobject->navitems
[] = $switchrole;
970 return $returnobject;
974 * Add password to the list of used hashes for this user.
976 * This is supposed to be used from:
977 * 1/ change own password form
978 * 2/ password reset process
979 * 3/ user signup in auth plugins if password changing supported
981 * @param int $userid user id
982 * @param string $password plaintext password
985 function user_add_password_history($userid, $password) {
988 if (empty($CFG->passwordreuselimit
) or $CFG->passwordreuselimit
< 0) {
992 // Note: this is using separate code form normal password hashing because
993 // we need to have this under control in the future. Also the auth
994 // plugin might not store the passwords locally at all.
996 $record = new stdClass();
997 $record->userid
= $userid;
998 $record->hash
= password_hash($password, PASSWORD_DEFAULT
);
999 $record->timecreated
= time();
1000 $DB->insert_record('user_password_history', $record);
1003 $records = $DB->get_records('user_password_history', array('userid' => $userid), 'timecreated DESC, id DESC');
1004 foreach ($records as $record) {
1006 if ($i > $CFG->passwordreuselimit
) {
1007 $DB->delete_records('user_password_history', array('id' => $record->id
));
1013 * Was this password used before on change or reset password page?
1015 * The $CFG->passwordreuselimit setting determines
1016 * how many times different password needs to be used
1017 * before allowing previously used password again.
1019 * @param int $userid user id
1020 * @param string $password plaintext password
1021 * @return bool true if password reused
1023 function user_is_previously_used_password($userid, $password) {
1026 if (empty($CFG->passwordreuselimit
) or $CFG->passwordreuselimit
< 0) {
1033 $records = $DB->get_records('user_password_history', array('userid' => $userid), 'timecreated DESC, id DESC');
1034 foreach ($records as $record) {
1036 if ($i > $CFG->passwordreuselimit
) {
1037 $DB->delete_records('user_password_history', array('id' => $record->id
));
1040 // NOTE: this is slow but we cannot compare the hashes directly any more.
1041 if (password_verify($password, $record->hash
)) {
1050 * Remove a user device from the Moodle database (for PUSH notifications usually).
1052 * @param string $uuid The device UUID.
1053 * @param string $appid The app id. If empty all the devices matching the UUID for the user will be removed.
1054 * @return bool true if removed, false if the device didn't exists in the database
1057 function user_remove_user_device($uuid, $appid = "") {
1060 $conditions = array('uuid' => $uuid, 'userid' => $USER->id
);
1061 if (!empty($appid)) {
1062 $conditions['appid'] = $appid;
1065 if (!$DB->count_records('user_devices', $conditions)) {
1069 $DB->delete_records('user_devices', $conditions);
1075 * Trigger user_list_viewed event.
1077 * @param stdClass $course course object
1078 * @param stdClass $context course context object
1081 function user_list_view($course, $context) {
1083 $event = \core\event\user_list_viewed
::create(array(
1084 'objectid' => $course->id
,
1085 'courseid' => $course->id
,
1086 'context' => $context,
1088 'courseshortname' => $course->shortname
,
1089 'coursefullname' => $course->fullname
1096 * Returns the url to use for the "Grades" link in the user navigation.
1098 * @param int $userid The user's ID.
1099 * @param int $courseid The course ID if available.
1100 * @return mixed A URL to be directed to for "Grades".
1102 function user_mygrades_url($userid = null, $courseid = SITEID
) {
1105 if (isset($CFG->grade_mygrades_report
) && $CFG->grade_mygrades_report
!= 'external') {
1106 if (isset($userid) && $USER->id
!= $userid) {
1107 // Send to the gradebook report.
1108 $url = new moodle_url('/grade/report/' . $CFG->grade_mygrades_report
. '/index.php',
1109 array('id' => $courseid, 'userid' => $userid));
1111 $url = new moodle_url('/grade/report/' . $CFG->grade_mygrades_report
. '/index.php');
1113 } else if (isset($CFG->grade_mygrades_report
) && $CFG->grade_mygrades_report
== 'external'
1114 && !empty($CFG->gradereport_mygradeurl
)) {
1115 $url = $CFG->gradereport_mygradeurl
;
1117 $url = $CFG->wwwroot
;
1123 * Check if the current user has permission to view details of the supplied user.
1125 * This function supports two modes:
1126 * If the optional $course param is omitted, then this function finds all shared courses and checks whether the current user has
1127 * permission in any of them, returning true if so.
1128 * If the $course param is provided, then this function checks permissions in ONLY that course.
1130 * @param object $user The other user's details.
1131 * @param object $course if provided, only check permissions in this course.
1132 * @param context $usercontext The user context if available.
1133 * @return bool true for ability to view this user, else false.
1135 function user_can_view_profile($user, $course = null, $usercontext = null) {
1138 if ($user->deleted
) {
1142 // Do we need to be logged in?
1143 if (empty($CFG->forceloginforprofiles
)) {
1146 if (!isloggedin() ||
isguestuser()) {
1147 // User is not logged in and forceloginforprofile is set, we need to return now.
1152 // Current user can always view their profile.
1153 if ($USER->id
== $user->id
) {
1157 // Course contacts have visible profiles always.
1158 if (has_coursecontact_role($user->id
)) {
1162 // If we're only checking the capabilities in the single provided course.
1163 if (isset($course)) {
1164 // Confirm that $user is enrolled in the $course we're checking.
1165 if (is_enrolled(context_course
::instance($course->id
), $user)) {
1166 $userscourses = array($course);
1169 // Else we're checking whether the current user can view $user's profile anywhere, so check user context first.
1170 if (empty($usercontext)) {
1171 $usercontext = context_user
::instance($user->id
);
1173 if (has_capability('moodle/user:viewdetails', $usercontext) ||
has_capability('moodle/user:viewalldetails', $usercontext)) {
1176 // This returns context information, so we can preload below.
1177 $userscourses = enrol_get_all_users_courses($user->id
);
1180 if (empty($userscourses)) {
1184 foreach ($userscourses as $userscourse) {
1185 context_helper
::preload_from_record($userscourse);
1186 $coursecontext = context_course
::instance($userscourse->id
);
1187 if (has_capability('moodle/user:viewdetails', $coursecontext) ||
1188 has_capability('moodle/user:viewalldetails', $coursecontext)) {
1189 if (!groups_user_groups_visible($userscourse, $user->id
)) {
1190 // Not a member of the same group.
1200 * Returns users tagged with a specified tag.
1202 * @param core_tag_tag $tag
1203 * @param bool $exclusivemode if set to true it means that no other entities tagged with this tag
1204 * are displayed on the page and the per-page limit may be bigger
1205 * @param int $fromctx context id where the link was displayed, may be used by callbacks
1206 * to display items in the same context first
1207 * @param int $ctx context id where to search for records
1208 * @param bool $rec search in subcontexts as well
1209 * @param int $page 0-based number of page being displayed
1210 * @return \core_tag\output\tagindex
1212 function user_get_tagged_users($tag, $exclusivemode = false, $fromctx = 0, $ctx = 0, $rec = 1, $page = 0) {
1215 if ($ctx && $ctx != context_system
::instance()->id
) {
1218 // Users can only be displayed in system context.
1219 $usercount = $tag->count_tagged_items('core', 'user',
1220 'it.deleted=:notdeleted', array('notdeleted' => 0));
1222 $perpage = $exclusivemode ?
24 : 5;
1224 $totalpages = ceil($usercount / $perpage);
1227 $userlist = $tag->get_tagged_items('core', 'user', $page * $perpage, $perpage,
1228 'it.deleted=:notdeleted', array('notdeleted' => 0));
1229 $renderer = $PAGE->get_renderer('core', 'user');
1230 $content .= $renderer->user_list($userlist, $exclusivemode);
1233 return new core_tag\output\tagindex
($tag, 'core', 'user', $content,
1234 $exclusivemode, $fromctx, $ctx, $rec, $page, $totalpages);
1238 * Returns the SQL used by the participants table.
1240 * @param int $courseid The course id
1241 * @param int $groupid The groupid, 0 means all groups
1242 * @param int $accesssince The time since last access, 0 means any time
1243 * @param int $roleid The role id, 0 means all roles
1244 * @param int $enrolid The enrolment id, 0 means all enrolment methods will be returned.
1245 * @param int $statusid The user enrolment status, -1 means all enrolments regardless of the status will be returned, if allowed.
1246 * @param string|array $search The search that was performed, empty means perform no search
1247 * @param string $additionalwhere Any additional SQL to add to where
1248 * @param array $additionalparams The additional params
1251 function user_get_participants_sql($courseid, $groupid = 0, $accesssince = 0, $roleid = 0, $enrolid = 0, $statusid = -1,
1252 $search = '', $additionalwhere = '', $additionalparams = array()) {
1256 $context = \context_course
::instance($courseid, MUST_EXIST
);
1258 $isfrontpage = ($courseid == SITEID
);
1260 // Default filter settings. We only show active by default, especially if the user has no capability to review enrolments.
1262 $onlysuspended = false;
1263 if (has_capability('moodle/course:enrolreview', $context)) {
1264 switch ($statusid) {
1265 case ENROL_USER_ACTIVE
:
1266 // Nothing to do here.
1268 case ENROL_USER_SUSPENDED
:
1269 $onlyactive = false;
1270 $onlysuspended = true;
1273 // If the user has capability to review user enrolments, but statusid is set to -1, set $onlyactive to false.
1274 $onlyactive = false;
1279 list($esql, $params) = get_enrolled_sql($context, null, $groupid, $onlyactive, $onlysuspended, $enrolid);
1281 $joins = array('FROM {user} u');
1284 $userfields = get_extra_user_fields($context);
1285 $userfieldssql = user_picture
::fields('u', $userfields);
1288 $select = "SELECT $userfieldssql, u.lastaccess";
1289 $joins[] = "JOIN ($esql) e ON e.id = u.id"; // Everybody on the frontpage usually.
1291 $wheres[] = user_get_user_lastaccess_sql($accesssince);
1294 $select = "SELECT $userfieldssql, COALESCE(ul.timeaccess, 0) AS lastaccess";
1295 $joins[] = "JOIN ($esql) e ON e.id = u.id"; // Course enrolled users only.
1296 // Not everybody has accessed the course yet.
1297 $joins[] = 'LEFT JOIN {user_lastaccess} ul ON (ul.userid = u.id AND ul.courseid = :courseid)';
1298 $params['courseid'] = $courseid;
1300 $wheres[] = user_get_course_lastaccess_sql($accesssince);
1304 // Performance hacks - we preload user contexts together with accounts.
1305 $ccselect = ', ' . context_helper
::get_preload_record_columns_sql('ctx');
1306 $ccjoin = 'LEFT JOIN {context} ctx ON (ctx.instanceid = u.id AND ctx.contextlevel = :contextlevel)';
1307 $params['contextlevel'] = CONTEXT_USER
;
1308 $select .= $ccselect;
1311 // Limit list to users with some role only.
1313 // We want to query both the current context and parent contexts.
1314 list($relatedctxsql, $relatedctxparams) = $DB->get_in_or_equal($context->get_parent_context_ids(true),
1315 SQL_PARAMS_NAMED
, 'relatedctx');
1317 $wheres[] = "u.id IN (SELECT userid FROM {role_assignments} WHERE roleid = :roleid AND contextid $relatedctxsql)";
1318 $params = array_merge($params, array('roleid' => $roleid), $relatedctxparams);
1321 if (!empty($search)) {
1322 if (!is_array($search)) {
1323 $search = [$search];
1325 foreach ($search as $index => $keyword) {
1326 $searchkey1 = 'search' . $index . '1';
1327 $searchkey2 = 'search' . $index . '2';
1328 $searchkey3 = 'search' . $index . '3';
1329 $searchkey4 = 'search' . $index . '4';
1330 $searchkey5 = 'search' . $index . '5';
1331 $searchkey6 = 'search' . $index . '6';
1332 $searchkey7 = 'search' . $index . '7';
1334 $conditions = array();
1335 // Search by fullname.
1336 $fullname = $DB->sql_fullname('u.firstname', 'u.lastname');
1337 $conditions[] = $DB->sql_like($fullname, ':' . $searchkey1, false, false);
1340 $email = $DB->sql_like('email', ':' . $searchkey2, false, false);
1341 if (!in_array('email', $userfields)) {
1342 $maildisplay = 'maildisplay' . $index;
1343 $userid1 = 'userid' . $index . '1';
1344 // Prevent users who hide their email address from being found by others
1345 // who aren't allowed to see hidden email addresses.
1346 $email = "(". $email ." AND (" .
1347 "u.maildisplay <> :$maildisplay " .
1348 "OR u.id = :$userid1". // User can always find himself.
1350 $params[$maildisplay] = core_user
::MAILDISPLAY_HIDE
;
1351 $params[$userid1] = $USER->id
;
1353 $conditions[] = $email;
1355 // Search by idnumber.
1356 $idnumber = $DB->sql_like('idnumber', ':' . $searchkey3, false, false);
1357 if (!in_array('idnumber', $userfields)) {
1358 $userid2 = 'userid' . $index . '2';
1359 // Users who aren't allowed to see idnumbers should at most find themselves
1360 // when searching for an idnumber.
1361 $idnumber = "(". $idnumber . " AND u.id = :$userid2)";
1362 $params[$userid2] = $USER->id
;
1364 $conditions[] = $idnumber;
1366 // Search by middlename.
1367 $middlename = $DB->sql_like('middlename', ':' . $searchkey4, false, false);
1368 $conditions[] = $middlename;
1370 // Search by alternatename.
1371 $alternatename = $DB->sql_like('alternatename', ':' . $searchkey5, false, false);
1372 $conditions[] = $alternatename;
1374 // Search by firstnamephonetic.
1375 $firstnamephonetic = $DB->sql_like('firstnamephonetic', ':' . $searchkey6, false, false);
1376 $conditions[] = $firstnamephonetic;
1378 // Search by lastnamephonetic.
1379 $lastnamephonetic = $DB->sql_like('lastnamephonetic', ':' . $searchkey7, false, false);
1380 $conditions[] = $lastnamephonetic;
1382 $wheres[] = "(". implode(" OR ", $conditions) .") ";
1383 $params[$searchkey1] = "%$keyword%";
1384 $params[$searchkey2] = "%$keyword%";
1385 $params[$searchkey3] = "%$keyword%";
1386 $params[$searchkey4] = "%$keyword%";
1387 $params[$searchkey5] = "%$keyword%";
1388 $params[$searchkey6] = "%$keyword%";
1389 $params[$searchkey7] = "%$keyword%";
1393 if (!empty($additionalwhere)) {
1394 $wheres[] = $additionalwhere;
1395 $params = array_merge($params, $additionalparams);
1398 $from = implode("\n", $joins);
1400 $where = 'WHERE ' . implode(' AND ', $wheres);
1405 return array($select, $from, $where, $params);
1409 * Returns the total number of participants for a given course.
1411 * @param int $courseid The course id
1412 * @param int $groupid The groupid, 0 means all groups
1413 * @param int $accesssince The time since last access, 0 means any time
1414 * @param int $roleid The role id, 0 means all roles
1415 * @param int $enrolid The applied filter for the user enrolment ID.
1416 * @param int $status The applied filter for the user's enrolment status.
1417 * @param string|array $search The search that was performed, empty means perform no search
1418 * @param string $additionalwhere Any additional SQL to add to where
1419 * @param array $additionalparams The additional params
1422 function user_get_total_participants($courseid, $groupid = 0, $accesssince = 0, $roleid = 0, $enrolid = 0, $statusid = -1,
1423 $search = '', $additionalwhere = '', $additionalparams = array()) {
1426 list($select, $from, $where, $params) = user_get_participants_sql($courseid, $groupid, $accesssince, $roleid, $enrolid,
1427 $statusid, $search, $additionalwhere, $additionalparams);
1429 return $DB->count_records_sql("SELECT COUNT(u.id) $from $where", $params);
1433 * Returns the participants for a given course.
1435 * @param int $courseid The course id
1436 * @param int $groupid The group id
1437 * @param int $accesssince The time since last access
1438 * @param int $roleid The role id
1439 * @param int $enrolid The applied filter for the user enrolment ID.
1440 * @param int $status The applied filter for the user's enrolment status.
1441 * @param string $search The search that was performed
1442 * @param string $additionalwhere Any additional SQL to add to where
1443 * @param array $additionalparams The additional params
1444 * @param string $sort The SQL sort
1445 * @param int $limitfrom return a subset of records, starting at this point (optional).
1446 * @param int $limitnum return a subset comprising this many records (optional, required if $limitfrom is set).
1447 * @return moodle_recordset
1449 function user_get_participants($courseid, $groupid = 0, $accesssince, $roleid, $enrolid = 0, $statusid, $search,
1450 $additionalwhere = '', $additionalparams = array(), $sort = '', $limitfrom = 0, $limitnum = 0) {
1453 list($select, $from, $where, $params) = user_get_participants_sql($courseid, $groupid, $accesssince, $roleid, $enrolid,
1454 $statusid, $search, $additionalwhere, $additionalparams);
1456 return $DB->get_recordset_sql("$select $from $where $sort", $params, $limitfrom, $limitnum);
1460 * Returns SQL that can be used to limit a query to a period where the user last accessed a course.
1462 * @param int $accesssince The time since last access
1463 * @param string $tableprefix
1466 function user_get_course_lastaccess_sql($accesssince = null, $tableprefix = 'ul') {
1467 if (empty($accesssince)) {
1471 if ($accesssince == -1) { // Never.
1472 return $tableprefix . '.timeaccess = 0';
1474 return $tableprefix . '.timeaccess != 0 AND ul.timeaccess < ' . $accesssince;
1479 * Returns SQL that can be used to limit a query to a period where the user last accessed the system.
1481 * @param int $accesssince The time since last access
1482 * @param string $tableprefix
1485 function user_get_user_lastaccess_sql($accesssince = null, $tableprefix = 'u') {
1486 if (empty($accesssince)) {
1490 if ($accesssince == -1) { // Never.
1491 return $tableprefix . '.lastaccess = 0';
1493 return $tableprefix . '.lastaccess != 0 AND u.lastaccess < ' . $accesssince;
1498 * Callback for inplace editable API.
1500 * @param string $itemtype - Only user_roles is supported.
1501 * @param string $itemid - Courseid and userid separated by a :
1502 * @param string $newvalue - json encoded list of roleids.
1503 * @return \core\output\inplace_editable
1505 function core_user_inplace_editable($itemtype, $itemid, $newvalue) {
1506 if ($itemtype === 'user_roles') {
1507 return \core_user\output\user_roles_editable
::update($itemid, $newvalue);